the1dbg
2014-07-25, 00:22
Here are the logs that were specified in the Win32.Downloader.gen FAQ.
HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
BrowseFox: [SBI $A65521ED] Settings (Registry key, fixed)
HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, fixing failed)
C:\Users\tatiana\AppData\Local\Conduit\
DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by tatiana (administrator) on TATIANA2650 on 24-07-2014 13:45:12
Running from E:\
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\glindorus\updateglindorus.exe
() C:\Program Files (x86)\glindorus\bin\utilglindorus.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\glindorus\bin\glindorus.PurBrowse64.exe
() C:\Program Files (x86)\glindorus\bin\glindorus.BrowserAdapter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Tango Inc.) C:\Program Files (x86)\Tango\Tango.exe
(The Weather Channel) C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
() C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
(Weather Notifications, LLC) C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DellWPF] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-08-08] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-08-08] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-02-08] (APN)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36151360 2014-02-23] (ooVoo LLC)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [DW7] => C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe [13103104 2013-09-22] (The Weather Channel)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\tatiana\AppData\Local\Conduit\BackgroundContainer\Backg (the data entry has 27 more characters). <===== ATTENTION
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\MountPoints2: {e9edd155-cd5d-11e2-be6a-806e6f6e6963} - "D:\Autorun.exe"
Startup: C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
Startup: C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=2159&gct=hp
URLSearchHook: HKLM-x32 - Installl Converter A Toolbar - {f84db37a-ae6f-423b-9f51-14b5ec10c879} - C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
SearchScopes: HKLM - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - {3000D426-06D5-4132-9989-F3B98E2B8AE9} URL = http://www.search.ask.com/web?tpid=OVO2&o=2159&pf=V5&p2=%5EA2E%5EYYYYYY%5EYY%5EUS&gct=&itbv=12.10.2.4129&apn_uid=43cf89ed-339d-417d-8b02-cefe02dc30b7&apn_ptnrs=%5EA2E&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=Null_64_9.10.9200.16580&doi=2013-06-07&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKCU - {43E35495-336C-4BF7-84B3-1473D9CD484C} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311834&CUI=UN20610225992684773&UM=2
SearchScopes: HKCU - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL =
SearchScopes: HKCU - {C3625750-9A67-437E-BD67-B8AE4D139985} URL = http://rts.dsrlte.com/?q={searchTerms}&r=113
BHO: Plus-HD-1.6 -> {11111111-1111-1111-1111-110311201102} -> C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll (Plus HD)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
BHO-x32: Plus-HD-1.6 -> {11111111-1111-1111-1111-110311201102} -> C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
BHO-x32: ArcadeParlor Games -> {39AD0726-986D-40F9-972B-E3BFA24B7745} -> C:\Users\tatiana\AppData\Local\ArcadeParlor\Arcadeparlor.dll ()
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: GreatArcadeHits Add-on -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} -> C:\Users\tatiana\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport.dll (APN LLC.)
BHO-x32: WeCareReminder Class -> {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} -> C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: Installl Converter A Toolbar -> {f84db37a-ae6f-423b-9f51-14b5ec10c879} -> C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Installl Converter A Toolbar - {f84db37a-ae6f-423b-9f51-14b5ec10c879} - C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {F84DB37A-AE6F-423B-9F51-14B5EC10C879} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: ArcadeParlor - C:\Users\tatiana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2013-11-10]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\tatiana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}
FF Extension: GreatArcadeHits Add-on - C:\Users\tatiana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} [2013-10-24]
Chrome:
=======
CHR HomePage: hxxp://rts.dsrlte.com
CHR StartupUrls: "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-02]
CHR Extension: (Google Drive) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (YouTube) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-02]
CHR Extension: (Google Search) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-02]
CHR Extension: (HP Smart Print) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-02]
CHR Extension: (Gmail) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-02]
CHR HKLM-x32\...\Chrome\Extension: [llmcibonccojooiboenghfafpieoabpl] - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx [2014-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-08] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [211072 2012-08-08] (Qualcomm Atheros Commnucations)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-12] (SoftThinks SAS)
R2 Update glindorus; C:\Program Files (x86)\glindorus\updateglindorus.exe [321824 2014-07-22] ()
R2 Util glindorus; C:\Program Files (x86)\glindorus\bin\utilglindorus.exe [321824 2014-07-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-08-07] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)
R1 {26d264d2-014c-4f07-bf2c-ebf9aed40cef}Gw64; C:\Windows\System32\drivers\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}Gw64.sys [61112 2014-04-24] (StdLib)
R1 {26d264d2-014c-4f07-bf2c-ebf9aed40cef}w64; C:\Windows\System32\drivers\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}w64.sys [61112 2014-06-09] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-24 13:44 - 2014-07-24 13:45 - 00000000 ____D () C:\FRST
2014-07-24 13:43 - 2014-07-24 13:43 - 00000207 _____ () C:\windows\tweaking.com-regbackup-TATIANA2650-Microsoft-Windows-8-(64-bit).dat
2014-07-24 13:42 - 2014-07-24 13:42 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\RegBackup
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-24 13:40 - 2014-07-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-24 13:38 - 2014-07-24 13:38 - 00000000 ___RD () C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 13:36 - 2014-07-24 13:36 - 00001006 _____ () C:\Users\tatiana\Documents\chris_fix.txt
2014-07-20 19:18 - 2014-07-20 19:18 - 00000112 _____ () C:\windows\wininit.ini
2014-07-20 17:22 - 2014-07-20 17:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00001264 _____ () C:\Users\tatiana\Desktop\Spybot - Search & Destroy.lnk
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-20 16:27 - 2014-07-20 16:28 - 00291288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-17 14:43 - 2014-06-26 15:53 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-17 14:43 - 2014-06-26 15:53 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-11 19:00 - 2014-06-30 17:42 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-11 19:00 - 2014-06-30 17:42 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-07-11 18:59 - 2014-06-30 17:42 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-07-11 18:59 - 2014-06-27 22:35 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-09 14:27 - 2014-06-17 18:27 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-09 14:27 - 2014-06-17 18:24 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-09 14:27 - 2014-06-10 23:18 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-09 14:27 - 2014-06-02 17:33 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-07-09 14:27 - 2014-05-29 18:31 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-07-09 14:27 - 2014-05-29 18:03 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-07-09 14:27 - 2014-05-29 18:02 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-09 14:27 - 2014-05-29 18:02 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-07-09 14:27 - 2014-05-03 01:34 - 06974808 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-09 14:27 - 2014-05-03 01:33 - 01824808 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-07-09 14:27 - 2014-05-02 23:51 - 01408976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-07-09 14:27 - 2014-05-01 17:37 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-07-09 14:27 - 2014-04-29 17:32 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-07-09 14:27 - 2014-04-29 17:32 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-07-09 14:27 - 2014-04-23 18:51 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-09 14:27 - 2014-04-23 18:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:27 - 2014-04-23 18:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-09 14:27 - 2014-04-23 18:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:27 - 2014-02-07 23:34 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-07-09 14:26 - 2014-06-18 21:12 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-09 14:26 - 2014-06-18 21:11 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-09 14:26 - 2014-06-18 21:11 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-09 14:26 - 2014-06-18 21:11 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-09 14:26 - 2014-06-18 21:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-09 14:26 - 2014-06-18 19:53 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-09 14:26 - 2014-06-18 19:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-09 14:26 - 2014-06-18 19:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-09 14:26 - 2014-06-18 19:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-09 14:26 - 2014-06-18 17:05 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-07-09 14:25 - 2014-06-06 09:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-09 14:25 - 2014-06-06 05:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-09 14:25 - 2014-05-29 17:24 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-04 22:40 - 2014-07-24 13:38 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-24 13:45 - 2014-07-24 13:44 - 00000000 ____D () C:\FRST
2014-07-24 13:45 - 2013-01-14 15:37 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-07-24 13:43 - 2014-07-24 13:43 - 00000207 _____ () C:\windows\tweaking.com-regbackup-TATIANA2650-Microsoft-Windows-8-(64-bit).dat
2014-07-24 13:42 - 2014-07-24 13:42 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\RegBackup
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-24 13:42 - 2012-07-26 02:21 - 00023922 _____ () C:\windows\setupact.log
2014-07-24 13:41 - 2013-06-03 22:54 - 01636358 _____ () C:\windows\WindowsUpdate.log
2014-07-24 13:40 - 2014-07-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-24 13:39 - 2013-11-10 17:09 - 00000000 ____D () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts
2014-07-24 13:38 - 2014-07-24 13:38 - 00000000 ___RD () C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 13:38 - 2014-07-04 22:40 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
2014-07-24 13:38 - 2014-03-02 16:07 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001324 _____ () C:\windows\Tasks\Plus-HD-1.6-updater.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001226 _____ () C:\windows\Tasks\Plus-HD-1.6-codedownloader.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001126 _____ () C:\windows\Tasks\Plus-HD-1.6-enabler.job
2014-07-24 13:38 - 2012-07-26 00:26 - 00000226 _____ () C:\windows\win.ini
2014-07-24 13:37 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-24 13:37 - 2012-07-26 00:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-07-24 13:36 - 2014-07-24 13:36 - 00001006 _____ () C:\Users\tatiana\Documents\chris_fix.txt
2014-07-24 13:00 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-24 12:55 - 2014-03-02 16:07 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 14:53 - 2013-10-24 17:54 - 00000304 _____ () C:\windows\Tasks\GreatArcadeHits.job
2014-07-22 18:42 - 2013-11-10 17:09 - 00000304 _____ () C:\windows\Tasks\ArcadeParlor.job
2014-07-22 18:00 - 2014-03-02 16:09 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-22 17:31 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-07-20 19:20 - 2013-01-14 17:00 - 00180414 _____ () C:\windows\PFRO.log
2014-07-20 19:18 - 2014-07-20 19:18 - 00000112 _____ () C:\windows\wininit.ini
2014-07-20 19:18 - 2013-10-15 17:51 - 00000000 ____D () C:\Users\tatiana\AppData\Local\Conduit
2014-07-20 17:25 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00001264 _____ () C:\Users\tatiana\Desktop\Spybot - Search & Destroy.lnk
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-20 17:06 - 2013-06-07 10:30 - 00000000 ____D () C:\Users\tatiana\AppData\Local\CrashDumps
2014-07-20 16:28 - 2014-07-20 16:27 - 00291288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-17 15:02 - 2013-06-08 16:23 - 00000000 ____D () C:\Users\tatiana\AppData\Roaming\PCDr
2014-07-17 14:49 - 2012-07-26 02:28 - 00850046 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-07-17 14:38 - 2012-07-26 02:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 22:31 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-13 22:28 - 2013-07-22 12:15 - 00000000 ____D () C:\windows\system32\MRT
2014-07-13 22:24 - 2013-06-06 21:35 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-12 16:51 - 2013-06-04 00:59 - 00000000 ____D () C:\Users\tatiana\AppData\Local\softthinks
2014-07-11 18:50 - 2013-06-03 22:54 - 00000000 ____D () C:\Users\tatiana
2014-07-09 13:28 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-05 08:58 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-04 23:52 - 2013-10-24 17:54 - 00000000 ____D () C:\Users\tatiana\AppData\Local\GreatArcadeHits
2014-06-30 17:42 - 2014-07-11 19:00 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-30 17:42 - 2014-07-11 19:00 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-06-30 17:42 - 2014-07-11 18:59 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-06-28 15:41 - 2013-11-10 17:09 - 00000000 ____D () C:\Users\tatiana\AppData\Local\ArcadeParlor
2014-06-27 22:35 - 2014-07-11 18:59 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-26 15:53 - 2014-07-17 14:43 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:53 - 2014-07-17 14:43 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-22 17:21
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by tatiana at 2014-07-24 13:46:56
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AbiWord 2.6.4 (HKLM-x32\...\AbiWord2) (Version: 2.6.4 - AbiSource Developers)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcadeParlor (HKCU\...\{B74443DB-5A88-4583-860A-F0D06EF399E3}) (Version: - ArcadeParlor)
Ask Toolbar (HKLM-x32\...\{4F564F32-0076-A76A-76A7-A758B70C0A02}) (Version: 12.10.2.4129 - APN, LLC) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 23.4.1.0 - COMODO)
CWA Reminder by We-Care.com v4.1.24.3 (HKLM-x32\...\{0228288D-975E-42F7-9993-E91A82E6BBD9}) (Version: 4.1.24.3 - We-Care.com)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.17 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
glindorus 1.0.0 (HKLM\...\glindorus) (Version: 1.0.0 - glindorus) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GreatArcadeHits (HKCU\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
HP Officejet 4630 series Basic Device Software (HKLM\...\{29B1CB33-32C3-4762-85DA-8CEADDC36EA7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Installl Converter A Toolbar for IE (HKLM-x32\...\IECT3311834) (Version: 6.17.0.33 - Installl Converter A)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2849 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.3001 - ooVoo LLC.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plus-HD-1.6 (HKLM-x32\...\Plus-HD-1.6) (Version: 1.28.153.5 - Plus HD) <==== ATTENTION
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{B1D45D48-A4D4-495F-A693-681EA9846754}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6741 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Tango (HKCU\...\Tango) (Version: 1.6.14117 - TangoMe, Inc.)
The Weather Channel App (HKLM-x32\...\The Weather Channel App) (Version: - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID entries: ==========================
(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-07-2014 19:56:30 Windows Update
14-07-2014 00:38:32 Windows Update
23-07-2014 21:10:47 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0778355F-9224-45C5-B95A-3A3EDA245481} - System32\Tasks\Titanium Installation => D:\setup.exe
Task: {1288ACED-7A87-4780-AD1E-33647E440B35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2A707B02-5540-4B65-86AF-2D97EE306365} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {40F12069-EF86-4ECD-9A2D-F4DA1E87F109} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {41D3641C-CAE3-42A8-9039-383D46CF1C15} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-13] (Microsoft Corporation)
Task: {57239CD5-F958-43F5-8456-E21283DAD8FF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5EB39D17-5ECE-4FC3-B01D-013CB3BB8334} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {7508AA55-4F66-4824-B6CE-095E43DEA487} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {7717C6A6-3907-4204-B79C-3C82B5AB26FE} - System32\Tasks\Plus-HD-1.6-updater => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe [2013-10-24] (Plus HD)
Task: {821DBF9A-447C-4121-85D2-F9A05570E0A8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {920D4D8F-3914-4922-8AFE-490BBB8BDEB2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {92F68220-481A-4738-AF13-02963B36FFBA} - System32\Tasks\ArcadeParlor => C:\Users\tatiana\AppData\Local\ArcadeParlor\versioncheck.exe [2014-06-28] ()
Task: {9FE7090D-8A12-4010-9372-1F57DAE6798D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02] (Google Inc.)
Task: {A6408AD5-1E9E-43F5-BAFA-A3C0C9FB45B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B4259671-5ACB-4D33-954D-803B9E950CB2} - System32\Tasks\Plus-HD-1.6-enabler => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe [2013-10-24] (Plus HD)
Task: {B862537C-CAF0-42B2-853F-5F7B9AD9A22E} - System32\Tasks\GreatArcadeHits => C:\Users\tatiana\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2014-07-04] () <==== ATTENTION
Task: {C1FAE1CD-AF1C-4831-987D-8D820818E441} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-10-24] (Plus HD)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FA3E0F37-DB40-4397-A64D-4FA84CC18A69} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {FB26536C-046B-49F2-BD80-2DFCC3590329} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\tatiana\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Task: C:\windows\Tasks\ArcadeParlor.job => C:\Users\tatiana\AppData\Local\ArcadeParlor\versioncheck.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GreatArcadeHits.job => C:\Users\tatiana\AppData\Local\GreatArcadeHits\GAHUpdate.exe
Task: C:\windows\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe
Task: C:\windows\Tasks\Plus-HD-1.6-enabler.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe
Task: C:\windows\Tasks\Plus-HD-1.6-updater.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe
==================== Loaded Modules (whitelisted) =============
2012-12-24 06:30 - 2012-12-24 06:30 - 01868432 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2013-01-14 15:32 - 2012-04-24 21:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-04 20:02 - 2014-07-22 18:33 - 00321824 _____ () C:\Program Files (x86)\glindorus\updateglindorus.exe
2013-10-26 14:24 - 2014-07-22 18:32 - 00321824 _____ () C:\Program Files (x86)\glindorus\bin\utilglindorus.exe
2014-05-01 18:36 - 2014-07-03 16:11 - 00287008 _____ () C:\Program Files (x86)\glindorus\bin\glindorus.PurBrowse64.exe
2014-05-01 18:37 - 2014-07-22 18:53 - 00096544 _____ () C:\Program Files (x86)\glindorus\bin\glindorus.BrowserAdapter.exe
2013-06-07 12:04 - 2013-06-07 12:06 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-08 15:11 - 2012-08-08 15:11 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2013-01-14 16:23 - 2012-08-27 02:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00348384 _____ () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00076000 _____ () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-14 03:43 - 2011-04-14 03:43 - 08448512 _____ () C:\Program Files (x86)\Tango\QtGui4.dll
2011-04-14 03:35 - 2011-04-14 03:35 - 02346496 _____ () C:\Program Files (x86)\Tango\QtCore4.dll
2011-04-14 03:50 - 2011-04-14 03:50 - 00113152 _____ () C:\Program Files (x86)\Tango\QtMultimedia4.dll
2011-04-14 03:36 - 2011-04-14 03:36 - 00859648 _____ () C:\Program Files (x86)\Tango\QtNetwork4.dll
2011-04-14 04:58 - 2011-04-14 04:58 - 11159040 _____ () C:\Program Files (x86)\Tango\QtWebKit4.dll
2011-08-09 05:31 - 2011-08-09 05:31 - 00054784 _____ () C:\Program Files (x86)\Tango\CrashRpt.dll
2011-04-14 03:49 - 2011-04-14 03:49 - 00270336 _____ () C:\Program Files (x86)\Tango\phonon4.dll
2013-01-14 15:30 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-27 22:51 - 2014-02-27 22:51 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2013-01-14 15:37 - 2012-09-12 22:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-01-14 15:37 - 2012-08-06 11:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-01-14 15:37 - 2012-08-06 11:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2013-01-14 15:22 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2014 01:21:36 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
Error: (07/24/2014 01:21:04 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (07/24/2014 01:04:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406
System errors:
=============
Error: (07/24/2014 01:40:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 06:34:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 06:30:43 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:43 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 05:07:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 05:05:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:46:13 PM on 7/22/2014 was unexpected.
Microsoft Office Sessions:
=========================
Error: (07/24/2014 01:21:36 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2
Error: (07/24/2014 01:21:04 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*C:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllC:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8
Error: (07/24/2014 01:04:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3965.27 MB
Available physical RAM: 2426.34 MB
Total Pagefile: 4861.27 MB
Available Pagefile: 3175.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.98 GB) (Free:397.74 GB) NTFS
Drive e: (USB20FD) (Removable) (Total:15.22 GB) (Free:15.21 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:12.64 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5A14010D)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-24 13:55:09
-----------------------------
13:55:09.001 OS Version: Windows x64 6.2.9200
13:55:09.002 Number of processors: 2 586 0x3A09
13:55:09.004 ComputerName: TATIANA2650 UserName: tatiana
13:55:11.231 Initialize success
13:55:11.314 VM: initialized successfully
13:55:11.339 VM: Intel CPU supported
13:55:20.158 VM: disk I/O iaStorA.sys
13:58:24.345 AVAST engine defs: 14072400
13:59:50.698 The log file has been saved successfully to "E:\aswMBR.txt"
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-24 13:55:09
-----------------------------
13:55:09.001 OS Version: Windows x64 6.2.9200
13:55:09.002 Number of processors: 2 586 0x3A09
13:55:09.004 ComputerName: TATIANA2650 UserName: tatiana
13:55:11.231 Initialize success
13:55:11.314 VM: initialized successfully
13:55:11.339 VM: Intel CPU supported
13:55:20.158 VM: disk I/O iaStorA.sys
13:58:24.345 AVAST engine defs: 14072400
13:59:50.698 The log file has been saved successfully to "E:\aswMBR.txt"
14:00:33.190 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000032
14:00:33.196 Disk 0 Vendor: ST500LT012-9WS142 0001SDM1 Size: 476940MB BusType: 11
14:00:33.315 Disk 0 MBR read successfully
14:00:33.323 Disk 0 MBR scan
14:00:33.340 Disk 0 unknown MBR code
14:00:33.349 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
14:00:33.468 Disk 0 scanning C:\windows\system32\drivers
14:01:00.192 Service scanning
14:01:56.986 Modules scanning
14:01:57.342 Disk 0 trace - called modules:
14:01:57.364 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
14:01:57.376 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006084060]
14:01:57.388 3 CLASSPNP.SYS[fffff88000b08e0a] -> nt!IofCallDriver -> \Device\00000032[0xfffffa8004d69060]
14:01:58.905 AVAST engine scan C:\windows
14:02:02.388 AVAST engine scan C:\windows\system32
14:08:24.351 AVAST engine scan C:\windows\system32\drivers
14:08:55.956 AVAST engine scan C:\Users\tatiana
14:45:07.340 AVAST engine scan C:\ProgramData
14:49:01.452 Scan finished successfully
14:50:20.215 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
14:50:20.263 The log file has been saved successfully to "E:\aswMBR.txt"
HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
BrowseFox: [SBI $A65521ED] Settings (Registry key, fixed)
HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, fixing failed)
C:\Users\tatiana\AppData\Local\Conduit\
DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by tatiana (administrator) on TATIANA2650 on 24-07-2014 13:45:12
Running from E:\
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\glindorus\updateglindorus.exe
() C:\Program Files (x86)\glindorus\bin\utilglindorus.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\glindorus\bin\glindorus.PurBrowse64.exe
() C:\Program Files (x86)\glindorus\bin\glindorus.BrowserAdapter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Tango Inc.) C:\Program Files (x86)\Tango\Tango.exe
(The Weather Channel) C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
() C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
(Weather Notifications, LLC) C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DellWPF] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-08-08] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-08-08] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-02-08] (APN)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36151360 2014-02-23] (ooVoo LLC)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [DW7] => C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe [13103104 2013-09-22] (The Weather Channel)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\tatiana\AppData\Local\Conduit\BackgroundContainer\Backg (the data entry has 27 more characters). <===== ATTENTION
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3233409102-1572755282-2613258542-1001\...\MountPoints2: {e9edd155-cd5d-11e2-be6a-806e6f6e6963} - "D:\Autorun.exe"
Startup: C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
Startup: C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=2159&gct=hp
URLSearchHook: HKLM-x32 - Installl Converter A Toolbar - {f84db37a-ae6f-423b-9f51-14b5ec10c879} - C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
SearchScopes: HKLM - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - {3000D426-06D5-4132-9989-F3B98E2B8AE9} URL = http://www.search.ask.com/web?tpid=OVO2&o=2159&pf=V5&p2=%5EA2E%5EYYYYYY%5EYY%5EUS&gct=&itbv=12.10.2.4129&apn_uid=43cf89ed-339d-417d-8b02-cefe02dc30b7&apn_ptnrs=%5EA2E&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=Null_64_9.10.9200.16580&doi=2013-06-07&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKCU - {43E35495-336C-4BF7-84B3-1473D9CD484C} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311834&CUI=UN20610225992684773&UM=2
SearchScopes: HKCU - {81221284-1B33-4191-9C57-B3DC68CC8ADF} URL =
SearchScopes: HKCU - {C3625750-9A67-437E-BD67-B8AE4D139985} URL = http://rts.dsrlte.com/?q={searchTerms}&r=113
BHO: Plus-HD-1.6 -> {11111111-1111-1111-1111-110311201102} -> C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll (Plus HD)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
BHO-x32: Plus-HD-1.6 -> {11111111-1111-1111-1111-110311201102} -> C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
BHO-x32: ArcadeParlor Games -> {39AD0726-986D-40F9-972B-E3BFA24B7745} -> C:\Users\tatiana\AppData\Local\ArcadeParlor\Arcadeparlor.dll ()
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: GreatArcadeHits Add-on -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} -> C:\Users\tatiana\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport.dll (APN LLC.)
BHO-x32: WeCareReminder Class -> {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} -> C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: Installl Converter A Toolbar -> {f84db37a-ae6f-423b-9f51-14b5ec10c879} -> C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Installl Converter A Toolbar - {f84db37a-ae6f-423b-9f51-14b5ec10c879} - C:\Program Files (x86)\Installl_Converter_A\prxtbInst.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {F84DB37A-AE6F-423B-9F51-14B5EC10C879} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: ArcadeParlor - C:\Users\tatiana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2013-11-10]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\tatiana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}
FF Extension: GreatArcadeHits Add-on - C:\Users\tatiana\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} [2013-10-24]
Chrome:
=======
CHR HomePage: hxxp://rts.dsrlte.com
CHR StartupUrls: "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-02]
CHR Extension: (Google Drive) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (YouTube) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-02]
CHR Extension: (Google Search) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-02]
CHR Extension: (HP Smart Print) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-02]
CHR Extension: (Gmail) - C:\Users\tatiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-02]
CHR HKLM-x32\...\Chrome\Extension: [llmcibonccojooiboenghfafpieoabpl] - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx [2014-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-08] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [211072 2012-08-08] (Qualcomm Atheros Commnucations)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-12] (SoftThinks SAS)
R2 Update glindorus; C:\Program Files (x86)\glindorus\updateglindorus.exe [321824 2014-07-22] ()
R2 Util glindorus; C:\Program Files (x86)\glindorus\bin\utilglindorus.exe [321824 2014-07-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-08-07] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)
R1 {26d264d2-014c-4f07-bf2c-ebf9aed40cef}Gw64; C:\Windows\System32\drivers\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}Gw64.sys [61112 2014-04-24] (StdLib)
R1 {26d264d2-014c-4f07-bf2c-ebf9aed40cef}w64; C:\Windows\System32\drivers\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}w64.sys [61112 2014-06-09] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-24 13:44 - 2014-07-24 13:45 - 00000000 ____D () C:\FRST
2014-07-24 13:43 - 2014-07-24 13:43 - 00000207 _____ () C:\windows\tweaking.com-regbackup-TATIANA2650-Microsoft-Windows-8-(64-bit).dat
2014-07-24 13:42 - 2014-07-24 13:42 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\RegBackup
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-24 13:40 - 2014-07-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-24 13:38 - 2014-07-24 13:38 - 00000000 ___RD () C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 13:36 - 2014-07-24 13:36 - 00001006 _____ () C:\Users\tatiana\Documents\chris_fix.txt
2014-07-20 19:18 - 2014-07-20 19:18 - 00000112 _____ () C:\windows\wininit.ini
2014-07-20 17:22 - 2014-07-20 17:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00001264 _____ () C:\Users\tatiana\Desktop\Spybot - Search & Destroy.lnk
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-20 16:27 - 2014-07-20 16:28 - 00291288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-17 14:43 - 2014-06-26 15:53 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-17 14:43 - 2014-06-26 15:53 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-11 19:00 - 2014-06-30 17:42 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-11 19:00 - 2014-06-30 17:42 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-07-11 18:59 - 2014-06-30 17:42 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-07-11 18:59 - 2014-06-27 22:35 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-09 14:27 - 2014-06-17 18:27 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-09 14:27 - 2014-06-17 18:24 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-09 14:27 - 2014-06-10 23:18 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-09 14:27 - 2014-06-02 17:33 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-07-09 14:27 - 2014-05-29 18:31 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-07-09 14:27 - 2014-05-29 18:03 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-07-09 14:27 - 2014-05-29 18:02 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-09 14:27 - 2014-05-29 18:02 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-07-09 14:27 - 2014-05-03 01:34 - 06974808 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-09 14:27 - 2014-05-03 01:33 - 01824808 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-07-09 14:27 - 2014-05-02 23:51 - 01408976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-07-09 14:27 - 2014-05-01 17:37 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-07-09 14:27 - 2014-04-29 17:32 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-07-09 14:27 - 2014-04-29 17:32 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-07-09 14:27 - 2014-04-23 18:51 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-09 14:27 - 2014-04-23 18:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:27 - 2014-04-23 18:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-09 14:27 - 2014-04-23 18:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:27 - 2014-02-07 23:34 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-07-09 14:26 - 2014-06-18 21:12 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-07-09 14:26 - 2014-06-18 21:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-09 14:26 - 2014-06-18 21:11 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-09 14:26 - 2014-06-18 21:11 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-09 14:26 - 2014-06-18 21:11 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-09 14:26 - 2014-06-18 21:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-09 14:26 - 2014-06-18 21:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-09 14:26 - 2014-06-18 19:53 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-09 14:26 - 2014-06-18 19:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-09 14:26 - 2014-06-18 19:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-09 14:26 - 2014-06-18 19:52 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-09 14:26 - 2014-06-18 19:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-09 14:26 - 2014-06-18 19:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-09 14:26 - 2014-06-18 17:05 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-07-09 14:25 - 2014-06-06 09:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-09 14:25 - 2014-06-06 05:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-09 14:25 - 2014-05-29 17:24 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-04 22:40 - 2014-07-24 13:38 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-24 13:45 - 2014-07-24 13:44 - 00000000 ____D () C:\FRST
2014-07-24 13:45 - 2013-01-14 15:37 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-07-24 13:43 - 2014-07-24 13:43 - 00000207 _____ () C:\windows\tweaking.com-regbackup-TATIANA2650-Microsoft-Windows-8-(64-bit).dat
2014-07-24 13:42 - 2014-07-24 13:42 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\RegBackup
2014-07-24 13:42 - 2014-07-24 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-24 13:42 - 2012-07-26 02:21 - 00023922 _____ () C:\windows\setupact.log
2014-07-24 13:41 - 2013-06-03 22:54 - 01636358 _____ () C:\windows\WindowsUpdate.log
2014-07-24 13:40 - 2014-07-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-24 13:39 - 2013-11-10 17:09 - 00000000 ____D () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts
2014-07-24 13:38 - 2014-07-24 13:38 - 00000000 ___RD () C:\Users\tatiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 13:38 - 2014-07-04 22:40 - 00003382 _____ () C:\windows\System32\Tasks\BackgroundContainer Startup Task
2014-07-24 13:38 - 2014-03-02 16:07 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001324 _____ () C:\windows\Tasks\Plus-HD-1.6-updater.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001226 _____ () C:\windows\Tasks\Plus-HD-1.6-codedownloader.job
2014-07-24 13:38 - 2013-10-24 17:54 - 00001126 _____ () C:\windows\Tasks\Plus-HD-1.6-enabler.job
2014-07-24 13:38 - 2012-07-26 00:26 - 00000226 _____ () C:\windows\win.ini
2014-07-24 13:37 - 2012-07-26 02:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-24 13:37 - 2012-07-26 00:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-07-24 13:36 - 2014-07-24 13:36 - 00001006 _____ () C:\Users\tatiana\Documents\chris_fix.txt
2014-07-24 13:00 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-24 12:55 - 2014-03-02 16:07 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 14:53 - 2013-10-24 17:54 - 00000304 _____ () C:\windows\Tasks\GreatArcadeHits.job
2014-07-22 18:42 - 2013-11-10 17:09 - 00000304 _____ () C:\windows\Tasks\ArcadeParlor.job
2014-07-22 18:00 - 2014-03-02 16:09 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-22 17:31 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\rescache
2014-07-20 19:20 - 2013-01-14 17:00 - 00180414 _____ () C:\windows\PFRO.log
2014-07-20 19:18 - 2014-07-20 19:18 - 00000112 _____ () C:\windows\wininit.ini
2014-07-20 19:18 - 2013-10-15 17:51 - 00000000 ____D () C:\Users\tatiana\AppData\Local\Conduit
2014-07-20 17:25 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00001264 _____ () C:\Users\tatiana\Desktop\Spybot - Search & Destroy.lnk
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-20 17:22 - 2014-07-20 17:22 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-20 17:06 - 2013-06-07 10:30 - 00000000 ____D () C:\Users\tatiana\AppData\Local\CrashDumps
2014-07-20 16:28 - 2014-07-20 16:27 - 00291288 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-17 15:02 - 2013-06-08 16:23 - 00000000 ____D () C:\Users\tatiana\AppData\Roaming\PCDr
2014-07-17 14:49 - 2012-07-26 02:28 - 00850046 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-17 14:38 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\WinStore
2014-07-17 14:38 - 2012-07-26 02:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 22:31 - 2012-07-26 02:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-13 22:28 - 2013-07-22 12:15 - 00000000 ____D () C:\windows\system32\MRT
2014-07-13 22:24 - 2013-06-06 21:35 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-12 16:51 - 2013-06-04 00:59 - 00000000 ____D () C:\Users\tatiana\AppData\Local\softthinks
2014-07-11 18:50 - 2013-06-03 22:54 - 00000000 ____D () C:\Users\tatiana
2014-07-09 13:28 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-05 08:58 - 2012-07-26 03:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-04 23:52 - 2013-10-24 17:54 - 00000000 ____D () C:\Users\tatiana\AppData\Local\GreatArcadeHits
2014-06-30 17:42 - 2014-07-11 19:00 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-30 17:42 - 2014-07-11 19:00 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-06-30 17:42 - 2014-07-11 18:59 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-06-28 15:41 - 2013-11-10 17:09 - 00000000 ____D () C:\Users\tatiana\AppData\Local\ArcadeParlor
2014-06-27 22:35 - 2014-07-11 18:59 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-26 15:53 - 2014-07-17 14:43 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:53 - 2014-07-17 14:43 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-22 17:21
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by tatiana at 2014-07-24 13:46:56
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AbiWord 2.6.4 (HKLM-x32\...\AbiWord2) (Version: 2.6.4 - AbiSource Developers)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcadeParlor (HKCU\...\{B74443DB-5A88-4583-860A-F0D06EF399E3}) (Version: - ArcadeParlor)
Ask Toolbar (HKLM-x32\...\{4F564F32-0076-A76A-76A7-A758B70C0A02}) (Version: 12.10.2.4129 - APN, LLC) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 23.4.1.0 - COMODO)
CWA Reminder by We-Care.com v4.1.24.3 (HKLM-x32\...\{0228288D-975E-42F7-9993-E91A82E6BBD9}) (Version: 4.1.24.3 - We-Care.com)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.17 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
glindorus 1.0.0 (HKLM\...\glindorus) (Version: 1.0.0 - glindorus) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GreatArcadeHits (HKCU\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
HP Officejet 4630 series Basic Device Software (HKLM\...\{29B1CB33-32C3-4762-85DA-8CEADDC36EA7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Installl Converter A Toolbar for IE (HKLM-x32\...\IECT3311834) (Version: 6.17.0.33 - Installl Converter A)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2849 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.3001 - ooVoo LLC.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plus-HD-1.6 (HKLM-x32\...\Plus-HD-1.6) (Version: 1.28.153.5 - Plus HD) <==== ATTENTION
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{B1D45D48-A4D4-495F-A693-681EA9846754}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6741 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Tango (HKCU\...\Tango) (Version: 1.6.14117 - TangoMe, Inc.)
The Weather Channel App (HKLM-x32\...\The Weather Channel App) (Version: - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID entries: ==========================
(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-07-2014 19:56:30 Windows Update
14-07-2014 00:38:32 Windows Update
23-07-2014 21:10:47 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0778355F-9224-45C5-B95A-3A3EDA245481} - System32\Tasks\Titanium Installation => D:\setup.exe
Task: {1288ACED-7A87-4780-AD1E-33647E440B35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2A707B02-5540-4B65-86AF-2D97EE306365} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {40F12069-EF86-4ECD-9A2D-F4DA1E87F109} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {41D3641C-CAE3-42A8-9039-383D46CF1C15} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-13] (Microsoft Corporation)
Task: {57239CD5-F958-43F5-8456-E21283DAD8FF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5EB39D17-5ECE-4FC3-B01D-013CB3BB8334} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {7508AA55-4F66-4824-B6CE-095E43DEA487} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {7717C6A6-3907-4204-B79C-3C82B5AB26FE} - System32\Tasks\Plus-HD-1.6-updater => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe [2013-10-24] (Plus HD)
Task: {821DBF9A-447C-4121-85D2-F9A05570E0A8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {920D4D8F-3914-4922-8AFE-490BBB8BDEB2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {92F68220-481A-4738-AF13-02963B36FFBA} - System32\Tasks\ArcadeParlor => C:\Users\tatiana\AppData\Local\ArcadeParlor\versioncheck.exe [2014-06-28] ()
Task: {9FE7090D-8A12-4010-9372-1F57DAE6798D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-02] (Google Inc.)
Task: {A6408AD5-1E9E-43F5-BAFA-A3C0C9FB45B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B4259671-5ACB-4D33-954D-803B9E950CB2} - System32\Tasks\Plus-HD-1.6-enabler => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe [2013-10-24] (Plus HD)
Task: {B862537C-CAF0-42B2-853F-5F7B9AD9A22E} - System32\Tasks\GreatArcadeHits => C:\Users\tatiana\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2014-07-04] () <==== ATTENTION
Task: {C1FAE1CD-AF1C-4831-987D-8D820818E441} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-10-24] (Plus HD)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FA3E0F37-DB40-4397-A64D-4FA84CC18A69} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {FB26536C-046B-49F2-BD80-2DFCC3590329} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\tatiana\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Task: C:\windows\Tasks\ArcadeParlor.job => C:\Users\tatiana\AppData\Local\ArcadeParlor\versioncheck.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GreatArcadeHits.job => C:\Users\tatiana\AppData\Local\GreatArcadeHits\GAHUpdate.exe
Task: C:\windows\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe
Task: C:\windows\Tasks\Plus-HD-1.6-enabler.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe
Task: C:\windows\Tasks\Plus-HD-1.6-updater.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe
==================== Loaded Modules (whitelisted) =============
2012-12-24 06:30 - 2012-12-24 06:30 - 01868432 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2013-01-14 15:32 - 2012-04-24 21:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-04 20:02 - 2014-07-22 18:33 - 00321824 _____ () C:\Program Files (x86)\glindorus\updateglindorus.exe
2013-10-26 14:24 - 2014-07-22 18:32 - 00321824 _____ () C:\Program Files (x86)\glindorus\bin\utilglindorus.exe
2014-05-01 18:36 - 2014-07-03 16:11 - 00287008 _____ () C:\Program Files (x86)\glindorus\bin\glindorus.PurBrowse64.exe
2014-05-01 18:37 - 2014-07-22 18:53 - 00096544 _____ () C:\Program Files (x86)\glindorus\bin\glindorus.BrowserAdapter.exe
2013-06-07 12:04 - 2013-06-07 12:06 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-08 15:11 - 2012-08-08 15:11 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2013-01-14 16:23 - 2012-08-27 02:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-09 00:02 - 2013-07-09 00:02 - 00348384 _____ () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
2013-07-09 00:02 - 2013-07-09 00:02 - 00076000 _____ () C:\Users\tatiana\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-14 03:43 - 2011-04-14 03:43 - 08448512 _____ () C:\Program Files (x86)\Tango\QtGui4.dll
2011-04-14 03:35 - 2011-04-14 03:35 - 02346496 _____ () C:\Program Files (x86)\Tango\QtCore4.dll
2011-04-14 03:50 - 2011-04-14 03:50 - 00113152 _____ () C:\Program Files (x86)\Tango\QtMultimedia4.dll
2011-04-14 03:36 - 2011-04-14 03:36 - 00859648 _____ () C:\Program Files (x86)\Tango\QtNetwork4.dll
2011-04-14 04:58 - 2011-04-14 04:58 - 11159040 _____ () C:\Program Files (x86)\Tango\QtWebKit4.dll
2011-08-09 05:31 - 2011-08-09 05:31 - 00054784 _____ () C:\Program Files (x86)\Tango\CrashRpt.dll
2011-04-14 03:49 - 2011-04-14 03:49 - 00270336 _____ () C:\Program Files (x86)\Tango\phonon4.dll
2013-01-14 15:30 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-27 22:51 - 2014-02-27 22:51 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2013-01-14 15:37 - 2012-09-12 22:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-01-14 15:37 - 2012-08-06 11:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-01-14 15:37 - 2012-08-06 11:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2013-01-14 15:22 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2014 01:21:36 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
Error: (07/24/2014 01:21:04 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error: (07/24/2014 01:04:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406
System errors:
=============
Error: (07/24/2014 01:40:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 06:34:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 06:30:43 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:43 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 06:30:39 PM) (Source: DCOM) (EventID: 10010) (User: TATIANA2650)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/22/2014 05:07:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/22/2014 05:05:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:46:13 PM on 7/22/2014 was unexpected.
Microsoft Office Sessions:
=========================
Error: (07/24/2014 01:21:36 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\WinZip\adxloader.dll.Manifestc:\program files\WinZip\adxloader.dll.Manifest2
Error: (07/24/2014 01:21:04 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*C:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllC:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8
Error: (07/24/2014 01:04:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4797
Error: (07/23/2014 11:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3516
Error: (07/23/2014 11:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/23/2014 11:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3965.27 MB
Available physical RAM: 2426.34 MB
Total Pagefile: 4861.27 MB
Available Pagefile: 3175.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.98 GB) (Free:397.74 GB) NTFS
Drive e: (USB20FD) (Removable) (Total:15.22 GB) (Free:15.21 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:12.64 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5A14010D)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-24 13:55:09
-----------------------------
13:55:09.001 OS Version: Windows x64 6.2.9200
13:55:09.002 Number of processors: 2 586 0x3A09
13:55:09.004 ComputerName: TATIANA2650 UserName: tatiana
13:55:11.231 Initialize success
13:55:11.314 VM: initialized successfully
13:55:11.339 VM: Intel CPU supported
13:55:20.158 VM: disk I/O iaStorA.sys
13:58:24.345 AVAST engine defs: 14072400
13:59:50.698 The log file has been saved successfully to "E:\aswMBR.txt"
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-24 13:55:09
-----------------------------
13:55:09.001 OS Version: Windows x64 6.2.9200
13:55:09.002 Number of processors: 2 586 0x3A09
13:55:09.004 ComputerName: TATIANA2650 UserName: tatiana
13:55:11.231 Initialize success
13:55:11.314 VM: initialized successfully
13:55:11.339 VM: Intel CPU supported
13:55:20.158 VM: disk I/O iaStorA.sys
13:58:24.345 AVAST engine defs: 14072400
13:59:50.698 The log file has been saved successfully to "E:\aswMBR.txt"
14:00:33.190 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000032
14:00:33.196 Disk 0 Vendor: ST500LT012-9WS142 0001SDM1 Size: 476940MB BusType: 11
14:00:33.315 Disk 0 MBR read successfully
14:00:33.323 Disk 0 MBR scan
14:00:33.340 Disk 0 unknown MBR code
14:00:33.349 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
14:00:33.468 Disk 0 scanning C:\windows\system32\drivers
14:01:00.192 Service scanning
14:01:56.986 Modules scanning
14:01:57.342 Disk 0 trace - called modules:
14:01:57.364 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
14:01:57.376 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006084060]
14:01:57.388 3 CLASSPNP.SYS[fffff88000b08e0a] -> nt!IofCallDriver -> \Device\00000032[0xfffffa8004d69060]
14:01:58.905 AVAST engine scan C:\windows
14:02:02.388 AVAST engine scan C:\windows\system32
14:08:24.351 AVAST engine scan C:\windows\system32\drivers
14:08:55.956 AVAST engine scan C:\Users\tatiana
14:45:07.340 AVAST engine scan C:\ProgramData
14:49:01.452 Scan finished successfully
14:50:20.215 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
14:50:20.263 The log file has been saved successfully to "E:\aswMBR.txt"