rcb56
2015-04-27, 17:29
Admin Edit
Previous topic in the Tavern. :)
http://forums.spybot.info/showthread.php?72257-I-m-back-with-a-new-problem-help!
this may be nothing, but a few days ago all was fine then something hit the brake on this pc and slowed it way down. start up, to opening browsers, to opening a new link has just become painfully slow. even the avast download took forever. system restore scared me as i did a restore this morning, but it acted like it froze it was so slow. i thought i better let you great people take a look. i also have trouble with installing a new logitech wireless unifying mouse which windows 7 won't recognize. logitech support...needs support i'm afraid as they are useless. as i installed spybot to run i was prompted an error on the program file 2/unins000.msg was missing and obtain a new copy. sorry to have to jump back in but...here i am!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Dad (administrator) on BRIDGES1 on 27-04-2015 10:04:24
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available profiles: Dad)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\8ome1t6w.default-1430143878363
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @talk.google.com/O1DPlugin -> C:\Users\Dad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2011-11-14] (Affinegy, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Users\Dad\Desktop\bin\cleanhlp64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 10:05 - 2015-04-27 10:05 - 01571880 _____ () C:\Users\Dad\Desktop\aswMBR.exe.part
2015-04-27 10:05 - 2015-04-27 10:05 - 00000000 _____ () C:\Users\Dad\Desktop\aswMBR.exe
2015-04-27 10:04 - 2015-04-27 10:04 - 00014667 _____ () C:\Users\Dad\Desktop\FRST.txt
2015-04-27 10:04 - 2015-04-27 10:04 - 00000000 ____D () C:\FRST
2015-04-27 10:03 - 2015-04-27 10:03 - 02100736 _____ (Farbar) C:\Users\Dad\Desktop\FRST64.exe
2015-04-27 10:01 - 2015-04-27 10:01 - 04720448 _____ () C:\Users\Dad\Desktop\tweaking.com_registry_backup_setup.exe
2015-04-27 10:01 - 2015-04-27 10:01 - 00002242 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-04-27 09:16 - 2015-04-27 09:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-27 08:57 - 2015-03-24 22:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-27 08:57 - 2015-03-24 22:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-27 08:57 - 2015-03-24 22:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-27 08:57 - 2015-03-24 22:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-27 08:57 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-27 08:57 - 2015-03-22 22:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-27 08:57 - 2015-03-22 22:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-27 08:57 - 2015-03-22 22:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-27 08:57 - 2015-03-09 22:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-27 08:57 - 2015-03-09 22:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-27 08:57 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-27 08:57 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-27 08:57 - 2015-03-05 00:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-27 08:57 - 2015-03-04 23:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-27 08:57 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-27 08:56 - 2015-03-17 00:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-27 08:56 - 2015-03-17 00:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-27 08:56 - 2015-03-17 00:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-27 08:56 - 2015-03-17 00:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-27 08:56 - 2015-03-17 00:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-27 08:56 - 2015-03-17 00:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-27 08:56 - 2015-03-17 00:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-27 08:56 - 2015-03-17 00:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-27 08:56 - 2015-03-17 00:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-27 08:56 - 2015-03-17 00:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-27 08:56 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-27 08:56 - 2015-03-16 23:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-27 08:56 - 2015-03-16 23:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-27 08:56 - 2015-03-16 23:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-27 08:56 - 2015-03-16 23:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-27 08:56 - 2015-03-16 23:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-27 08:56 - 2015-03-16 22:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-27 08:56 - 2015-03-16 22:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-27 08:56 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-27 08:55 - 2015-04-01 19:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-27 08:55 - 2015-04-01 18:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-27 08:55 - 2015-03-12 23:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-27 08:55 - 2015-03-12 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-27 08:55 - 2015-03-12 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-27 08:55 - 2015-03-12 23:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-27 08:55 - 2015-03-12 23:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-27 08:55 - 2015-03-12 23:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-27 08:55 - 2015-03-12 23:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-27 08:55 - 2015-03-12 23:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-27 08:55 - 2015-03-12 23:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-27 08:55 - 2015-03-12 23:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-27 08:55 - 2015-03-12 22:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-27 08:55 - 2015-03-12 22:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-27 08:55 - 2015-03-12 22:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-27 08:55 - 2015-03-12 22:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-27 08:55 - 2015-03-12 22:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-27 08:55 - 2015-03-12 22:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-27 08:55 - 2015-03-12 22:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-27 08:55 - 2015-03-12 22:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-27 08:55 - 2015-03-12 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-27 08:55 - 2015-03-12 22:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-27 08:55 - 2015-03-12 22:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-27 08:55 - 2015-03-12 22:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-27 08:55 - 2015-03-12 22:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-27 08:55 - 2015-03-12 22:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-27 08:55 - 2015-03-12 22:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-27 08:55 - 2015-03-12 22:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-27 08:55 - 2015-03-12 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-27 08:55 - 2015-03-12 22:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-27 08:55 - 2015-03-12 22:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-27 08:55 - 2015-03-12 22:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-27 08:55 - 2015-03-12 22:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-27 08:55 - 2015-03-12 22:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-27 08:55 - 2015-03-12 22:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-27 08:55 - 2015-03-12 22:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-27 08:55 - 2015-03-12 22:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-27 08:55 - 2015-03-12 22:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-27 08:55 - 2015-03-12 22:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-27 08:55 - 2015-03-12 22:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-27 08:55 - 2015-03-12 22:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-27 08:55 - 2015-03-12 22:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-27 08:55 - 2015-03-12 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-27 08:55 - 2015-03-12 22:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-27 08:55 - 2015-03-12 21:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-27 08:55 - 2015-03-12 21:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-27 08:55 - 2015-03-12 21:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-27 08:55 - 2015-03-12 21:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-27 08:55 - 2015-03-12 21:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-27 08:55 - 2015-03-12 21:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-27 08:55 - 2015-03-12 21:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-27 08:55 - 2015-03-12 21:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-27 08:55 - 2015-03-12 21:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-27 08:55 - 2015-03-12 21:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-27 08:55 - 2015-03-12 21:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-27 08:55 - 2015-03-12 21:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-27 08:55 - 2015-03-12 21:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-27 08:55 - 2015-03-12 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-27 08:53 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-27 08:53 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-27 08:46 - 2015-04-27 08:46 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-27 08:46 - 2015-04-27 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-27 08:45 - 2015-04-27 08:46 - 00000000 ____D () C:\Program Files\iTunes
2015-04-27 08:45 - 2015-04-27 08:45 - 00000000 ____D () C:\Program Files\iPod
2015-04-27 08:45 - 2015-04-27 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-26 15:30 - 2015-04-27 08:25 - 00000000 ____D () C:\Program Files (x86)\LocK-A-FoLdeR
2015-04-26 15:30 - 2015-04-26 15:30 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2015-04-17 13:29 - 2015-04-17 13:29 - 00000000 __SHD () C:\Users\Dad\Desktop\New folder
2015-04-17 13:28 - 2015-04-27 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2015-04-17 13:24 - 2015-03-17 00:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 13:24 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 13:21 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 09:42 - 2015-04-16 09:55 - 00000000 __SHD () C:\Users\Dad\Desktop\screens
2015-04-14 23:43 - 2015-04-14 23:43 - 00385602 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS
2015-04-14 23:43 - 2015-04-14 23:43 - 00000204 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS.part
2015-04-14 16:42 - 2015-04-14 16:42 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-04-14 16:11 - 2015-04-14 20:26 - 00000000 ____D () C:\Program Files\Highresolution Enterprises
2015-04-14 16:11 - 2015-04-14 16:11 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Highresolution Enterprises
2015-04-10 08:38 - 2015-04-27 08:25 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dwyco CDC-X
2015-04-10 04:01 - 2015-04-27 09:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 04:00 - 2015-04-10 04:01 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Malwarebytes
2015-04-09 03:00 - 2015-04-27 08:26 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-09 03:00 - 2015-04-27 08:26 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-09 00:32 - 2015-04-27 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 10:01 - 2015-01-07 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-04-27 09:52 - 2013-01-04 21:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-27 09:43 - 2014-08-22 21:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-27 09:41 - 2015-02-03 09:28 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA.job
2015-04-27 09:41 - 2015-02-03 09:28 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core.job
2015-04-27 09:26 - 2012-04-06 03:18 - 00000000 ____D () C:\Users\Dad\AppData\Local\CrashDumps
2015-04-27 09:25 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-27 09:25 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-27 09:24 - 2014-11-09 12:54 - 00000000 ____D () C:\Users\Dad\AppData\Local\Adobe
2015-04-27 09:24 - 2014-08-22 21:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-27 09:24 - 2014-08-22 21:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-27 09:24 - 2014-08-22 21:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-27 09:23 - 2014-01-07 21:18 - 01485675 _____ () C:\Windows\WindowsUpdate.log
2015-04-27 09:22 - 2009-07-14 00:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-27 09:18 - 2014-02-11 17:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-27 09:17 - 2015-02-03 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 09:17 - 2014-09-04 20:35 - 00012536 _____ () C:\Windows\setupact.log
2015-04-27 09:17 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-27 09:16 - 2014-05-02 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-27 09:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-27 09:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-27 09:15 - 2012-04-05 12:30 - 00759758 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-27 09:13 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-27 09:10 - 2012-03-30 21:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-27 08:46 - 2015-02-05 21:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-27 08:46 - 2012-10-03 01:44 - 00000000 ____D () C:\Users\Dad\AppData\Local\Google
2015-04-27 08:46 - 2012-03-29 12:48 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Mozilla
2015-04-27 08:45 - 2015-03-04 06:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-27 08:29 - 2015-01-04 16:12 - 00001360 _____ () C:\Windows\LkmdfCoInst.log
2015-04-27 08:29 - 2012-03-29 13:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-04-27 08:28 - 2012-03-29 12:32 - 00000000 ____D () C:\Users\Dad
2015-04-27 08:26 - 2011-11-08 03:41 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-27 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-27 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-04-27 08:25 - 2014-12-09 17:32 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Karaoke Builder
2015-04-27 08:25 - 2014-10-16 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-27 08:25 - 2014-01-11 00:00 - 00000000 ____D () C:\Program Files (x86)\Paltalk Messenger
2015-04-27 08:25 - 2013-07-07 10:32 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-04-27 08:25 - 2012-03-29 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-04-27 08:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-04-27 08:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-27 08:20 - 2012-03-30 04:49 - 00000000 ____D () C:\Windows\aaaxrx
2015-04-27 08:19 - 2015-02-06 08:46 - 00000000 ____D () C:\Users\Dad\Documents\Dwyco
2015-04-27 08:19 - 2014-08-02 00:23 - 00000000 ____D () C:\Program Files\Logitech
2015-04-27 08:19 - 2013-10-17 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 08:19 - 2013-08-07 10:19 - 00000000 ___RD () C:\Users\Dad\Dropbox
2015-04-27 08:19 - 2013-07-07 10:31 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Dropbox
2015-04-27 08:19 - 2012-03-29 13:09 - 00000000 ____D () C:\ProgramData\Logishrd
2015-04-27 08:19 - 2012-03-29 13:09 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2015-04-27 08:18 - 2014-10-16 16:37 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 08:03 - 2014-02-09 17:47 - 17242112 ___SH () C:\Users\Dad\Desktop\Thumbs.db
2015-04-27 07:49 - 2012-04-06 11:37 - 00000000 ____D () C:\ProgramData\Freemake
2015-04-17 22:37 - 2014-12-04 14:31 - 00000000 ____D () C:\Users\Dad\Documents\Audio Recorder for Free
2015-04-17 13:02 - 2012-03-29 12:48 - 00000000 ____D () C:\Users\Dad\AppData\Local\Mozilla
2015-04-17 12:57 - 2014-01-14 13:38 - 00059600 _____ () C:\Users\Dad\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-14 23:28 - 2012-07-16 07:22 - 00007668 _____ () C:\Users\Dad\AppData\Local\Resmon.ResmonCfg
2015-04-09 20:58 - 2014-10-16 11:25 - 00178872 _____ () C:\Windows\PFRO.log
2015-04-08 23:47 - 2014-02-13 10:25 - 00001019 _____ () C:\Users\Dad\Desktop\Dropbox.lnk
==================== Files in the root of some directories =======
2013-08-07 07:12 - 2014-11-16 01:53 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.1.txt
2013-08-07 07:12 - 2014-03-30 12:59 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.2.txt
2013-08-07 07:12 - 2014-03-29 19:54 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.3.txt
2013-08-07 07:12 - 2013-08-07 07:34 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.4.txt
2013-08-07 07:12 - 2013-08-07 07:12 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.5.txt
2013-08-07 07:12 - 2014-12-02 19:47 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt
2013-08-07 07:12 - 2014-12-02 19:47 - 0000000 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-05-12 16:58 - 2012-05-12 16:58 - 0024597 _____ () C:\Users\Dad\AppData\Roaming\UserTile.png
2014-09-01 03:18 - 2014-09-01 03:18 - 0001248 _____ () C:\Users\Dad\AppData\Roaming\UZNYUL
2014-02-13 11:52 - 2015-02-03 10:23 - 0000136 _____ () C:\Users\Dad\AppData\Roaming\WB.CFG
2014-09-01 03:18 - 2014-09-01 03:18 - 0002086 _____ () C:\Users\Dad\AppData\Roaming\WTPQZFD
2015-04-14 23:43 - 2015-04-14 23:43 - 0385602 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS
2015-04-14 23:43 - 2015-04-14 23:43 - 0000204 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS.part
2012-04-14 22:46 - 2014-01-03 23:33 - 0119296 _____ () C:\Users\Dad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-02 23:37 - 2015-02-03 10:24 - 0000010 _____ () C:\Users\Dad\AppData\Local\DSI.DAT
2012-08-18 06:51 - 2012-08-18 06:51 - 0004028 _____ () C:\Users\Dad\AppData\Local\HWVendorDetection.log
2013-01-10 09:07 - 2013-01-10 09:07 - 0000866 _____ () C:\Users\Dad\AppData\Local\recently-used.xbel
2012-07-16 07:22 - 2015-04-14 23:28 - 0007668 _____ () C:\Users\Dad\AppData\Local\Resmon.ResmonCfg
2012-03-29 13:09 - 2012-03-29 13:09 - 0017408 _____ () C:\Users\Dad\AppData\Local\WebpageIcons.db
2012-11-19 03:10 - 2012-11-19 03:10 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Some content of TEMP:
====================
C:\Users\Dad\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr09hjj.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-26 22:18
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-04-27 10:06:02
-----------------------------
10:06:02.787 OS Version: Windows x64 6.1.7601 Service Pack 1
10:06:02.787 Number of processors: 4 586 0x2A07
10:06:02.788 ComputerName: BRIDGES1 UserName: Dad
10:06:04.627 Initialize success
10:06:04.754 VM: initialized successfully
10:06:04.755 VM: Intel CPU supported
10:06:08.915 VM: supported disk I/O iaStor.sys
10:15:12.620 AVAST engine defs: 15042700
10:16:32.204 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Dad at 2015-04-27 10:05:12
Running from C:\Users\Dad\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2107755742-302254199-1763176924-500 - Administrator - Disabled)
Dad (S-1-5-21-2107755742-302254199-1763176924-1001 - Administrator - Enabled) => C:\Users\Dad
Guest (S-1-5-21-2107755742-302254199-1763176924-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2107755742-302254199-1763176924-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Spybot - Search and Destroy (Disabled - Out of date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe PDF ePub DRM Removal 4.7.1 (HKLM-x32\...\{C9DD56CA-BAE9-452A-AFE9-834C7770D1A3}) (Version: 4.7.1 - EPUBSOFT)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Recorder for Free v12.9.8 (HKLM-x32\...\Audio Recorder for Free_is1) (Version: - Copyright(C) 2006-2012 AudioToolMedia Software.)
BEHRINGER UFX 1394 Drivers v6.11.0.0 (HKLM-x32\...\BEHRINGER UFX 1394 Drivers v6.11.0.0) (Version: 6.11.0.0 - BEHRINGER)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
Best Buy pc app (Version: 3.3.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.3.0.0 - Best Buy) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2531.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.15 - Piriform)
Dropbox (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dwyco CDC-X version 2.10 (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dwyco CDC-X_is1) (Version: 2.10 - Dwyco, Inc.)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Freemake Video Converter version 3.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.1.0 - Ellora Assets Corporation)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Gateway Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karaoke Builder Player 3.0 (HKLM-x32\...\Karaoke Builder Player 3.0) (Version: - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paltalk Ad Remover 4.0 (HKLM-x32\...\Paltalk Ad Remover_is1) (Version: - The Anubis Group (T.A.G.))
Paltalk Messenger 11.4 (HKLM-x32\...\Paltalk Messenger) (Version: 11.4.564.16191 - AVM Software Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.11.2 - Tweaking.com)
VisioForge Video Capture SDK Delphi Redist (x32 Version: 6.2.0.2 - VisioForge) Hidden
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3504 - Gateway Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
08-02-2015 09:57:14 End of disinfection
09-02-2015 08:50:00 Windows Backup
02-03-2015 12:25:48 Windows Update
02-03-2015 15:57:38 Windows Backup
03-03-2015 04:00:19 Windows Update
03-03-2015 14:37:04 Windows Update
04-03-2015 03:13:29 Removed iTunes
04-03-2015 04:26:49 Removed iTunes
04-03-2015 05:43:07 Removed Apple Software Update
04-03-2015 05:46:00 Revo Uninstaller's restore point - Apple Software Update
04-03-2015 06:19:51 Installed iTunes
06-03-2015 16:46:23 Windows Update
08-03-2015 19:00:21 Windows Backup
11-03-2015 03:00:46 Windows Update
21-03-2015 14:40:42 Windows Update
22-03-2015 00:17:57 Windows Backup
23-03-2015 16:38:56 Windows Backup
25-03-2015 19:53:58 Windows Update
06-04-2015 10:13:45 Windows Backup
09-04-2015 03:00:11 Windows Update
12-04-2015 14:46:32 Windows Update
12-04-2015 19:00:07 Windows Backup
14-04-2015 21:28:02 Restore Operation
15-04-2015 08:32:37 Windows Update
17-04-2015 12:46:28 Restore Operation
17-04-2015 13:50:50 Removed Java 8 Update 45
17-04-2015 13:52:08 Windows Update
25-04-2015 10:10:40 Windows Update
27-04-2015 07:54:58 Restore Operation
27-04-2015 08:39:10 Windows Update
27-04-2015 09:07:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2015-03-09 13:50 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0642325B-D49D-4797-BC3D-2F56533546BB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {09EEC63B-21B8-4656-86A9-CCDD9C10A77F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {1FD7F97B-168D-450F-9D0E-16BDCA766C4C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {346B439C-CE11-4CE0-B14C-D2FD4E18F124} - System32\Tasks\{1DD8B5E2-C122-4D1F-9758-9B0F5D4479E4} => pcalua.exe -a "C:\Users\Dad\Desktop\My Documents\mp160win64111ea23.exe" -d "C:\Users\Dad\Desktop\My Documents"
Task: {35E50A07-EC32-4024-AA11-31B368248FEE} - System32\Tasks\{D6BB3A59-B46C-4DDF-85E3-A7CC61C4B4CC} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {490D819C-47D5-456C-A5EB-EEFBD6B58C82} - System32\Tasks\{62ACF029-05DB-43E9-B5E0-E093E965ED01} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {57F10B8A-E6DC-41AF-836F-3D3323A974EC} - System32\Tasks\{8438242B-619B-42CD-9AD1-2D389FF75225} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {65FBC813-8ECD-4300-99D3-4822AFCDAFE9} - System32\Tasks\{F2D720B6-011A-46ED-9209-2320052E5916} => pcalua.exe -a C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE -c /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
Task: {8443E000-554A-4AFD-8F46-CF5BEAC3A7CB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {8C25C726-0EDD-419C-ABAE-AB81DD4A8954} - System32\Tasks\{DF80F471-10C4-4247-BCB7-5B67BA005FD2} => pcalua.exe -a C:\Users\Dad\Desktop\ts_webcam.exe -d C:\Users\Dad\Desktop
Task: {8D943107-6A50-440B-8E05-7B77AD0A1BEB} - System32\Tasks\{D9E1C870-B7E8-4995-8A98-D579504F6B41} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {91183DFD-7C1C-4471-B424-93FFA034740B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {9836EE92-3187-46D6-88B0-0A6512B94AF7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AE3C4923-DF05-46BF-9F7D-71972FD7EF73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-27] (Adobe Systems Incorporated)
Task: {B0C3D0A2-E90E-41D9-A2AA-D31480DA3178} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {B8D04CC6-6343-45C9-B405-F55D65E7D99C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {BF9BE2EC-3E57-4FFF-B053-98D22EEE9974} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CE4612D6-865E-46E6-A8C8-E78BF08ACC3D} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {E6392F7E-8094-4810-A3A2-612265F0F48F} - System32\Tasks\{F126331D-C6F2-47BE-94F5-C17820994183} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Recordpad\uninst.exe"
Task: {E738236C-04D2-4CBD-818D-A308E1376E2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {EBE10008-E34A-4FA2-A7D1-A5F7F0134090} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {ED36A8FB-B1CF-421E-8C67-F352A7A69286} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {F4FE48D0-691E-474D-9BF8-E1EE2DC18853} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FF5AE516-004E-406B-8236-DF11EE525F5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com (http://www.008k.com)
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com (http://www.00hq.com)
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com (http://www.0scan.com)
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com (http://www.1-2005-search.com)
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com (http://www.1-domains-registrations.com)
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com (http://www.1000gratisproben.com)
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com (http://www.1001namen.com)
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com (http://www.100sexlinks.com)
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com (http://www.10sek.com)
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info (http://www.123fporn.info)
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com (http://www.123haustiereundmehr.com)
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com (http://www.123moviedownload.com)
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com (http://www.123simsen.com)
There are 7865 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.42.129
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Behringer UFX 1394 Control Panel.lnk => C:\Windows\pss\Behringer UFX 1394 Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => "C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Dad\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: smoother => C:\Users\Dad\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe
MSCONFIG\startupreg: SoftonicAssistant => "C:\Users\Dad\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{712D7705-28BD-444D-BB14-5C08AACD5F01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25510813-0968-4D57-BADB-1614F2A92B15}] => (Allow) LPort=2869
FirewallRules: [{5F1AFC8C-6B84-4793-86F5-52029CD4189E}] => (Allow) LPort=1900
FirewallRules: [{A687E5CE-0A6E-4268-AFA0-7509E2AB6F25}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3E6FC240-35CB-4367-971D-76F632AE4C1F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{458FF205-4A97-49FB-AB17-2C16B022C60D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{B48A3653-063C-4BC6-9E97-F38F05A37958}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{29FD2029-71D3-48E8-9A43-DAB6570B0073}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{AD64C28E-86AE-46D5-A7DB-73F30240C1FD}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{4CA047AB-7B5E-4B91-BDB4-609E11399939}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{24B25CDC-08A1-4E14-B1DF-B7DC664138F1}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{CF2BC875-58A7-415E-A772-9CA44888D394}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{97F933F3-EC17-427B-8EBB-7F2D7A6D1CE1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E6E34D32-678E-4AE5-ACA1-6201219331F1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{FE719458-9E14-4060-855E-9B16B652E79C}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C729B18C-1248-4143-988D-C2F09B9245C3}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{7F3BAE04-783C-4EC4-A1D9-84B2328AD2F3}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B2925845-C727-459D-889B-3C18AB1F801E}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7D117006-121E-44D7-B8BD-0E9940813790}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2DE2F26-58C2-4E6F-B81E-A14D40EA6438}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4B19791-A9CE-47CD-B264-7747FE49518A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C403502F-E4EB-4619-9427-96A11B58CB6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C4C24F7-5407-4E4A-815A-FA6792CE86FF}] => (Allow) C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CC7FCCAA-A7D3-4B92-9FAA-0BF793787466}] => (Allow) C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{4E9D1ED0-3352-49AE-B03F-E0D61A926463}C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3799D7BD-ED7E-417E-AC3A-D58D4BCC5F9C}C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{00FA12F1-DAD8-4C07-9208-596945587D51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7CF7ECB-94EB-4CA3-9A5E-67955BF062B0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0FF1312A-2580-4B26-8D5A-DB0969DA2781}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A2879CD7-982F-4A67-AF96-452BFA8A845E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{A233DB83-0FF4-43B0-A9C7-799A646CAD4D}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{D8D967FB-F64F-4D82-B01A-FD01759A176F}] => (Block) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{A647DBE1-C08B-4426-A9E9-E562C5D96E07}] => (Block) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{6C14CA77-F7A2-4BFA-9AA6-B4B755B72488}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B45F9804-68F4-4911-8E99-C25E05608776}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DEAE201-EDF8-4581-9FEC-B55FF1DE05E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C010860B-1221-44D6-A5DD-44E4E61D639E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{41C5339A-045B-4AAB-A3CB-52289801E44E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C23B3115-C863-4912-A619-7C08AD1BB5A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2A1967FA-454F-4E33-A005-33BD1ED4F954}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: 2.4G Wireless Mouse
Description: 2.4G Wireless Mouse
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft Teredo Tunneling Adapter #2
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2015 09:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xc34
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1248
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:10:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xcd0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:08:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1c0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:08:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1198
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xe4c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:06:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.1.5570, time stamp: 0x551e23ee
Faulting module name: mozalloc.dll, version: 37.0.1.5570, time stamp: 0x551e1536
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xb2c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 08:38:20 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (04/27/2015 08:15:10 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Windows Backup).
Error: (04/27/2015 08:03:05 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Windows Backup).
System errors:
=============
Error: (04/27/2015 09:28:11 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5
Error: (04/27/2015 09:27:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (04/27/2015 09:18:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:18:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/27/2015 09:17:47 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (04/27/2015 08:39:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.197.733.0).
Microsoft Office Sessions:
=========================
Error: (04/27/2015 09:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1c3401d080f60e3445f9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll54e588f4-ece9-11e4-a8c3-02060d5d6465
Error: (04/27/2015 09:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1124801d080f5fc555096C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3ea9a97b-ece9-11e4-a8c3-02060d5d6465
Error: (04/27/2015 09:10:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1cd001d080f3e71a394eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2f95ffa8-ece7-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:08:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa11c001d080f3a1faf7f9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlle1a2514d-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:08:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1119801d080f392fd58aeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld2fc0957-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1e4c01d080f3786648e6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc607bf39-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:06:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa1b2c01d080f2f3ab9fa4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla44217f7-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 08:38:20 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (04/27/2015 08:15:10 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: Windows Backup
Error: (04/27/2015 08:03:05 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: Windows Backup
CodeIntegrity Errors:
===================================
Date: 2015-02-04 10:01:31.601
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-04 10:01:31.585
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 6048.28 MB
Available physical RAM: 3932.85 MB
Total Pagefile: 12094.75 MB
Available Pagefile: 9973.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:702.11 GB) NTFS
Drive d: (AppDrv1) (CDROM) (Total:2.6 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D81C09C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
tashi did you see nothing in my logs? i resolved my hardware trouble i was having, but thought the way my pc was acting maybe something had got to it again.
Previous topic in the Tavern. :)
http://forums.spybot.info/showthread.php?72257-I-m-back-with-a-new-problem-help!
this may be nothing, but a few days ago all was fine then something hit the brake on this pc and slowed it way down. start up, to opening browsers, to opening a new link has just become painfully slow. even the avast download took forever. system restore scared me as i did a restore this morning, but it acted like it froze it was so slow. i thought i better let you great people take a look. i also have trouble with installing a new logitech wireless unifying mouse which windows 7 won't recognize. logitech support...needs support i'm afraid as they are useless. as i installed spybot to run i was prompted an error on the program file 2/unins000.msg was missing and obtain a new copy. sorry to have to jump back in but...here i am!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Dad (administrator) on BRIDGES1 on 27-04-2015 10:04:24
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available profiles: Dad)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\8ome1t6w.default-1430143878363
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.msn.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @talk.google.com/O1DPlugin -> C:\Users\Dad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2107755742-302254199-1763176924-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2011-11-14] (Affinegy, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Users\Dad\Desktop\bin\cleanhlp64.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 10:05 - 2015-04-27 10:05 - 01571880 _____ () C:\Users\Dad\Desktop\aswMBR.exe.part
2015-04-27 10:05 - 2015-04-27 10:05 - 00000000 _____ () C:\Users\Dad\Desktop\aswMBR.exe
2015-04-27 10:04 - 2015-04-27 10:04 - 00014667 _____ () C:\Users\Dad\Desktop\FRST.txt
2015-04-27 10:04 - 2015-04-27 10:04 - 00000000 ____D () C:\FRST
2015-04-27 10:03 - 2015-04-27 10:03 - 02100736 _____ (Farbar) C:\Users\Dad\Desktop\FRST64.exe
2015-04-27 10:01 - 2015-04-27 10:01 - 04720448 _____ () C:\Users\Dad\Desktop\tweaking.com_registry_backup_setup.exe
2015-04-27 10:01 - 2015-04-27 10:01 - 00002242 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-04-27 09:16 - 2015-04-27 09:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-27 08:57 - 2015-03-24 22:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-27 08:57 - 2015-03-24 22:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-27 08:57 - 2015-03-24 22:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-27 08:57 - 2015-03-24 22:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-27 08:57 - 2015-03-24 22:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-27 08:57 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-27 08:57 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-27 08:57 - 2015-03-22 22:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-27 08:57 - 2015-03-22 22:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-27 08:57 - 2015-03-22 22:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-27 08:57 - 2015-03-22 22:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-27 08:57 - 2015-03-09 22:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-27 08:57 - 2015-03-09 22:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-27 08:57 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-27 08:57 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-27 08:57 - 2015-03-05 00:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-27 08:57 - 2015-03-04 23:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-27 08:57 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-27 08:56 - 2015-03-17 00:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-27 08:56 - 2015-03-17 00:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-27 08:56 - 2015-03-17 00:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-27 08:56 - 2015-03-17 00:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-27 08:56 - 2015-03-17 00:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-27 08:56 - 2015-03-17 00:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-27 08:56 - 2015-03-17 00:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-27 08:56 - 2015-03-17 00:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-27 08:56 - 2015-03-17 00:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-27 08:56 - 2015-03-17 00:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-27 08:56 - 2015-03-17 00:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-27 08:56 - 2015-03-17 00:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-27 08:56 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-27 08:56 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-27 08:56 - 2015-03-16 23:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-27 08:56 - 2015-03-16 23:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-27 08:56 - 2015-03-16 23:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-27 08:56 - 2015-03-16 23:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-27 08:56 - 2015-03-16 23:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-27 08:56 - 2015-03-16 23:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-27 08:56 - 2015-03-16 23:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 23:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-27 08:56 - 2015-03-16 22:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-27 08:56 - 2015-03-16 22:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-27 08:56 - 2015-03-16 22:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-27 08:56 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-27 08:55 - 2015-04-01 19:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-27 08:55 - 2015-04-01 18:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-27 08:55 - 2015-03-12 23:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-27 08:55 - 2015-03-12 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-27 08:55 - 2015-03-12 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-27 08:55 - 2015-03-12 23:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-27 08:55 - 2015-03-12 23:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-27 08:55 - 2015-03-12 23:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-27 08:55 - 2015-03-12 23:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-27 08:55 - 2015-03-12 23:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-27 08:55 - 2015-03-12 23:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-27 08:55 - 2015-03-12 23:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-27 08:55 - 2015-03-12 22:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-27 08:55 - 2015-03-12 22:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-27 08:55 - 2015-03-12 22:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-27 08:55 - 2015-03-12 22:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-27 08:55 - 2015-03-12 22:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-27 08:55 - 2015-03-12 22:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-27 08:55 - 2015-03-12 22:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-27 08:55 - 2015-03-12 22:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-27 08:55 - 2015-03-12 22:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-27 08:55 - 2015-03-12 22:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-27 08:55 - 2015-03-12 22:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-27 08:55 - 2015-03-12 22:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-27 08:55 - 2015-03-12 22:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-27 08:55 - 2015-03-12 22:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-27 08:55 - 2015-03-12 22:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-27 08:55 - 2015-03-12 22:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-27 08:55 - 2015-03-12 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-27 08:55 - 2015-03-12 22:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-27 08:55 - 2015-03-12 22:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-27 08:55 - 2015-03-12 22:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-27 08:55 - 2015-03-12 22:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-27 08:55 - 2015-03-12 22:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-27 08:55 - 2015-03-12 22:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-27 08:55 - 2015-03-12 22:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-27 08:55 - 2015-03-12 22:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-27 08:55 - 2015-03-12 22:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-27 08:55 - 2015-03-12 22:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-27 08:55 - 2015-03-12 22:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-27 08:55 - 2015-03-12 22:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-27 08:55 - 2015-03-12 22:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-27 08:55 - 2015-03-12 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-27 08:55 - 2015-03-12 22:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-27 08:55 - 2015-03-12 21:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-27 08:55 - 2015-03-12 21:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-27 08:55 - 2015-03-12 21:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-27 08:55 - 2015-03-12 21:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-27 08:55 - 2015-03-12 21:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-27 08:55 - 2015-03-12 21:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-27 08:55 - 2015-03-12 21:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-27 08:55 - 2015-03-12 21:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-27 08:55 - 2015-03-12 21:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-27 08:55 - 2015-03-12 21:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-27 08:55 - 2015-03-12 21:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-27 08:55 - 2015-03-12 21:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-27 08:55 - 2015-03-12 21:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-27 08:55 - 2015-03-12 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-27 08:53 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-27 08:53 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-27 08:46 - 2015-04-27 08:46 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-27 08:46 - 2015-04-27 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-27 08:45 - 2015-04-27 08:46 - 00000000 ____D () C:\Program Files\iTunes
2015-04-27 08:45 - 2015-04-27 08:45 - 00000000 ____D () C:\Program Files\iPod
2015-04-27 08:45 - 2015-04-27 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-26 15:30 - 2015-04-27 08:25 - 00000000 ____D () C:\Program Files (x86)\LocK-A-FoLdeR
2015-04-26 15:30 - 2015-04-26 15:30 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2015-04-17 13:29 - 2015-04-17 13:29 - 00000000 __SHD () C:\Users\Dad\Desktop\New folder
2015-04-17 13:28 - 2015-04-27 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LocK-A-FoLdeR
2015-04-17 13:24 - 2015-03-17 00:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 13:24 - 2015-03-17 00:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 13:21 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 09:42 - 2015-04-16 09:55 - 00000000 __SHD () C:\Users\Dad\Desktop\screens
2015-04-14 23:43 - 2015-04-14 23:43 - 00385602 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS
2015-04-14 23:43 - 2015-04-14 23:43 - 00000204 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS.part
2015-04-14 16:42 - 2015-04-14 16:42 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-04-14 16:11 - 2015-04-14 20:26 - 00000000 ____D () C:\Program Files\Highresolution Enterprises
2015-04-14 16:11 - 2015-04-14 16:11 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Highresolution Enterprises
2015-04-10 08:38 - 2015-04-27 08:25 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dwyco CDC-X
2015-04-10 04:01 - 2015-04-27 09:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 04:00 - 2015-04-10 04:01 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Malwarebytes
2015-04-09 03:00 - 2015-04-27 08:26 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-09 03:00 - 2015-04-27 08:26 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-09 00:32 - 2015-04-27 09:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 10:01 - 2015-01-07 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-04-27 09:52 - 2013-01-04 21:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-27 09:43 - 2014-08-22 21:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-27 09:41 - 2015-02-03 09:28 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA.job
2015-04-27 09:41 - 2015-02-03 09:28 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core.job
2015-04-27 09:26 - 2012-04-06 03:18 - 00000000 ____D () C:\Users\Dad\AppData\Local\CrashDumps
2015-04-27 09:25 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-27 09:25 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-27 09:24 - 2014-11-09 12:54 - 00000000 ____D () C:\Users\Dad\AppData\Local\Adobe
2015-04-27 09:24 - 2014-08-22 21:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-27 09:24 - 2014-08-22 21:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-27 09:24 - 2014-08-22 21:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-27 09:23 - 2014-01-07 21:18 - 01485675 _____ () C:\Windows\WindowsUpdate.log
2015-04-27 09:22 - 2009-07-14 00:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-27 09:18 - 2014-02-11 17:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-27 09:17 - 2015-02-03 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 09:17 - 2014-09-04 20:35 - 00012536 _____ () C:\Windows\setupact.log
2015-04-27 09:17 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-27 09:16 - 2014-05-02 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-27 09:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-27 09:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-27 09:15 - 2012-04-05 12:30 - 00759758 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-27 09:13 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-27 09:10 - 2012-03-30 21:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-27 08:46 - 2015-02-05 21:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-27 08:46 - 2012-10-03 01:44 - 00000000 ____D () C:\Users\Dad\AppData\Local\Google
2015-04-27 08:46 - 2012-03-29 12:48 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Mozilla
2015-04-27 08:45 - 2015-03-04 06:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-27 08:29 - 2015-01-04 16:12 - 00001360 _____ () C:\Windows\LkmdfCoInst.log
2015-04-27 08:29 - 2012-03-29 13:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-04-27 08:28 - 2012-03-29 12:32 - 00000000 ____D () C:\Users\Dad
2015-04-27 08:26 - 2011-11-08 03:41 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-27 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-27 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-04-27 08:25 - 2014-12-09 17:32 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Karaoke Builder
2015-04-27 08:25 - 2014-10-16 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-27 08:25 - 2014-10-16 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-27 08:25 - 2014-01-11 00:00 - 00000000 ____D () C:\Program Files (x86)\Paltalk Messenger
2015-04-27 08:25 - 2013-07-07 10:32 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-04-27 08:25 - 2012-04-06 11:37 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-04-27 08:25 - 2012-03-29 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-04-27 08:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-04-27 08:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-27 08:20 - 2012-03-30 04:49 - 00000000 ____D () C:\Windows\aaaxrx
2015-04-27 08:19 - 2015-02-06 08:46 - 00000000 ____D () C:\Users\Dad\Documents\Dwyco
2015-04-27 08:19 - 2014-08-02 00:23 - 00000000 ____D () C:\Program Files\Logitech
2015-04-27 08:19 - 2013-10-17 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 08:19 - 2013-08-07 10:19 - 00000000 ___RD () C:\Users\Dad\Dropbox
2015-04-27 08:19 - 2013-07-07 10:31 - 00000000 ____D () C:\Users\Dad\AppData\Roaming\Dropbox
2015-04-27 08:19 - 2012-03-29 13:09 - 00000000 ____D () C:\ProgramData\Logishrd
2015-04-27 08:19 - 2012-03-29 13:09 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2015-04-27 08:18 - 2014-10-16 16:37 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 08:03 - 2014-02-09 17:47 - 17242112 ___SH () C:\Users\Dad\Desktop\Thumbs.db
2015-04-27 07:49 - 2012-04-06 11:37 - 00000000 ____D () C:\ProgramData\Freemake
2015-04-17 22:37 - 2014-12-04 14:31 - 00000000 ____D () C:\Users\Dad\Documents\Audio Recorder for Free
2015-04-17 13:02 - 2012-03-29 12:48 - 00000000 ____D () C:\Users\Dad\AppData\Local\Mozilla
2015-04-17 12:57 - 2014-01-14 13:38 - 00059600 _____ () C:\Users\Dad\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-14 23:28 - 2012-07-16 07:22 - 00007668 _____ () C:\Users\Dad\AppData\Local\Resmon.ResmonCfg
2015-04-09 20:58 - 2014-10-16 11:25 - 00178872 _____ () C:\Windows\PFRO.log
2015-04-08 23:47 - 2014-02-13 10:25 - 00001019 _____ () C:\Users\Dad\Desktop\Dropbox.lnk
==================== Files in the root of some directories =======
2013-08-07 07:12 - 2014-11-16 01:53 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.1.txt
2013-08-07 07:12 - 2014-03-30 12:59 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.2.txt
2013-08-07 07:12 - 2014-03-29 19:54 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.3.txt
2013-08-07 07:12 - 2013-08-07 07:34 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.4.txt
2013-08-07 07:12 - 2013-08-07 07:12 - 0001181 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.5.txt
2013-08-07 07:12 - 2014-12-02 19:47 - 0000919 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt
2013-08-07 07:12 - 2014-12-02 19:47 - 0000000 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-05-12 16:58 - 2012-05-12 16:58 - 0024597 _____ () C:\Users\Dad\AppData\Roaming\UserTile.png
2014-09-01 03:18 - 2014-09-01 03:18 - 0001248 _____ () C:\Users\Dad\AppData\Roaming\UZNYUL
2014-02-13 11:52 - 2015-02-03 10:23 - 0000136 _____ () C:\Users\Dad\AppData\Roaming\WB.CFG
2014-09-01 03:18 - 2014-09-01 03:18 - 0002086 _____ () C:\Users\Dad\AppData\Roaming\WTPQZFD
2015-04-14 23:43 - 2015-04-14 23:43 - 0385602 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS
2015-04-14 23:43 - 2015-04-14 23:43 - 0000204 _____ () C:\Users\Dad\AppData\Local\5DEA8E28_stp.CIS.part
2012-04-14 22:46 - 2014-01-03 23:33 - 0119296 _____ () C:\Users\Dad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-02 23:37 - 2015-02-03 10:24 - 0000010 _____ () C:\Users\Dad\AppData\Local\DSI.DAT
2012-08-18 06:51 - 2012-08-18 06:51 - 0004028 _____ () C:\Users\Dad\AppData\Local\HWVendorDetection.log
2013-01-10 09:07 - 2013-01-10 09:07 - 0000866 _____ () C:\Users\Dad\AppData\Local\recently-used.xbel
2012-07-16 07:22 - 2015-04-14 23:28 - 0007668 _____ () C:\Users\Dad\AppData\Local\Resmon.ResmonCfg
2012-03-29 13:09 - 2012-03-29 13:09 - 0017408 _____ () C:\Users\Dad\AppData\Local\WebpageIcons.db
2012-11-19 03:10 - 2012-11-19 03:10 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Some content of TEMP:
====================
C:\Users\Dad\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr09hjj.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-26 22:18
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-04-27 10:06:02
-----------------------------
10:06:02.787 OS Version: Windows x64 6.1.7601 Service Pack 1
10:06:02.787 Number of processors: 4 586 0x2A07
10:06:02.788 ComputerName: BRIDGES1 UserName: Dad
10:06:04.627 Initialize success
10:06:04.754 VM: initialized successfully
10:06:04.755 VM: Intel CPU supported
10:06:08.915 VM: supported disk I/O iaStor.sys
10:15:12.620 AVAST engine defs: 15042700
10:16:32.204 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Dad at 2015-04-27 10:05:12
Running from C:\Users\Dad\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2107755742-302254199-1763176924-500 - Administrator - Disabled)
Dad (S-1-5-21-2107755742-302254199-1763176924-1001 - Administrator - Enabled) => C:\Users\Dad
Guest (S-1-5-21-2107755742-302254199-1763176924-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2107755742-302254199-1763176924-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Spybot - Search and Destroy (Disabled - Out of date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe PDF ePub DRM Removal 4.7.1 (HKLM-x32\...\{C9DD56CA-BAE9-452A-AFE9-834C7770D1A3}) (Version: 4.7.1 - EPUBSOFT)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audio Recorder for Free v12.9.8 (HKLM-x32\...\Audio Recorder for Free_is1) (Version: - Copyright(C) 2006-2012 AudioToolMedia Software.)
BEHRINGER UFX 1394 Drivers v6.11.0.0 (HKLM-x32\...\BEHRINGER UFX 1394 Drivers v6.11.0.0) (Version: 6.11.0.0 - BEHRINGER)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
Best Buy pc app (Version: 3.3.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.3.0.0 - Best Buy) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2531.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.15 - Piriform)
Dropbox (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dwyco CDC-X version 2.10 (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dwyco CDC-X_is1) (Version: 2.10 - Dwyco, Inc.)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
Freemake Video Converter version 3.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.1.0 - Ellora Assets Corporation)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Gateway Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karaoke Builder Player 3.0 (HKLM-x32\...\Karaoke Builder Player 3.0) (Version: - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paltalk Ad Remover 4.0 (HKLM-x32\...\Paltalk Ad Remover_is1) (Version: - The Anubis Group (T.A.G.))
Paltalk Messenger 11.4 (HKLM-x32\...\Paltalk Messenger) (Version: 11.4.564.16191 - AVM Software Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.11.2 - Tweaking.com)
VisioForge Video Capture SDK Delphi Redist (x32 Version: 6.2.0.2 - VisioForge) Hidden
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3504 - Gateway Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dad\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2107755742-302254199-1763176924-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dad\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
08-02-2015 09:57:14 End of disinfection
09-02-2015 08:50:00 Windows Backup
02-03-2015 12:25:48 Windows Update
02-03-2015 15:57:38 Windows Backup
03-03-2015 04:00:19 Windows Update
03-03-2015 14:37:04 Windows Update
04-03-2015 03:13:29 Removed iTunes
04-03-2015 04:26:49 Removed iTunes
04-03-2015 05:43:07 Removed Apple Software Update
04-03-2015 05:46:00 Revo Uninstaller's restore point - Apple Software Update
04-03-2015 06:19:51 Installed iTunes
06-03-2015 16:46:23 Windows Update
08-03-2015 19:00:21 Windows Backup
11-03-2015 03:00:46 Windows Update
21-03-2015 14:40:42 Windows Update
22-03-2015 00:17:57 Windows Backup
23-03-2015 16:38:56 Windows Backup
25-03-2015 19:53:58 Windows Update
06-04-2015 10:13:45 Windows Backup
09-04-2015 03:00:11 Windows Update
12-04-2015 14:46:32 Windows Update
12-04-2015 19:00:07 Windows Backup
14-04-2015 21:28:02 Restore Operation
15-04-2015 08:32:37 Windows Update
17-04-2015 12:46:28 Restore Operation
17-04-2015 13:50:50 Removed Java 8 Update 45
17-04-2015 13:52:08 Windows Update
25-04-2015 10:10:40 Windows Update
27-04-2015 07:54:58 Restore Operation
27-04-2015 08:39:10 Windows Update
27-04-2015 09:07:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2015-03-09 13:50 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0642325B-D49D-4797-BC3D-2F56533546BB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {09EEC63B-21B8-4656-86A9-CCDD9C10A77F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {1FD7F97B-168D-450F-9D0E-16BDCA766C4C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {346B439C-CE11-4CE0-B14C-D2FD4E18F124} - System32\Tasks\{1DD8B5E2-C122-4D1F-9758-9B0F5D4479E4} => pcalua.exe -a "C:\Users\Dad\Desktop\My Documents\mp160win64111ea23.exe" -d "C:\Users\Dad\Desktop\My Documents"
Task: {35E50A07-EC32-4024-AA11-31B368248FEE} - System32\Tasks\{D6BB3A59-B46C-4DDF-85E3-A7CC61C4B4CC} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {490D819C-47D5-456C-A5EB-EEFBD6B58C82} - System32\Tasks\{62ACF029-05DB-43E9-B5E0-E093E965ED01} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {57F10B8A-E6DC-41AF-836F-3D3323A974EC} - System32\Tasks\{8438242B-619B-42CD-9AD1-2D389FF75225} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {65FBC813-8ECD-4300-99D3-4822AFCDAFE9} - System32\Tasks\{F2D720B6-011A-46ED-9209-2320052E5916} => pcalua.exe -a C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE -c /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG
Task: {8443E000-554A-4AFD-8F46-CF5BEAC3A7CB} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {8C25C726-0EDD-419C-ABAE-AB81DD4A8954} - System32\Tasks\{DF80F471-10C4-4247-BCB7-5B67BA005FD2} => pcalua.exe -a C:\Users\Dad\Desktop\ts_webcam.exe -d C:\Users\Dad\Desktop
Task: {8D943107-6A50-440B-8E05-7B77AD0A1BEB} - System32\Tasks\{D9E1C870-B7E8-4995-8A98-D579504F6B41} => C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [2014-06-24] (AVM Software Inc.)
Task: {91183DFD-7C1C-4471-B424-93FFA034740B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {9836EE92-3187-46D6-88B0-0A6512B94AF7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AE3C4923-DF05-46BF-9F7D-71972FD7EF73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-27] (Adobe Systems Incorporated)
Task: {B0C3D0A2-E90E-41D9-A2AA-D31480DA3178} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {B8D04CC6-6343-45C9-B405-F55D65E7D99C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {BF9BE2EC-3E57-4FFF-B053-98D22EEE9974} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CE4612D6-865E-46E6-A8C8-E78BF08ACC3D} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {E6392F7E-8094-4810-A3A2-612265F0F48F} - System32\Tasks\{F126331D-C6F2-47BE-94F5-C17820994183} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Recordpad\uninst.exe"
Task: {E738236C-04D2-4CBD-818D-A308E1376E2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {EBE10008-E34A-4FA2-A7D1-A5F7F0134090} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {ED36A8FB-B1CF-421E-8C67-F352A7A69286} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {F4FE48D0-691E-474D-9BF8-E1EE2DC18853} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FF5AE516-004E-406B-8236-DF11EE525F5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001Core.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107755742-302254199-1763176924-1001UA.job => C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com (http://www.008k.com)
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com (http://www.00hq.com)
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com (http://www.0scan.com)
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com (http://www.1-2005-search.com)
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com (http://www.1-domains-registrations.com)
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com (http://www.1000gratisproben.com)
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com (http://www.1001namen.com)
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com (http://www.100sexlinks.com)
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com (http://www.10sek.com)
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info (http://www.123fporn.info)
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com (http://www.123haustiereundmehr.com)
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com (http://www.123moviedownload.com)
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com (http://www.123simsen.com)
There are 7865 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.42.129
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Behringer UFX 1394 Control Panel.lnk => C:\Windows\pss\Behringer UFX 1394 Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => "C:\Users\Dad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Dad\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: smoother => C:\Users\Dad\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe
MSCONFIG\startupreg: SoftonicAssistant => "C:\Users\Dad\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{712D7705-28BD-444D-BB14-5C08AACD5F01}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25510813-0968-4D57-BADB-1614F2A92B15}] => (Allow) LPort=2869
FirewallRules: [{5F1AFC8C-6B84-4793-86F5-52029CD4189E}] => (Allow) LPort=1900
FirewallRules: [{A687E5CE-0A6E-4268-AFA0-7509E2AB6F25}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3E6FC240-35CB-4367-971D-76F632AE4C1F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{458FF205-4A97-49FB-AB17-2C16B022C60D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{B48A3653-063C-4BC6-9E97-F38F05A37958}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{29FD2029-71D3-48E8-9A43-DAB6570B0073}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{AD64C28E-86AE-46D5-A7DB-73F30240C1FD}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{4CA047AB-7B5E-4B91-BDB4-609E11399939}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{24B25CDC-08A1-4E14-B1DF-B7DC664138F1}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{CF2BC875-58A7-415E-A772-9CA44888D394}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{97F933F3-EC17-427B-8EBB-7F2D7A6D1CE1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E6E34D32-678E-4AE5-ACA1-6201219331F1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{FE719458-9E14-4060-855E-9B16B652E79C}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C729B18C-1248-4143-988D-C2F09B9245C3}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{7F3BAE04-783C-4EC4-A1D9-84B2328AD2F3}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B2925845-C727-459D-889B-3C18AB1F801E}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7D117006-121E-44D7-B8BD-0E9940813790}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2DE2F26-58C2-4E6F-B81E-A14D40EA6438}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4B19791-A9CE-47CD-B264-7747FE49518A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C403502F-E4EB-4619-9427-96A11B58CB6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C4C24F7-5407-4E4A-815A-FA6792CE86FF}] => (Allow) C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CC7FCCAA-A7D3-4B92-9FAA-0BF793787466}] => (Allow) C:\Users\Dad\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{4E9D1ED0-3352-49AE-B03F-E0D61A926463}C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3799D7BD-ED7E-417E-AC3A-D58D4BCC5F9C}C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dad\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{00FA12F1-DAD8-4C07-9208-596945587D51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7CF7ECB-94EB-4CA3-9A5E-67955BF062B0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0FF1312A-2580-4B26-8D5A-DB0969DA2781}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A2879CD7-982F-4A67-AF96-452BFA8A845E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{A233DB83-0FF4-43B0-A9C7-799A646CAD4D}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{D8D967FB-F64F-4D82-B01A-FD01759A176F}] => (Block) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{A647DBE1-C08B-4426-A9E9-E562C5D96E07}] => (Block) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{6C14CA77-F7A2-4BFA-9AA6-B4B755B72488}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B45F9804-68F4-4911-8E99-C25E05608776}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DEAE201-EDF8-4581-9FEC-B55FF1DE05E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C010860B-1221-44D6-A5DD-44E4E61D639E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{41C5339A-045B-4AAB-A3CB-52289801E44E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C23B3115-C863-4912-A619-7C08AD1BB5A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2A1967FA-454F-4E33-A005-33BD1ED4F954}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: 2.4G Wireless Mouse
Description: 2.4G Wireless Mouse
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft Teredo Tunneling Adapter #2
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2015 09:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xc34
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1248
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:10:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xcd0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:08:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1c0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:08:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1198
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xe4c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 09:06:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.1.5570, time stamp: 0x551e23ee
Faulting module name: mozalloc.dll, version: 37.0.1.5570, time stamp: 0x551e1536
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xb2c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/27/2015 08:38:20 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (04/27/2015 08:15:10 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Windows Backup).
Error: (04/27/2015 08:03:05 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Windows Backup).
System errors:
=============
Error: (04/27/2015 09:28:11 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5
Error: (04/27/2015 09:27:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (04/27/2015 09:18:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:18:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (04/27/2015 09:17:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (04/27/2015 09:17:47 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (04/27/2015 08:39:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.197.733.0).
Microsoft Office Sessions:
=========================
Error: (04/27/2015 09:26:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1c3401d080f60e3445f9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll54e588f4-ece9-11e4-a8c3-02060d5d6465
Error: (04/27/2015 09:25:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1124801d080f5fc555096C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3ea9a97b-ece9-11e4-a8c3-02060d5d6465
Error: (04/27/2015 09:10:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1cd001d080f3e71a394eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2f95ffa8-ece7-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:08:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa11c001d080f3a1faf7f9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlle1a2514d-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:08:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1119801d080f392fd58aeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld2fc0957-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1e4c01d080f3786648e6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc607bf39-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 09:06:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa1b2c01d080f2f3ab9fa4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla44217f7-ece6-11e4-bc1a-02060d5d6465
Error: (04/27/2015 08:38:20 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: K:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
Error: (04/27/2015 08:15:10 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: Windows Backup
Error: (04/27/2015 08:03:05 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: Windows Backup
CodeIntegrity Errors:
===================================
Date: 2015-02-04 10:01:31.601
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-04 10:01:31.585
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 6048.28 MB
Available physical RAM: 3932.85 MB
Total Pagefile: 12094.75 MB
Available Pagefile: 9973.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:702.11 GB) NTFS
Drive d: (AppDrv1) (CDROM) (Total:2.6 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D81C09C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
tashi did you see nothing in my logs? i resolved my hardware trouble i was having, but thought the way my pc was acting maybe something had got to it again.