admoskowitz

Thank You, for your time

Fixlog_23-02-2018 11.13.32.txt

mrt log attached everything seems fine now its rebooting better also mrt.log

adware cleaner log AdwCleaner[S0].txt

Malwarebytes log MB log.txt

I am a premium user been a premium user for literally years..thx for the assist Addition.txt FRST.txt

Hi my real time protection is off and I did not turn it off, it also will not turn back on. When I run a scan, the first time it found Malware which i quarantined, but now it will not complete the scan. The application keeps crashing 3/4 through the application scan portion.

OK got the sound working but i'm still getting the error code

Hi all, So my sound stopped working and when i go to the troubleshooter it won't open because of error code 0x80070057. Any Ideas? ADAM MOSKOWITZ

So the temp file permissions were all wrong I fixed that and here is the JRT report ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.3 (03.01.2015:1)OS: Windows 7 Home Premium x64Ran by Adam Moskowitz on Fri 03/13/2015 at 23:57:34.05~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Windows\Tasks\One-Click Optimizer.jobSuccessfully deleted: [File] "C:\Windows\couponprinter.ocx" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\pcdr"Successfully deleted: [Folder] "C:\Users\Adam Moskowitz\AppData\Roaming\getrighttogo"Successfully deleted: [Folder] "C:\Users\Adam Moskowitz\AppData\Roaming\pcdr"Successfully deleted: [Folder] "C:\Users\Adam Moskowitz\appdata\local\cre"Successfully deleted: [Folder] "C:\Users\Adam Moskowitz\appdata\locallow\pcdr"Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{000D507C-3048-40E4-8012-525E96A17C4D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{01021C9C-F9D1-4B48-9C56-9210FE351CDD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{026C2CB0-449B-4578-A464-8C91A128455E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{03B7F24E-F8F4-4FD8-8CB5-A3D71D79BCAE}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0427995E-F0B2-46DB-AAA9-B2AE070B6D19}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0558C999-6706-4C40-AEC0-D8DED31BE2C0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{056D6D16-1CBB-4CCA-9728-0FBCBCB7D72B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{05CACD65-21E3-4859-9AB9-E00F23571320}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{063D2B93-2876-4CDA-90AB-A8E17A739EB0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{06C7DB0D-D971-439E-978C-E9EF4C4E8E3B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{07281EB8-F19C-45BB-989D-FB144C4358C4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{07F55E19-5898-4368-A1AC-1C310B11EB47}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{08483340-925D-4E66-A860-8E674C77C293}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{08D948B6-B6C4-4E63-A793-0510F808FB3F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0AC73503-5155-486E-A55F-59A8001B8936}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0AE11731-0302-4E53-A978-B850859AB629}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0B58C092-EC56-4DCB-BB49-7D21592BE9A5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0B64EC32-F968-4B53-8599-922040CB3F62}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0C5FB10D-4051-4515-8CEE-696D49A2FF90}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0CB7162E-3602-4E64-8D71-7FA9EB117D0C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0DDD3765-2A5B-43FF-A7D7-C29FC0333735}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0DDDFCDB-D8BE-4872-B7D8-83583A5AF365}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0E81EE54-4501-4FE4-AA4F-543406DBB409}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0E8937B0-86DF-4133-B8D1-251E259CD58E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{0F239B98-2219-4909-9F4B-39267EB2F62F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{11755AAF-AC62-4253-B4D8-A2DB74518FB2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{13FCEA68-4898-4043-B895-2B1708420623}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{13FE84C5-4534-414B-8850-500D3B41E87B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{14B96742-E957-48BA-A39B-88D61FFD76CC}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{14D8B0C9-C057-4F64-8CA0-F9179A4A832E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1528F35D-5C9F-42B1-8E1F-04F31012119C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{156F96DD-A209-4AD0-B38B-501B20E524A6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{157D07BF-6F04-40B8-9128-4D458977C91C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{17112F92-4335-4AD6-A76A-88B4A9C0E67F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{17833186-AC23-44AD-8E72-75955C3DBA85}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{183FB95B-B9DB-4D5B-B95C-AB941469910C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{188743F3-7671-41E0-AFF4-910E1201DE25}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1898444C-93FA-4F7F-B317-71FFC98EEB32}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{18AC0D4F-61F7-4A21-995D-36EE500DEE0E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1902FE27-6EFA-4D2E-9F19-0D66420CA9C1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{192A5B9E-0372-4521-BF35-2D6DC737C014}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{19820643-11F6-4712-A97C-A645EBF4DCE3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{19BA5B39-1322-40E6-8528-BDB5AADAF203}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1A5BC0A9-1630-47F0-8266-500AB02B3AAF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1B512CD5-AC0A-4561-B2F5-10FB819492F3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1C3A5E8B-CB48-4D46-99CF-A8C6CCD439DA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1C582482-50B6-49AB-9794-09D3E5A14AC6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1DC3F6B3-C0E4-4671-8D27-62B3690496A9}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1E7AB1C7-5789-4F56-BA9F-94B733C5D06E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1F377E1A-1401-45AE-AF7D-EC19EEBB73F8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{1FF9573B-7A85-441A-97D2-B0A79A8352FC}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{205E713A-0277-414A-A2D0-F4025A43410F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{225689FA-69F4-4D65-94A8-1C7C78C7CE48}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2412FEF3-EB52-49FD-BEA1-4D590EE72EB4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{24BBCFB3-CC52-4477-9611-5511E480C914}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{261B011D-6C48-431C-9CE8-42C62CEE3485}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{26F893B5-B67C-4AE7-BE5C-45B9EA147324}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2791C56F-E728-457F-8971-E4904B4189D1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{29A0257D-A457-44E7-9045-7A71CC4F3090}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2AAE2112-6402-45E6-BD03-7983F0A20CA0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2B174D49-0C99-4EB4-B178-5F79917B1532}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2B86949B-6181-4AE7-8339-737173AB6272}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2BE0BB55-D857-4926-9A0B-66B4CDEA5476}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2C0C13D5-7C6B-48F0-BE10-AB9891BB0133}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2C10F028-42FB-49A8-8A69-D1E8EF21C111}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2CCCE347-D112-4DEB-8851-7A45C6BF4422}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2D0597CC-6B35-4E52-9DAD-C363F16F22E0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2D60FB70-1E53-4E40-9D79-BF315CC16F62}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2E2CA135-F05F-4444-8BA3-97037004211F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2E6C9C53-1B35-45A5-BEDC-40FBE0FC916C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{2FEDA26B-32C9-4B23-9571-C7AACF0F5CA4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{30B245E4-E598-4826-BBE3-CE17E60674AA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{30E321E7-6B6F-4857-A720-D0FE265B529C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{314450DB-5724-4F6F-AA23-DA4067389A82}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3158E651-0F62-46CB-B291-BB8EF715D517}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3227F38F-DE84-448D-AE03-20F5307EB701}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{32414D9F-C1B4-47D1-BD12-DEC2E0AECCA2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{32E87BE8-B7E8-4E6F-9E39-465C558E3856}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{33DAFD94-85EB-43B1-8455-F315FF891869}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3450C56D-1034-495A-8388-9F838F513AB7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{35093D84-5E64-4D02-802E-0ABBE5145B52}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{35179DDE-6329-4A4C-A94B-31C13FDE7DFC}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{35A9C5A4-B3E1-4F93-9AF6-4529AD0B5AB8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{36DA259E-3FEE-4B11-802A-E5E43BE0136B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3794B4BE-B661-4F43-92A3-2EE4FF49B28A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{384B1282-5F36-4D7B-9707-539CAC45E3CF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{38B5F33D-9DAF-4E36-970F-FA44CBC377B4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{39B1C3A4-4226-4B1C-88A4-BD35C9F1DF4E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{39CBC278-757F-4549-A0A7-9CEF642A2813}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{39EF24D4-0291-4288-838B-36F27331EB98}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3A6E2211-EAE7-49B1-A917-47D8B1A6CA33}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3C21B751-425D-45A4-A3B8-DDD9C17B271A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3C8C61E0-C808-4689-95B4-B4898AA4A52D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{3DE66BF2-5D90-42A6-9BEC-5373CEED41B7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{4027F8DF-F5BD-4AC9-A986-45215D6EA3B7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{40FC7DC0-559B-4125-BD56-CEE196884F35}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{44355711-69C9-47A1-A304-9A7EE6D9D556}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{44AF32D2-0E43-4D5B-8A74-A5D3833A4C90}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{45106DC5-024D-491F-8033-AE62672186E1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{464EEAA8-F067-4ECE-8E51-062580A46DEA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{474F6C74-518F-4859-8F69-C0EF46FD5BB3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{47B1DE10-0C25-4D58-8360-B6E72664DCE0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{48DDA5EE-34AA-40DF-A82C-D472A69CEA85}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{495E8C00-8841-4F2B-A643-7C8C79CEDEFF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{49780F5A-ABBE-4EAB-BF5E-E20A728A25E5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{4ACD165B-FB5D-4728-A7E2-5C504A184F2A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{4C7749FC-7B05-46AF-8052-D24332F32E4D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{4D78939D-F1C2-4BC1-9EBC-DC417A74B6D0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{4F523A6F-6BFD-49BA-A6C3-9B20235D88C1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{506F577F-598E-45AC-820F-896E418A2DFA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5163A3D0-9134-47FD-9CCA-10D159BA7FA4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{521386A0-B7BC-45BE-B015-F611A2A6C46D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{535ADEF2-455B-4DAE-BDA1-49B2DD53FFDA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{53C26096-623B-4186-BF9E-BE47000DEF02}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5436C92C-9684-492C-8DDC-3FB59CE530A5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{54F95958-FC25-47FC-910B-63ED12FBB0FA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5768A08A-970F-4DB4-BB24-BF7D15253D58}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{57D8A130-A09E-49CD-AC4D-8D7785671EDA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5867C17A-3BBC-4259-A1D8-3F462DE5470D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{58BECE83-8DAC-45CD-93D1-CBB502EED042}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{58E656CC-35D1-458F-B467-B58E194E4F0C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{59B0D3B9-2AE6-44C3-AA2F-0173E02BF176}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5A1963C7-1D54-4C77-90D1-8FB8BD50F63E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5A2A5FF1-E65C-472E-858F-58F1F0965189}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5A425791-0AFD-484B-9ED1-9AAABF31D1B7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5A62407D-073F-4E7F-AC47-588D0565B8A1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5BEE96B3-FDAD-4DC8-9B6D-D4CDB856E8FB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5C43D9E6-401B-4A0F-9068-16D45C27433F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5CD6F50F-53B4-41B1-BD25-B071A4E3A739}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5E1CD6E7-7C5B-4E31-8286-C420D51FC023}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5E1E1300-DEC3-47B4-9A4B-C8B94067A209}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{5E46946B-3C20-41A4-8B9A-DAEDBBD84DAD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{601DB2A1-6EBE-4293-A3B0-07A532CFC6C8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6037A755-1C99-466B-849E-83FBBFC9038C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{60D00CEB-E71F-4B87-BB40-DC6EAA78AB2E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{62DFB590-D9FD-4648-86D1-1EBFDEBF7E21}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{62E4C8A1-C177-409C-A73F-7A012E8DBA84}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{632C893E-6CBA-42AF-AEBC-B35310FECA10}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{64F791A3-5A6D-4831-99DF-4E5EC7550E2D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6546ECCD-533D-48AE-B6B8-A42261E72FE6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{65D8DAD9-5655-4F54-A4BA-5424716FF368}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{65F5AE1B-F51D-4865-B571-963998BBE4B0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{68F60E72-A481-4907-9AAC-C3876FE505A1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{692864AE-2FD5-4322-827D-7AB9543A0E8E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6A638634-5369-4D93-8BE0-15CB61502170}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6AA7BE64-66AB-4C8B-965E-B77CD2AEFE7A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6B8C2760-EB54-4D32-A4F3-E75F4F857EA6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6BE6CBB1-6D6B-48C2-B834-2B46DEF68CB8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6C2E2C13-8033-443D-B382-D25CCAB83DDD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6D820F1E-34F2-42E2-AE8E-88AAFFF9CB8C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6D8367E7-DE96-4BF5-B114-98B76B683127}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6DE2B38C-61D0-4C6D-A0E4-556076CCF6C1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6EF59361-E032-48E7-A0CB-4690856D0756}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{6F459EF7-CD71-4050-B6E8-646CC5D2C5A1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{70C50D12-6649-4454-9902-957A4B884236}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{710DAAFD-4A01-4140-BC15-54E4D3E6F9B6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{712A7856-C1CC-47A7-BDEE-F1EE3CDC779E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{713CC3D1-495D-4BEF-8A04-BAFF8CBE32B7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{71647B40-72F2-43EC-AC84-58FFCC03A89C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{720FC1A1-07CA-43EF-A9B3-0C6E5BBE424E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{72B51531-415B-468C-AE8E-A067B087D2AE}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7327CA67-DE3D-493F-9D9D-9BB09EA3C437}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{740CBCF5-0A1D-4F0D-BDD1-FD80A66CB2CB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7598406D-419C-4572-ABEA-918DD25F4E54}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7598F167-2217-422C-8D80-96754D7D88DA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{75A6C9D4-0797-4C3D-BBD6-D59EAA0C46B1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{75B6615F-F7FE-4A60-AEDF-92692EE4B38D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{75EFB2B2-3169-4D31-BF41-F34FA497A54A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{762E163E-D934-4A83-9861-9111C7D86B15}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{76301030-EE41-4574-BA0A-5986C64D24D9}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{76A6BC1F-9380-44B5-9CB4-DAC8F3DA3699}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{776BD222-BF9F-4F04-9D08-50F1F2F70254}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7785C4EB-A9B9-432F-A2EA-6F880CDA21BD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7792F176-C5F2-4410-9640-A2E029C9E393}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7AC60BED-7E31-44A2-9FCA-06D61E0D15A3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7C22262C-0BA1-4A7C-B313-8549C22B0D68}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7C97F43B-62F1-4154-B5F4-24B54B24310E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7CC8C9BB-80DA-4FD5-9851-E82431E36165}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7D27FC56-5BA0-4312-B4C2-F77D6C68694F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7DCFA4FA-47DB-42AF-92B1-FF5A62AD4F94}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7DF6E52E-A2D3-4830-8F21-4510332D6A0A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{7F619178-2BBA-4EE6-A597-D4B248B9C782}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8002FAD1-73BA-4434-AA0E-1246AA3A2824}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{810724CC-6B34-4D9C-8CAD-248A6DB98BE6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{813B54F1-F3E6-4BFD-82A7-3F036D5E181A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{81AB09A2-48AF-4A7A-83C0-3C2E6F09E31B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{831D7FCD-0472-4A87-BD1E-E386AF4D223F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8325DBB6-3CD8-4773-8D44-2C1646EABC6B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{84833024-07FC-41F8-B2C3-0BF676DDB1D2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{85F733B8-CC04-4FEA-8EBC-F1BE4B991F07}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{85FD429E-046A-4B93-AE1C-7240704D75DB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{87C2F9E8-56E3-4213-8A36-3030E981DED9}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{883EC1B6-D264-4566-B3FE-1BB6E2DED2D2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{886DC7F0-9E86-4817-8126-41318B679BD1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{88763CF9-F003-4D25-88BF-D6801ABED75A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{897F7D9D-2BAE-48F6-843A-A2F8696CE2CE}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8A4D0450-A2E7-47A2-B2BB-B211FFD2F250}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8B9C70BF-D7B9-47FF-A01A-78FA7E1D56B8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8BEAD261-D294-47C3-8087-385EE00D3174}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8C25A6FE-9D4F-44A6-AF1C-E25DA2441BB5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8C5E9E1C-A639-49E9-BCB6-124A71E8AD87}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8D9C01F7-A80E-4A7C-88E3-FBD76C430F78}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8EAF3515-7463-468A-8C70-061AC3BA9B7C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8FBD617A-EE17-47B2-AA55-513BA9880205}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8FDEE6EB-EF2A-46F7-8685-B55FBCBC7E6E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{8FEDC6FA-9D06-4632-9138-22DF7F6B970E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{906A070B-FFA8-4D56-A3BA-006CD70F8874}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9151A2F5-8FB4-40DF-85BB-97805A4A6A10}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{91B86238-EC33-445F-BA4D-DCEFC67C23A9}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{91DB68C7-94E3-4B61-B9C8-E99BD1729823}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9205989A-F9E0-4929-A23A-73C1E79ADF6E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{92EC6429-9BF1-4C03-8878-549E19E19F22}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{94635496-BA12-428D-9463-A9B404E4EE3E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{94A76ADE-2C70-46A8-9536-44BA16ECC207}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{94DB8F0D-2B0D-45F3-B713-E2F951EBABF1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{961B54FE-34DC-4CDE-9F5C-EA18F7E9AA0A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{963FE678-C397-4825-8603-6E3C3D045378}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9775E558-3C32-4C80-BEAB-30B7B568D02B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{98092B13-C271-4ACB-9A7A-4C12FD195081}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{98768B65-A62C-4349-B8C3-3C9C01C2E68C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{99A56939-9EEF-4D69-B51B-1B7A7D89FF4A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{99A85E9B-154E-4D46-9F57-4D72B8104504}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{99D61140-76B7-4383-9824-609D3A39AE36}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9A28DA18-75CB-4943-A125-28C86C84CE09}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9A63E7DC-DD3A-4B73-8DAB-1FE6D86CA6AF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9AB27DD1-8DF5-499C-84BD-788C66FE12FD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9BCA310D-E147-44B0-8FEF-1DFEF8DFF006}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9BF566C4-D6C5-4A3B-92D6-356DAD348C04}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9C3889CB-A1B3-47A8-9338-7858FC787FC4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9C5E2D91-888E-4DCA-81A7-81CDB1834001}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9DBEBBA6-CD02-4226-96E4-77D4451C39C4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9E075109-3AA9-44B9-94B4-80AFA9FF52B6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9E6D46DC-EF50-4D13-8A61-F6846E61DF22}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9EF04E75-D8AE-446C-A471-57129349ED2B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9F0B5011-EFEF-4E90-9938-96AD57346CD5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{9F567A17-5E76-4924-A524-010E054664C5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A08017A1-CB85-4DBD-954D-0D450FF907B4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A0D1BB0A-5748-4C85-8707-8DCD52AA6E96}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A1C0F9D3-F858-4939-9A6D-9034F0602FA0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A34647AB-8B04-42AA-84EC-C6C9C1D44AF7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A3AB9CE2-73FA-4770-B4C7-FE044DAEB952}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A3EACA88-93B6-4003-8707-8F0A55663511}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A4325FFD-C673-4850-8935-2D857D04A0AA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A51F6ACD-488D-4D8A-B16E-E56E1BE81D60}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A53DD3E7-A2F9-4DFD-9492-FE34C1608CE9}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A6488FCE-EA42-4CEF-A074-7D3DCBBA9944}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A7DACF73-2CCA-4F2D-891E-CD365FE27059}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A7F2303E-596A-4F7C-8D47-05F24ACFDC91}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{A9CBF366-A8A4-4D44-85BD-2873B0855287}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AA35B948-9ED4-4822-B24D-5872B01C80DA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AA385F63-3A76-43CE-A1CB-A92C14B8DCD8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AAA13305-1E20-4D9C-9222-DCB7D310EFE4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{ACDB3306-BF52-4A8B-9377-FC2DAF80250E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AD488C8F-275F-4E41-9A6F-88C2129CEE88}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AD757406-A207-4FD7-8862-7C383AF14899}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AD82AB15-123A-43CE-901E-095D77446046}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AE3EC6A6-3BE0-43F9-B8F2-FA35825DAE1F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AF0A9F02-8F74-49D1-8AC3-8DCF633AA84A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AF578A43-06CF-4743-9446-2B29FC9FF339}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AF72AC3A-506A-4812-A16C-AFDBE4924813}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AFB557B6-8BF0-4BD8-9961-73EC304746BB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AFCF549B-F253-436F-8DF4-7912A87BA0AD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{AFD9A6FF-7A02-48E9-8C05-000B50E5206B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B04F0E50-9A51-44FE-942B-34B70CE53BF3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B0EBEFD8-8645-4F3B-AB85-BFF04C0F6731}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B30FB725-D13C-48DA-8D44-99F2F7557DEA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B313EEAE-9558-4232-B2C4-849599AC8D24}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B65B2134-E641-42DE-9C20-0B35E8B50EDF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B65B53D5-660A-4BD1-969F-9FB8CD5D8265}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B686CEAC-F444-41B3-B5AE-2C3EB6B6C9F8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B68B98A9-14AB-4BD6-8DBF-6B8FAC97BA70}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B7400EE1-E9C2-4783-95E4-ACB4044238C3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{B84F7060-CC78-4EAD-BA41-7F05E418D178}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BA31D8C1-5B1D-48BA-8BBC-D8409D59A3DA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BA9AF1AF-C80C-4974-BBA1-7617CA611684}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BAF345A5-15D1-4D2A-A893-C6CA25777ABB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BB9928CA-AEDA-44DA-98AC-D67044F50B94}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BC22F430-AC80-41B2-BE33-BA9E4758E07E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BCBFEABB-8006-4640-B43C-C73A1FFF866F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BCE37517-66B6-4F6D-B760-E7D6BD090239}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BD36B471-6397-4E24-9C4C-E280DA8E8AC2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BD5441AD-0AB3-4ECC-9675-8D32206D072C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BDE81884-6097-41E7-B990-C4AA6FC5BBE7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BE3133ED-30AE-4F11-8340-C75E7498C1C0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BE42D1D4-9E5C-48FD-A6F7-1B22236E91CF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{BEC383C2-A355-4F34-B222-7818DC54665B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C013943B-14CF-419D-B15E-16BE4BEAD3BA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C02A8066-EF9E-4733-8997-AC6B0373B886}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C155421A-601C-4AEA-99AC-39EC0556736A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C2217172-C968-4EEB-A125-39D1F49DD684}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C24455CA-5D4E-445C-A019-8B47820410C3}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C30D91BC-EA26-40C5-B91C-D5C9B0B304AE}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C36803F7-0289-4738-AB0F-280138472D20}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C51BEACC-1D54-4C4D-93C2-D0108E688218}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C71D4393-CA96-4975-A8D0-D1067A2AD36E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C7CA19DF-02A6-4D54-8718-65AE8FCF9ACD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C8366F87-8F3E-4ED2-AF22-A7515FCE974D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C85A6911-7278-4D55-8D5E-151B61BDF7EB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C85AFC5A-2D4F-470E-8A3D-8A6DA3B5474D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{C8B234A7-6818-4AF1-B461-AAF59EB157C1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CA7AA064-2251-4777-8283-5FA87757EBCF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CAA4CA91-EF87-42D3-94FA-ABE7A189152E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CB92764F-73EE-4105-BC70-AADB3F6E6B15}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CBCEFC5C-57ED-4E15-8865-248C8BC43623}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CBE6F8A7-A937-455A-BB55-68953B974E83}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CC31EAA4-9491-457C-B0BE-D6F47B41C6FF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CDC37707-E1E7-4604-9EDE-CBEE32FDD7DF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CDDED12F-319E-4FCB-8F00-D14657575C4F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CDE4B272-7B98-4EF8-90B9-E6AC9A660D53}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CE81CC5D-19A4-4F38-B0E3-1F927195CFB0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{CFDB3D6E-ED20-4A58-8CC0-6E51F372BAE5}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D06FBB3A-5544-4C7B-8D21-2F51279F0C4F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D0E035A7-3FA4-4A7E-B9DC-310AF5EE64A2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D0F0A200-DD40-412F-939B-11EFC1B12E00}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D113D5CE-FD2E-4E0C-95D6-CB6846E0E828}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D11CB108-2A27-4E56-975F-F4F4615DE64A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D2136474-76F3-4417-8122-329B55C1719F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D25C414A-C435-4CF3-A02A-95F225058021}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D2D888E5-C8C5-40D7-AFFA-4A35C081E2A8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D2F49F9D-9E1A-4603-A1CE-AFF56841BEA4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D2F9DE4C-507D-4046-B236-6CD81E3D94DF}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D324821C-C133-434F-9220-63041A89503E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D51F9BF9-ED86-4EB7-A106-7666797B1F9B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D59759FB-9CA6-47B5-A4B2-F5A03D6A2BCE}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D5E6786C-332E-4BCE-99D1-76B4A647F4A7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D658606B-9BEF-486B-9429-380DE29F402F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D8EDE50B-2715-4C57-90C1-43766DB4B6A6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D9240C88-6C86-4A42-9096-2219DEB88A51}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D9777BDA-64E2-4CB5-93E4-87E1255E2656}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{D9D7B294-7B21-4629-BCC2-AA7B0498E92F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DAA47C8C-D96D-43F6-B965-84FB939B5A1C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DAA5D864-484F-487E-BEFD-70FB72FC5F5F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DBACD4EB-6DBA-4F72-93E3-A7480514C3E0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DD0EDE28-FB20-4194-A655-B2834AA724C0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DDA4AEA3-A087-4057-9986-30B031B246FA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DF05A370-13CD-4D6F-811C-64E8EB5F3637}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{DF2EE201-137B-4982-AB57-082E81878DBA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E030A544-69B0-4E00-A02F-038CBEC3EA1F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E1F6F169-DF7D-4149-9637-B6F0ABDB1A3A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E2DB514F-BBA3-4D26-9FC7-DDC1A0D9CA09}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E4043EBB-E3D2-4106-ACAA-0DC49325D0F0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E48E8A85-4AA0-4460-9D8A-8EBDC0C51BA2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E4AC18CF-70DC-495B-9B98-116151D718AA}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E688385F-ACFD-4C4E-9B5B-5E28D71FF0C0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E6A03343-825C-4AA3-B27A-8CB6E450BD5A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E7160122-78CD-47C3-9984-EA3F95D51035}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E77E629C-D96A-404A-BB01-531A583B989F}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E8588279-819C-43CB-9E38-09B75BBA78DD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{E88E4CBA-85A4-439F-9D38-59CABEA4B7C1}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EB1FD175-79FA-4665-B4C8-76A7DE13AEDB}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EC285295-DA2F-4499-930C-23E692749CB2}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EC6322B2-72E1-43C0-B6A2-9CAE3273F51B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{ED13EEAC-DE17-4866-BF97-1B4A303DC39B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EDF75D6D-6439-44C5-A6BA-28CAE3391184}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EE1E817F-38AA-47C6-8DA9-49686DFAB1B6}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{EED567AD-5E41-4C5C-91BE-A822AF8DD25D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F00F0C00-E15F-4451-88B9-8FFB79EAB2B8}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F0886117-3D97-4F35-9D31-7CEE14CE0E17}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F0A220BB-E5D1-46D5-94A3-C87A7978F17B}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F0FAC0E5-7334-48B2-B1EE-F7B48CD44863}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F1DB21B1-F7E3-4D98-BAC9-8A7A3D92415A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F1EF1538-70C9-44DA-BF6A-814E79E3F6E7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F24AC474-8EAA-4E28-AB9C-A4DC15C5F715}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F2B03DD9-84F6-4B7A-AA59-D436E348B14A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F2E8DB7A-B32A-45AF-ADB8-2BC5E337A7C7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F4176146-3861-4C0F-AA26-58EE50D2452E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F4CEF3DE-A9D2-4790-8AE2-6BF123F00263}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F5EA71FE-E9D1-4E53-A1E4-1604A3CBDF54}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F626F1DF-9FFA-40CF-920C-106BBADD5FE4}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F66EBB3C-1847-4DC1-B9FB-F6D1B1C5C977}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F76B71CF-4A9D-4139-9D01-9DBC9DD89E6D}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F7B638B0-D173-4C44-8930-24BDBFD0B7CD}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F8267DC2-9E2D-45AD-A361-D3E97DCAA9D0}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{F90B3A06-0C04-4F1A-93EE-4E3256E3B9A7}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FAEF74F9-2240-4C5D-B8E2-A407D64CE359}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FD1752DA-4F0B-47C3-8741-F2268435D931}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FD4B00D5-ECD2-4A2D-AF4F-03390474B85A}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FD4FC06E-0340-4904-AD91-963B7C9F0A1E}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FE6F7B2F-4775-4DB5-9B06-9D005B44AE7C}Successfully deleted: [Empty Folder] C:\Users\Adam Moskowitz\appdata\local\{FFD0373B-FE35-4D0A-B159-765F675F7C87} ~~~ Chrome Successfully deleted: [Folder] C:\Users\Adam Moskowitz\appdata\local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 03/14/2015 at 0:06:02.68End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

And something is filling up my hard drive, over 20gigs of space have disappeared in the last few days, this sounds trojany to me, but nothing is showing up on any scans accept the 2 things that showed up last night

Well there is a serious problem know which i think is causing the JRT issues also, and this did not start until we started messing with the system. any program that needs to create a temporary file to launch or load is not working.

My anti virus was disabled at the time but malewarebytes was not so i disabled that and got the same error, I also got the blue screen of death last night after I ran the final test and updated the forum, but everything seems to be fine, when i ran the hardware diagnostic everything passed

ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=f0cff372235abd4586f6a13badab4fe1 # engine=22887 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-03-13 07:58:26 # local_time=2015-03-13 12:58:26 (-0800, Pacific Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='avast! Internet Security' # compatibility_mode=779 16777213 85 72 0 190567596 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 0 177776956 0 0 # scanned=370291 # found=2 # cleaned=2 # scan_time=7578 sh=1BF7EED7A8FAA8641D423FB3ED91E2E490CF29D6 ft=0 fh=0000000000000000 vn="JS/Adware.Chromex.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Adam Moskowitz\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix\chrome\content\update.js" sh=BF298D1B6F619148EB7976899F13D5154A899F89 ft=1 fh=db2d43edec36c386 vn="a variant of MSIL/Adware.BHO.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Adam Moskowitz\AppData\Roaming\WinLive\MSWinLive.dll"

JRT will not run attached is the error well the screen clip i have taken i cant upload so accept that it will not create the temp file

# AdwCleaner v4.112 - Logfile created 12/03/2015 at 22:14:26 # Updated 09/03/2015 by Xplode # Database : 2015-03-05.1 [server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Adam Moskowitz - MINAUROS # Running from : C:\Users\Adam Moskowitz\Desktop\Recovery\AdwCleaner.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\StarApp Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons Folder Deleted : C:\Program Files (x86)\freestar Folder Deleted : C:\Users\Adam Moskowitz\AppData\Local\eSupport.com Folder Deleted : C:\Users\Adam Moskowitz\AppData\Local\PackageAware Folder Deleted : C:\Users\Adam Moskowitz\AppData\Local\DriverTuner Folder Deleted : C:\Users\Adam Moskowitz\AppData\Roaming\Search Protection Folder Deleted : C:\Users\Adam Moskowitz\AppData\Roaming\catalina – print savings Folder Deleted : C:\Users\Adam Moskowitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings Folder Deleted : C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\eSupport.com Key Deleted : HKCU\Software\DriverTuner_Init Key Deleted : HKCU\Software\DriverTuner Key Deleted : HKLM\SOFTWARE\PIP Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.10 ***** [ Web browsers ] ***** -\\ Internet Explorer v10.0.9200.17267 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [3491 bytes] - [12/03/2015 22:06:37] AdwCleaner[s0].txt - [2959 bytes] - [12/03/2015 22:14:26] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3018 bytes] ##########

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Adam Moskowitz at 2015-03-12 21:53:38 Run:2 Running from C:\Users\Adam Moskowitz\Desktop\Recovery Loaded Profiles: Adam Moskowitz (Available profiles: Adam Moskowitz & Guest) Boot Mode: Normal ============================================== Content of fixlist: ***************** start HKLM-x32\...\Run: [browserAppCoreService] => C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\SahProcessManager.exe [55808 2013-08-26] (ShopAtHome.com) C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [178160 2014-08-28] (Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe C:\Program Files (x86)\Coupons S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X] C:\Users\Adam Moskowitz\IP_Log_Data.js C:\Users\Adam Moskowitz\Network_Meter_Data.js C:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoff_n4.dll Task: {BDBAFEB0-60CC-463B-BCC0-B7C435375E0A} - \YourFile DownloaderUpdate No Task File <==== ATTENTION AlternateDataStreams: C:\Users\Adam Moskowitz\Desktop\new music:com.dropbox.attributes AlternateDataStreams: C:\ProgramData\Temp:66E02052 EmptyTemp: end ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BrowserAppCoreService => value deleted successfully. "C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service" directory move: Could not move "C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service" directory. => Scheduled to move on reboot. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. CouponPrinterService => Service stopped successfully. CouponPrinterService => Service deleted successfully. C:\Program Files (x86)\Coupons\CouponPrinterService.exe => Moved successfully. C:\Program Files (x86)\Coupons => Moved successfully. catchme => Service deleted successfully. cpudrv64 => Service deleted successfully. C:\Users\Adam Moskowitz\IP_Log_Data.js => Moved successfully. C:\Users\Adam Moskowitz\Network_Meter_Data.js => Moved successfully. "C:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoff_n4.dll" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDBAFEB0-60CC-463B-BCC0-B7C435375E0A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDBAFEB0-60CC-463B-BCC0-B7C435375E0A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate" => Key deleted successfully. C:\Users\Adam Moskowitz\Desktop\new music => ":com.dropbox.attributes" ADS removed successfully. C:\ProgramData\Temp => ":66E02052" ADS removed successfully. EmptyTemp: => Removed 174.5 MB temporary data. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-12 21:58:37)<= C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service => Is moved successfully. ==== End of Fixlog 21:58:37 ====

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01 Ran by Adam Moskowitz at 2015-03-09 22:56:28 Running from C:\Users\Adam Moskowitz\Desktop\Recovery Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Aegon Illustration System (HKLM-x32\...\{D612E338-A871-4655-9E7A-13A4378F7813}) (Version: 4.24.15.0 - Insurance Technologies, LLC) AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels) Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2005679358.48.56.37426554 - Audible, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) AxCrypt 1.7.2976.0 (HKLM\...\{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}) (Version: 1.7.2976.0 - Axantum Software AB) Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.) Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - ) Brother MFL-Pro Suite MFC-8710DW (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-9970CDW (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.) Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION Catan (HKLM-x32\...\Steam App 239410) (Version: - United Soft Media) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version: - ) CDex extraction audio (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix) Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) CopyTrans Suite Remove Only (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\CopyTrans Suite) (Version: 2.36 - WindSolutions) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.10) (Version: 5.0.0.10 - Coupons.com Incorporated) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - ) Dell Data Vault (Version: 4.1.9.0 - Dell Inc.) Hidden Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Digital Delivery (HKLM-x32\...\{3612B0B9-F731-4B94-9356-E224AC552801}) (Version: 2.1.1000.0 - Dell Products, LP) Dell Driver Download Manager (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.1.56462 - Dell) Dell System Detect (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.3.5.0 - Synaptics Incorporated) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.46 - Creative Technology Ltd) DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - ) DisplayLink Core Software (HKLM\...\{89E40591-0404-4769-88E7-F649C95AE151}) (Version: 7.6.56275.0 - DisplayLink Corp.) DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - ) Dropbox (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.) DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version: - ) ENE CIR Receiver Driver (HKLM\...\5BE74FAF8B71B55799C66E3EB9EC445661B81DFD) (Version: 3.7.0.0 - ENE) ePadLink ePad 11.1 (HKLM-x32\...\InstallShield_{9B954C9B-2842-42B7-A815-6C4D05FA649F}) (Version: 11.1.11628 - ePadLink) ePadLink ePad 11.1 (x32 Version: 11.1.11628 - ePadLink) Hidden eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - ) FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - ) Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free MP4 To MP3 Converter (HKLM-x32\...\{7300E38D-E910-4E66-A2F7-2DF2EF45C54E}) (Version: 1.0.0 - Convert Audio Free) Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - ) Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios) Google Chrome (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google) Google+ Auto Backup (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.) GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.2.0.822 - Citrix Online, a division of Citrix Systems, Inc.) GoToMeeting 7.1.1.2392 (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\GoToMeeting) (Version: 7.1.1.2392 - CitrixOnline) Gtk# for .Net 2.12.10 (HKLM-x32\...\{04AE3BBC-ABFF-42CC-9F90-5B35D229328A}) (Version: 2.12.10 - Xamarin, Inc.) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Happy Cloud Client (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.) Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - ) InfraRecorder 0.52 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0052-000001000000}) (Version: 0.52.00.00 - Christian Kindahl) Install LoJack for Laptops (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0.39 - Absolute Software) IntegriSign Desktop (x32 Version: 11.1 - ePadLink) Hidden IntegriSign Desktop 11.1 R1403 (HKLM-x32\...\{774DE618-F4A2-43FA-A3DE-46BF334B6357}) (Version: 11.1 - ePadLink) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) join.me (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\JoinMe) (Version: 1.17.0.131 - LogMeIn, Inc.) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden K-Lite Codec Pack 9.1.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.1.0 - ) K-Lite Mega Codec Pack 9.0.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.0.2 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LAV Filters 0.61.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.1 - Hendrik Leppkes) Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version: - ) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation) Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MP3MyMP3 4.1 (HKLM-x32\...\MP3MyMP3_is1) (Version: - Bruce McArthur) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nationwide Life Illustrator 2.4.0.16 (HKLM-x32\...\Nationwide Life Illustrator) (Version: 2.4.0.16 - Nationwide) Navigator 13.30 (x32 Version: 13.30 - Pacific Life) Hidden Navigator 14.10 (x32 Version: 14.10 - Pacific Life) Hidden Navigator 14.30 (x32 Version: 14.30 - Pacific Life) Hidden Navigator 14.40 (x32 Version: 14.40 - Pacific Life) Hidden Navigator 15.10 (HKLM-x32\...\Navigator 15.10) (Version: 15.10 - Pacific Life) Navigator 15.10 (x32 Version: 15.10 - Pacific Life) Hidden NetX360v2 (HKLM-x32\...\{0F93D447-0851-42BB-B169-B19DD47B9FDB}) (Version: 4.1.1272.6 - Pershing) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - ) OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - ) OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - ) PCGen6001 (HKLM-x32\...\PCGen6001) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.) PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software) QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7101 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SoundTaxi 4.3.8 (HKLM-x32\...\SoundTaxi_is1) (Version: 4.3.8 - cyan soft ltd) SoundTaxi Media Suite 4.3.8 (HKLM-x32\...\{EF4C657F-632F-4CED-A220-F4C1C724241C}_is1) (Version: 4.3.8 - cyan soft ltd) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version: - Nomad Games Limited) TERA (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\teraenmasse) (Version: - ) Transamerica Life Products Illustration System - TransWare (HKLM-x32\...\InstallShield_{F3C77603-C901-4F75-987C-5BFCC19E1362}) (Version: 17.70.1133 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System - TransWare (x32 Version: 17.70.1133 - Transamerica Insurance and Investment Group) Hidden Transamerica Life Products Illustration System - TransWare WFG (HKLM-x32\...\InstallShield_{F092B744-4D6C-4A68-BA57-DAC37D83A54A}) (Version: 16.40.1065 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System TransWare Prerequisite V3.0 (HKLM-x32\...\InstallShield_{A7FF92D8-D7AF-402D-83D5-3FBC7E1EDFF4}) (Version: 10.00.0000 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System TransWare Prerequisite V3.0 (x32 Version: 10.00.0000 - Transamerica Insurance and Investment Group) Hidden TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) Voya Presents (HKLM-x32\...\{DFA53156-15FA-413F-9393-9ED38AF1E400}) (Version: 1.1.381 - Voya) WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{F6FE3205-7737-4772-9017-C7ACD8A5561C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI) Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI) Windows Driver Package - Intel (MEIx64) System (09/05/2013 9.5.15.1730) (HKLM\...\F98E078C999BA86CEEC91CEA311B72C87BD5B8BF) (Version: 09/05/2013 9.5.15.1730 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\3217B9A82A0DA65403CDBC1201521A5A89CA30B0) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\A407B55DF46FB0EC67FBA1F9E59A2070FBA6AB51) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\F9896E3572C670F73505CCC79DE5C1CAFD3323BE) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel USB (07/25/2013 9.2.0.1035) (HKLM\...\5440E99AD8CDDC888AEBFCF0DC65C990C0437319) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Synaptics (SynTP) Mouse (04/29/2011 15.3.5.0) (HKLM\...\50FA4D39375145CADEF24334B6ECB241E5DE978E) (Version: 04/29/2011 15.3.5.0 - Synaptics) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 9.5.0 - Inmatrix LTD) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{3ce0edac-95b9-48c3-afcf-495417920263}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{6c477fd9-33a3-4d23-a0fc-897aea92a50c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 24-01-2015 16:43:21 Scheduled Checkpoint 27-01-2015 10:54:39 Windows Update 27-01-2015 23:45:42 avast! antivirus system restore point 30-01-2015 10:58:48 Windows Update 03-02-2015 07:53:14 Windows Update 06-02-2015 09:15:44 Windows Update 10-02-2015 15:48:55 Windows Update 11-02-2015 01:18:37 Windows Update 12-02-2015 11:02:05 Windows Update 13-02-2015 04:00:45 Windows Update 15-02-2015 18:16:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 15-02-2015 18:17:37 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 17-02-2015 12:51:11 Windows Update 24-02-2015 15:17:08 Windows Update 25-02-2015 04:00:47 Windows Update 25-02-2015 12:37:05 Windows Update 02-03-2015 04:00:56 Windows Update 02-03-2015 14:10:39 Configured Transamerica Life Products Illustration System - Tran¾„v‰¾„v‰·M'¥*/´('Õ*'Õ*·oöRîÛ#l 04-03-2015 16:31:09 WD SmartWare Installer 04-03-2015 16:36:27 WD SmartWare Installer 06-03-2015 12:35:55 Windows Update 07-03-2015 04:00:43 Windows Update 09-03-2015 22:38:59 avast! antivirus system restore point 09-03-2015 22:41:45 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2014-11-10 18:09 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0D2FC5AD-18A9-48AF-AE14-D88FA7AEB725} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-02-19] (Microsoft) Task: {1E9CEC7D-4286-4659-A774-262BC0360074} - System32\Tasks\{471DABA8-46F9-4DED-9565-330211389537} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {1F5F206C-3E26-4767-885B-1AD626ABCF22} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {2243D9E2-30E2-4E59-87B5-D68029130330} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {38B1A911-7A47-4695-BB81-EC20839EECB1} - System32\Tasks\{0FFDBF66-24ED-4285-95F5-FFD35734AF13} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/219850 Task: {56F38BEE-988B-45AF-8FA8-1030169AAE4D} - System32\Tasks\{767686A6-3DD6-4CC3-BA6B-8A28D333A5FA} => C:\Users\Adam Moskowitz\Desktop\PFSDB.exe Task: {63C0259C-E379-4924-896F-515CF5403E95} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {73135D96-88E4-4A48-9F4D-D19664EE8F68} - System32\Tasks\{65282373-A829-4A22-B430-A79272ACC3C6} => pcalua.exe -a "C:\Users\Adam Moskowitz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KUU1IZ4K\setup.exe" -d "C:\Users\Adam Moskowitz\Desktop" Task: {76C05267-F40A-400C-8BE5-CA1AF8A5AAF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-27] (AVAST Software) Task: {7D4DF620-3206-47E7-8272-BD64666D1D83} - System32\Tasks\{EB45CF5F-77C4-42C2-85D9-21F3FC368067} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {7FE89C12-C085-4D69-88BF-C43A179693EB} - System32\Tasks\{ED62953E-865A-43C8-BEA6-788B6B8D1570} => pcalua.exe -a "C:\Program Files (x86)\NoteBurner\unins000.exe" Task: {815A4586-1B08-4CD9-B857-8AE5E4EE029D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {87711227-EF67-453A-9C1F-D65FA14C0662} - System32\Tasks\{B8D0C1C5-6B12-48EA-A342-4D446F53826B} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\DotNetFX\dotnetfx3_x64.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\DotNetFX" Task: {8A201777-F638-4022-8601-0D2D45C62283} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG) Task: {8BDD627E-0F7B-4ABF-BB37-1C83A861025A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.) Task: {8E85184E-DD8D-49D0-BAB8-BD8AE38F41FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {96438B6F-5831-4C6C-9F53-779AF9D2D53B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {9A4020B4-9DFE-4F8A-8BA5-D39FC46A8240} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {9BEE2DE4-0240-4584-B26E-80698399357C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.) Task: {A4CE05D1-E060-4868-9EE8-CB7C42DF79A1} - System32\Tasks\{95BD8F0A-D625-416E-8F30-B9FC2CFBC46F} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {AEA2AA44-8950-4281-9EFF-D0E7D97D569C} - System32\Tasks\Reset ShopAtHome BAC => C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\SahProcessManager.exe [2013-08-26] (ShopAtHome.com) Task: {BDBAFEB0-60CC-463B-BCC0-B7C435375E0A} - \YourFile DownloaderUpdate No Task File <==== ATTENTION Task: {BEF7DB9A-9029-4AF8-A6EE-5D5FD12FA75B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {C0362199-4CF9-43A4-A69A-A8140A7680C3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-13] (Microsoft Corporation) Task: {C1CF1E18-E42E-4984-8A4E-BA4DC9EE7F52} - System32\Tasks\{9DE82508-F2E6-461E-9F06-538C2A413CC7} => C:\Users\Adam Moskowitz\Desktop\PFSDB.exe Task: {C54FDFBB-DBC8-4122-A4BD-7FD84960C51D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {DFA8F19E-41B7-48E8-AFEC-CB5DED0DCA7C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2677679354-1192122103-4054240909-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\2392\g2mupdate.exe [2015-02-27] (Citrix Online, a division of Citrix Systems, Inc.) Task: {FDF62594-7FA9-4973-94A1-DE81942F94ED} - System32\Tasks\{3BB9A3CF-92DC-4653-ADA6-B31F9AAC1C3A} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2677679354-1192122103-4054240909-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\2392\g2mupdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core.job => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA.job => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe ==================== Loaded Modules (whitelisted) ============== 2012-04-16 10:19 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll 2014-09-19 16:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-02-24 20:27 - 2014-12-23 12:53 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-05-01 17:19 - 2010-03-15 16:18 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2012-01-21 05:26 - 2011-07-20 06:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-01-27 23:49 - 2015-01-27 23:49 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-01-27 23:49 - 2015-01-27 23:49 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-03-06 12:23 - 2015-03-06 12:23 - 02919424 _____ () C:\Program Files\AVAST Software\Avast\defs\15030601\algo.dll 2015-01-27 23:49 - 2015-01-27 23:49 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-03-09 22:43 - 2015-03-09 22:43 - 02920960 _____ () C:\Program Files\AVAST Software\Avast\defs\15030901\algo.dll 2015-02-24 20:27 - 2014-12-23 11:08 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2015-02-10 14:00 - 2015-02-10 14:00 - 00750080 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-09 22:39 - 2015-03-09 22:39 - 00043008 _____ () c:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoff_n4.dll 2015-02-10 14:00 - 2015-02-10 14:00 - 00047616 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-02-10 14:00 - 2015-02-10 14:00 - 00865280 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-02-10 14:00 - 2015-02-10 14:00 - 00200704 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2012-11-14 19:06 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-01-27 23:49 - 2015-01-27 23:49 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-19 16:11 - 2015-02-17 15:44 - 01117512 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-19 16:11 - 2015-02-17 15:44 - 00211272 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-19 16:11 - 2015-02-17 15:44 - 09171272 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Adam Moskowitz\Desktop\new music:com.dropbox.attributes AlternateDataStreams: C:\ProgramData\Temp:66E02052 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam Moskowitz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AEG ForeSight Startup Services.lnk => C:\Windows\pss\AEG ForeSight Startup Services.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Adam Moskowitz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup MSCONFIG\startupreg: Uninstall C: => ==================== Accounts: ============================= Adam Moskowitz (S-1-5-21-2677679354-1192122103-4054240909-1000 - Administrator - Enabled) => C:\Users\Adam Moskowitz Administrator (S-1-5-21-2677679354-1192122103-4054240909-500 - Administrator - Disabled) ASPNET (S-1-5-21-2677679354-1192122103-4054240909-1007 - Limited - Enabled) Guest (S-1-5-21-2677679354-1192122103-4054240909-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-2677679354-1192122103-4054240909-1021 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (03/09/2015 10:38:47 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (03/09/2015 08:16:56 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (03/09/2015 05:29:41 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (03/09/2015 02:53:15 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (03/06/2015 00:22:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CouponPrinterService.exe, version: 6.0.2.1, time stamp: 0x53ff76f2 Faulting module name: ole32.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7c92c Exception code: 0xc0000005 Fault offset: 0x000000000000d89e Faulting process id: 0x9c0 Faulting application start time: 0xCouponPrinterService.exe0 Faulting application path: CouponPrinterService.exe1 Faulting module path: CouponPrinterService.exe2 Report Id: CouponPrinterService.exe3 Error: (03/05/2015 07:46:22 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (03/04/2015 05:02:31 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (03/04/2015 04:28:13 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. Invalid Xml syntax. Error: (03/04/2015 00:38:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2015/03/04 11:38:12.077]: [00006564]: Initialize TwdsMain Class failed! Error: (03/04/2015 00:38:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2015/03/04 11:38:12.077]: [00006564]: ##### Fatal ERROR!! Create STI-device failed! ##### System errors: ============= Error: (03/09/2015 10:57:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (03/09/2015 10:47:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (03/09/2015 10:47:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (03/09/2015 10:44:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.193.1828.0). Error: (03/09/2015 10:39:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (03/09/2015 10:38:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Bluetooth Media Service service failed to start due to the following error: %%1053 Error: (03/09/2015 10:38:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Media Service service to connect. Error: (03/09/2015 10:38:18 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053Bluetooth Media Service{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA} Error: (03/09/2015 10:37:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (03/09/2015 10:37:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (03/09/2015 10:38:47 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.ManifestC:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.Config0 Error: (03/09/2015 08:16:56 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.ManifestC:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.Config0 Error: (03/09/2015 05:29:41 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.ManifestC:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.Config0 Error: (03/09/2015 02:53:15 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (03/06/2015 00:22:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: CouponPrinterService.exe6.0.2.153ff76f2ole32.DLL6.1.7601.175144ce7c92cc0000005000000000000d89e9c001d056d75e40f723C:\Program Files (x86)\Coupons\CouponPrinterService.exeC:\Windows\system32\ole32.DLL1409dedf-c436-11e4-b0ba-4c80939b333f Error: (03/05/2015 07:46:22 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (03/04/2015 05:02:31 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.ManifestC:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.Config0 Error: (03/04/2015 04:28:13 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.ManifestC:\Users\Adam Moskowitz\AppData\Local\Apps\2.0\NZ453D5D.65O\GWHV1G5E.KGL\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe.Config0 Error: (03/04/2015 00:38:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2015/03/04 11:38:12.077]: [00006564]: Initialize TwdsMain Class failed! Error: (03/04/2015 00:38:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2015/03/04 11:38:12.077]: [00006564]: ##### Fatal ERROR!! Create STI-device failed! ##### CodeIntegrity Errors: =================================== Date: 2013-05-30 16:14:58.704 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.657 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.610 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.564 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 15:55:23.096 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 15:55:23.049 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5-2450M CPU @ 2.50GHz Percentage of memory in use: 52% Total physical RAM: 6038.17 MB Available physical RAM: 2878.14 MB Total Pagefile: 12074.52 MB Available Pagefile: 8474.5 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:84.74 GB) NTFS Drive d: (W7SP1_HOMEPREMIUM) (CDROM) (Total:5.23 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E) Partition 1: (Not Active) - (Size=102 MB) - (Type=DE) Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01 Ran by Adam Moskowitz (administrator) on MINAUROS on 09-03-2015 22:55:37 Running from C:\Users\Adam Moskowitz\Desktop\Recovery Loaded Profiles: Adam Moskowitz (Available profiles: Adam Moskowitz & Guest) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: "https://webmail.smarshconnect.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.smarshconnect.com%2fowa%2f", "https://mail.google.com/mail/?uip=1#inbox", "https://us-mg0.mail.yahoo.com/neo/launch?.rand=353kl63sp8ce8" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-20] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21] CHR Extension: (YouTube) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-10] CHR Extension: (Adblock Plus) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-01] CHR Extension: (Google Search) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-10] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-03-04] CHR Extension: (Google Calendar) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-04-10] CHR Extension: (Mahjong Solitaire) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogmadihniohlnmipdhchaoagjhfnohc [2014-06-15] CHR Extension: (Classic Games) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbofnbeakdognkanffmpldbjgkblljkh [2014-07-21] CHR Extension: (Avast Online Security) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-04] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-04-10] CHR Extension: (Cisco WebEx Extension) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2014-12-16] CHR Extension: (Solitaire Games - World Collection) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmleklkkbobaonglkhkedkjofilkfjk [2014-07-21] CHR Extension: (Skype Click to Call) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-13] CHR Extension: (Solitaire) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2014-06-15] CHR Extension: (Google Wallet) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-12-24] CHR Extension: (Gmail) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-10] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-27] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] StartMenuInternet: Google Chrome - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-27] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-27] (Avast Software) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-14] (Microsoft Corporation) R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [178160 2014-08-28] (Coupons.com Inc.) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.) S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [File not signed] S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-07-09] (DisplayLink Corp.) S3 GSService; C:\Windows\SysWOW64\GSService.exe [252928 2012-05-31] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MSSQL$ITSQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor) S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed] R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) S3 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-11-19] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-27] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-27] () R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation) S3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.56275.0.sys [46384 2014-07-10] () R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-09] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed] R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-27] (Avast Software) S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-09 22:42 - 2015-03-09 22:42 - 00000197 _____ () C:\Windows\system32\2015-03-10-05-42-42.070-AvastVBoxSVC.exe-7272.log 2015-03-09 22:42 - 2015-03-09 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-03-09 22:41 - 2015-01-27 23:49 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-03-05 15:28 - 2015-03-09 22:35 - 00000056 _____ () C:\Windows\setupact.log 2015-03-05 15:28 - 2015-03-05 15:28 - 00000000 _____ () C:\Windows\setuperr.log 2015-03-05 12:46 - 2015-03-05 12:46 - 00000222 _____ () C:\Users\Adam Moskowitz\Desktop\Goat Simulator.url 2015-03-04 19:18 - 2015-03-04 19:18 - 00209148 _____ () C:\Users\Adam Moskowitz\Desktop\Test Event Logs - Extended System Test.html 2015-03-04 17:25 - 2014-06-15 23:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2015-03-04 17:25 - 2014-06-15 23:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2015-03-04 17:05 - 2015-03-04 17:05 - 00000197 _____ () C:\Windows\system32\2015-03-05-00-05-48.093-AvastVBoxSVC.exe-4856.log 2015-03-04 16:35 - 2015-03-04 16:35 - 00000000 ____D () C:\Program Files\Western Digital 2015-03-04 16:28 - 2015-03-04 16:28 - 00000197 _____ () C:\Windows\system32\2015-03-04-23-28-40.073-AvastVBoxSVC.exe-4984.log 2015-03-03 17:37 - 2015-03-03 17:37 - 00050688 _____ () C:\Users\Adam Moskowitz\Downloads\1A12.tmp 2015-03-02 15:43 - 2015-03-02 15:43 - 00000197 _____ () C:\Windows\system32\2015-03-02-22-43-15.050-AvastVBoxSVC.exe-4452.log 2015-03-02 10:14 - 2015-03-02 10:14 - 00005722 _____ () C:\Users\Adam Moskowitz\Desktop\Rogue Squadron - Shortcut.lnk 2015-02-25 12:45 - 2015-02-25 12:45 - 00000197 _____ () C:\Windows\system32\2015-02-25-19-45-01.006-AvastVBoxSVC.exe-3156.log 2015-02-25 12:43 - 2015-03-09 22:37 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat 2015-02-25 12:11 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-25 12:11 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-25 12:11 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-25 12:11 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-25 04:24 - 2015-02-25 04:24 - 00000197 _____ () C:\Windows\system32\2015-02-25-11-24-18.023-AvastVBoxSVC.exe-1624.log 2015-02-25 04:01 - 2015-01-08 16:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 04:01 - 2015-01-08 16:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-21 16:19 - 2015-02-21 16:19 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-02-21 16:13 - 2015-02-21 16:13 - 00000197 _____ () C:\Windows\system32\2015-02-21-23-13-41.054-AvastVBoxSVC.exe-5564.log 2015-02-19 18:38 - 2015-03-01 18:02 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\New folder 2015-02-19 11:14 - 2015-02-19 11:14 - 00000197 _____ () C:\Windows\system32\2015-02-19-18-14-23.007-AvastVBoxSVC.exe-5460.log 2015-02-15 18:41 - 2015-02-15 18:41 - 00000219 _____ () C:\Users\Adam Moskowitz\Desktop\Portal 2.url 2015-02-15 18:19 - 2015-02-15 18:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-02-15 18:19 - 2015-02-15 18:19 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-02-13 14:06 - 2015-03-05 21:22 - 00000426 _____ () C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job 2015-02-13 14:06 - 2015-02-26 22:58 - 00000000 ____D () C:\ProgramData\SupportAssistAgent 2015-02-13 14:06 - 2015-02-13 14:06 - 00003248 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate 2015-02-13 13:13 - 2015-02-13 13:13 - 00000197 _____ () C:\Windows\system32\2015-02-13-20-13-47.038-AvastVBoxSVC.exe-1712.log 2015-02-13 12:53 - 2015-02-13 12:53 - 00000280 _____ () C:\Windows\system32\2015-02-13-19-53-06.029-aswFe.exe-10012.log 2015-02-13 12:39 - 2015-03-06 12:23 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2677679354-1192122103-4054240909-1000.job 2015-02-13 12:39 - 2015-02-27 18:18 - 00003604 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2677679354-1192122103-4054240909-1000 2015-02-13 01:06 - 2015-02-13 01:06 - 00000197 _____ () C:\Windows\system32\2015-02-13-08-06-02.041-AvastVBoxSVC.exe-712.log 2015-02-12 12:28 - 2015-02-12 12:29 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-28-51.056-AvastVBoxSVC.exe-2636.log 2015-02-11 11:25 - 2015-01-22 22:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-11 11:25 - 2015-01-22 21:27 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 11:11 - 2015-02-11 11:11 - 00000197 _____ () C:\Windows\system32\2015-02-11-18-11-41.086-AvastVBoxSVC.exe-4944.log 2015-02-10 15:56 - 2015-02-03 20:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-10 15:56 - 2015-02-03 20:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-10 15:56 - 2015-02-03 20:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-10 15:56 - 2015-02-03 20:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-10 15:56 - 2015-02-03 20:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-10 15:56 - 2015-02-03 20:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-10 15:56 - 2015-02-03 20:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-10 15:56 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-10 15:56 - 2015-01-15 01:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-10 15:56 - 2015-01-15 01:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-10 15:56 - 2015-01-15 01:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-10 15:56 - 2015-01-15 01:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-10 15:56 - 2015-01-15 01:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-10 15:56 - 2015-01-15 01:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-10 15:56 - 2015-01-15 01:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-10 15:56 - 2015-01-15 01:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-10 15:56 - 2015-01-15 01:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-10 15:56 - 2015-01-15 01:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-10 15:56 - 2015-01-15 01:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-10 15:56 - 2015-01-15 00:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-10 15:56 - 2015-01-15 00:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-10 15:56 - 2015-01-15 00:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-10 15:56 - 2015-01-15 00:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-10 15:56 - 2015-01-15 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-10 15:56 - 2015-01-15 00:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-10 15:56 - 2015-01-14 21:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-10 15:56 - 2015-01-12 20:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-10 15:56 - 2015-01-12 19:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-10 15:55 - 2015-01-13 23:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-10 15:55 - 2015-01-13 23:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-10 15:55 - 2015-01-13 23:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-10 15:55 - 2015-01-13 23:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-10 15:55 - 2015-01-13 22:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-10 15:55 - 2015-01-13 22:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-10 15:55 - 2015-01-13 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-10 15:55 - 2014-12-11 22:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-10 15:55 - 2014-12-11 22:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-10 15:55 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-10 15:55 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-10 15:55 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-10 15:55 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-10 15:55 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-10 15:55 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-10 15:53 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-10 15:53 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-10 15:51 - 2015-01-08 19:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-10 15:50 - 2015-01-12 23:58 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-10 15:50 - 2015-01-12 22:00 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-10 15:49 - 2015-01-12 23:59 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-10 15:49 - 2015-01-12 23:59 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-10 15:49 - 2015-01-12 23:59 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-10 15:49 - 2015-01-12 23:59 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-10 15:49 - 2015-01-12 23:58 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-10 15:49 - 2015-01-12 23:58 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-10 15:49 - 2015-01-12 23:58 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 15403008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 02655744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-10 15:49 - 2015-01-12 23:57 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-10 15:49 - 2015-01-12 23:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-10 15:49 - 2015-01-12 22:01 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-10 15:49 - 2015-01-12 22:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-10 15:49 - 2015-01-12 22:01 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-10 15:49 - 2015-01-12 22:00 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-10 15:49 - 2015-01-12 22:00 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-10 15:49 - 2015-01-12 21:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-10 15:49 - 2015-01-12 21:17 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-02-10 15:49 - 2015-01-12 21:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-10 15:49 - 2015-01-12 20:52 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-02-10 15:49 - 2015-01-12 20:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-02-10 15:49 - 2015-01-12 20:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-02-10 14:15 - 2015-03-05 15:28 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-02-10 14:15 - 2015-02-10 14:15 - 00004048 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-02-10 14:15 - 2015-02-10 14:15 - 00003236 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-02-10 14:14 - 2015-02-10 14:14 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2015-02-10 14:14 - 2015-02-10 14:14 - 00000000 ____D () C:\Program Files\Dell Support Center 2015-02-09 23:36 - 2015-02-09 23:36 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Local\Steam 2015-02-09 20:18 - 2015-02-09 20:18 - 00001039 _____ () C:\Users\Public\Desktop\AAGroup Products.lnk 2015-02-09 11:32 - 2015-02-09 11:33 - 00000197 _____ () C:\Windows\system32\2015-02-09-18-32-53.098-AvastVBoxSVC.exe-2420.log 2015-02-08 23:47 - 2015-02-08 23:47 - 00000197 _____ () C:\Windows\system32\2015-02-09-06-47-53.084-AvastVBoxSVC.exe-3944.log 2015-02-07 12:29 - 2015-02-07 12:29 - 00000197 _____ () C:\Windows\system32\2015-02-07-19-29-09.024-AvastVBoxSVC.exe-4992.log 2015-02-07 00:07 - 2015-02-07 01:34 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\FOR PRINTING TODAY ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-09 22:55 - 2014-11-19 18:43 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\Recovery 2015-03-09 22:55 - 2013-05-28 20:33 - 00000000 ____D () C:\FRST 2015-03-09 22:52 - 2012-07-09 20:03 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\uTorrent 2015-03-09 22:44 - 2012-01-21 05:57 - 01523660 _____ () C:\Windows\WindowsUpdate.log 2015-03-09 22:42 - 2015-01-27 23:50 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-03-09 22:42 - 2013-10-02 10:22 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-09 22:41 - 2009-07-13 22:13 - 00864134 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-09 22:41 - 2009-07-13 21:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-09 22:41 - 2009-07-13 21:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-09 22:39 - 2013-10-20 11:00 - 00194371 _____ () C:\Users\Adam Moskowitz\Network_Meter_Data.js 2015-03-09 22:39 - 2013-10-20 10:33 - 00040873 _____ () C:\Users\Adam Moskowitz\IP_Log_Data.js 2015-03-09 22:39 - 2012-04-10 14:34 - 00000000 ___RD () C:\Users\Adam Moskowitz\Dropbox 2015-03-09 22:39 - 2012-04-10 14:33 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox 2015-03-09 22:37 - 2014-04-25 18:52 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-09 22:35 - 2012-04-10 13:02 - 00000000 ____D () C:\Users\Adam Moskowitz 2015-03-09 22:35 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-09 22:29 - 2014-06-17 20:51 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service 2015-03-09 22:29 - 2014-02-10 14:12 - 00000000 ____D () C:\Windows\Minidump 2015-03-09 22:29 - 2012-06-09 10:01 - 00000000 ____D () C:\Users\Guest 2015-03-09 22:29 - 2012-06-03 11:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-09 22:29 - 2010-11-21 00:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-03-09 22:29 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration 2015-03-09 15:37 - 2013-09-05 18:47 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\debt-reduction-calculator 2015-03-09 13:42 - 2013-09-05 18:47 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\Coleman 2015-03-06 12:22 - 2012-11-29 12:15 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA.job 2015-03-06 12:22 - 2012-07-02 18:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-05 21:33 - 2012-05-13 11:32 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\My Games 2015-03-05 21:14 - 2014-08-10 13:31 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\For Susanne 2015-03-05 18:19 - 2014-08-08 13:51 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Talisman 2015-03-05 15:06 - 2012-11-29 12:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core.job 2015-03-05 12:42 - 2014-02-20 13:10 - 00000428 _____ () C:\Windows\Tasks\One-Click Optimizer.job 2015-03-04 17:48 - 2012-11-29 12:01 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Skype 2015-03-04 17:29 - 2012-04-11 11:00 - 00000000 ____D () C:\ProgramData\PCDr 2015-03-04 16:57 - 2013-10-21 12:09 - 00000027 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Network Meter_Usage.ini 2015-03-04 16:36 - 2014-08-12 11:21 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-04 16:35 - 2013-05-24 23:26 - 00000000 ____D () C:\Program Files\Common Files\Western Digital 2015-03-04 16:35 - 2013-05-10 19:27 - 00000000 ____D () C:\Program Files (x86)\Western Digital 2015-03-04 16:35 - 2013-05-10 19:26 - 00000000 ____D () C:\ProgramData\Western Digital 2015-03-04 11:05 - 2014-05-01 17:20 - 00000679 _____ () C:\Windows\BRCALIB.INI 2015-03-02 14:17 - 2012-08-08 16:47 - 00000093 _____ () C:\Windows\SysWOW64\Transware.ini 2015-03-02 14:15 - 2014-09-24 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transamerica 2015-03-02 13:28 - 2012-08-08 16:47 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Local\Downloaded Installations 2015-03-01 19:28 - 2012-09-24 13:29 - 00000000 ____D () C:\ProgramData\Zoom Player 2015-02-27 11:08 - 2014-09-30 00:43 - 00000000 ____D () C:\Program Files (x86)\Pacific Life 2015-02-26 17:11 - 2012-04-12 18:06 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\Personal Financial 2015-02-26 13:40 - 2011-02-10 07:01 - 00000000 ____D () C:\DELL 2015-02-25 12:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing 2015-02-24 20:30 - 2014-09-19 16:24 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-02-24 03:17 - 2010-11-20 20:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-02-21 16:19 - 2012-04-12 18:33 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-13 14:06 - 2012-01-21 04:47 - 00000000 ____D () C:\Program Files (x86)\Dell 2015-02-13 14:06 - 2012-01-21 04:31 - 00000000 ____D () C:\Program Files\Dell 2015-02-13 13:04 - 2012-05-10 13:08 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\Navigator Data 2015-02-13 13:02 - 2013-08-05 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pacific Life Applications 2015-02-13 12:38 - 2013-03-19 13:55 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Local\Citrix 2015-02-13 11:32 - 2011-02-10 07:02 - 00000000 ____D () C:\Windows\panther 2015-02-13 04:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-02-13 01:01 - 2009-07-13 22:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-12 18:09 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache 2015-02-12 13:22 - 2012-04-10 14:33 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-02-11 22:45 - 2012-08-08 23:58 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2015-02-11 15:44 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-02-11 11:08 - 2009-07-13 21:45 - 00451328 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-11 11:05 - 2014-12-11 04:38 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-11 11:05 - 2014-04-30 10:37 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-11 01:31 - 2013-07-20 21:59 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 01:23 - 2012-04-14 09:11 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-10 14:14 - 2012-01-21 04:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-02-09 19:14 - 2012-04-10 15:07 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\Nationwide Life Illustrator Data 2015-02-07 12:43 - 2012-04-12 18:35 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\Registry Backup 2015-02-07 01:34 - 2012-04-16 10:25 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\PrimoPDF ==================== Files in the root of some directories ======= 2013-08-18 10:15 - 2013-08-18 10:18 - 0002348 _____ () C:\Program Files (x86)\INSTALL.LOG 2013-08-18 10:14 - 2007-11-21 04:38 - 0161344 _____ (Altiris) C:\Program Files (x86)\UNWISE.EXE 2012-04-10 13:42 - 2012-04-23 10:47 - 0000828 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\AbsoluteReminder.xml 2013-03-06 16:49 - 2013-03-06 16:49 - 5082084 _____ (The Public) C:\Users\Adam Moskowitz\AppData\Roaming\Avisynth.exe 2013-03-06 16:49 - 2013-03-06 16:50 - 5243208 _____ ( ) C:\Users\Adam Moskowitz\AppData\Roaming\AvsP.exe 2012-04-10 17:03 - 2012-12-10 16:01 - 0000166 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Battery Meter_Settings.ini 2013-03-06 16:49 - 2013-03-06 16:49 - 1357348 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\MatroskaSplitter.exe 2012-04-10 17:03 - 2013-10-20 10:34 - 0001507 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Network Meter_Settings.ini 2013-10-21 12:09 - 2015-03-04 16:57 - 0000027 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Network Meter_Usage.ini 2013-03-06 16:50 - 2013-03-06 16:50 - 7760687 _____ (Boraxsoft) C:\Users\Adam Moskowitz\AppData\Roaming\SetupGFD.exe 2014-12-20 15:46 - 2014-12-20 15:46 - 0893518 _____ () C:\Users\Adam Moskowitz\AppData\Local\a-zip.axx 2014-09-05 12:17 - 2014-09-05 12:17 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Adam Moskowitz\AppData\Local\BcsKtYcHW.dll 2013-03-04 18:23 - 2013-11-08 12:25 - 0003584 _____ () C:\Users\Adam Moskowitz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-08-08 09:46 - 2012-08-08 09:46 - 0000102 _____ () C:\Users\Adam Moskowitz\AppData\Local\fusioncache.dat 2013-05-23 19:21 - 2013-05-23 19:21 - 0000236 _____ () C:\Users\Adam Moskowitz\AppData\Local\poetsch.bat 2014-06-01 14:10 - 2014-06-01 14:10 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-04-09 19:59 - 2014-04-15 13:16 - 0000909 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Files to move or delete: ==================== C:\Users\Adam Moskowitz\IP_Log_Data.js C:\Users\Adam Moskowitz\Network_Meter_Data.js Some content of TEMP: ==================== C:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoff_n4.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-05 19:44 ==================== End Of Log ============================

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 3/9/2015 Scan Time: 8:22:03 PM Logfile: malwarebytes log.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.03.10.01 Rootkit Database: v2015.02.25.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Adam Moskowitz Scan Type: Threat Scan Result: Completed Objects Scanned: 418742 Time Elapsed: 34 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

Hello, So i have a weird error that seems to be causing a system hang. I think it is malware but i cant find it anyware. Can someone please help. ADAM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02 Ran by Adam Moskowitz at 2014-12-07 20:06:22 Running from C:\Users\Adam Moskowitz\Desktop\Recovery Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Aegon Illustration System (HKLM-x32\...\{D612E338-A871-4655-9E7A-13A4378F7813}) (Version: 4.24.15.0 - Insurance Technologies, LLC) AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels) Another World (HKLM-x32\...\Steam App 233550) (Version: - Eric Chahi) Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2005679358.48.56.37426554 - Audible, Inc.) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software) Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.) Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - ) Bionic Dues (HKLM-x32\...\Steam App 238910) (Version: - Arcen Games, LLC) Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version: - Cyanide Studios) Brother MFL-Pro Suite MFC-295CN (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-8710DW (HKLM-x32\...\{37372D85-4945-4B6B-AC87-7BC5D1AB9F5C}) (Version: 2.0.1.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-9970CDW (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.19.0 - Brother Industries, Ltd.) Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) Carnage Racing (HKLM-x32\...\Steam App 228940) (Version: - ) Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version: - ) CDex extraction audio (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) CopyTrans Suite Remove Only (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\CopyTrans Suite) (Version: 2.36 - WindSolutions) CopyTrans Suite Remove Only (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\CopyTrans Suite) (Version: 2.36 - WindSolutions) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.10) (Version: 5.0.0.10 - Coupons.com Incorporated) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - ) Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Digital Delivery (HKLM-x32\...\{3612B0B9-F731-4B94-9356-E224AC552801}) (Version: 2.1.1000.0 - Dell Products, LP) Dell Driver Download Manager (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc) Dell Driver Download Manager (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.) Dell System Detect (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell) Dell System Detect (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.3.5.0 - Synaptics Incorporated) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.46 - Creative Technology Ltd) DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - ) DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - ) DriverTuner 3.5.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.5.0.1 - LionSea Software co., ltd) Dropbox (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\Dropbox) (Version: 1.4.7 - Dropbox, Inc.) DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version: - ) DSmobile 600 (HKLM\...\{1BDEB6E2-6706-4132-A5D3-99190C6BECD8}) (Version: 1.3.8 - Brother Industries, Ltd.) DSmobileSCAN II (HKLM-x32\...\{05227385-5073-46ED-9035-B1910E2613CC}) (Version: 2.0.26 - Brother Industries, Ltd.) ENE CIR Receiver Driver (HKLM\...\5BE74FAF8B71B55799C66E3EB9EC445661B81DFD) (Version: 3.7.0.0 - ENE) ePadLink ePad 11.1 (HKLM-x32\...\InstallShield_{9B954C9B-2842-42B7-A815-6C4D05FA649F}) (Version: 11.1.11628 - ePadLink) ePadLink ePad 11.1 (x32 Version: 11.1.11628 - ePadLink) Hidden eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.72 - NCH Software) Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software) Fallout 3 Patch v1.5 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.5 - ) ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - ) FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - ) Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - ) Google Chrome (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Chrome (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\Google Chrome) (Version: 19.0.1084.15 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google) Google+ Auto Backup (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.) GoToMeeting 5.1.0.880 (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\GoToMeeting) (Version: 5.1.0.880 - CitrixOnline) GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - ) HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard) HP Officejet 6500 E710n-z Product Improvement Study (HKLM\...\{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) InfraRecorder 0.52 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0052-000001000000}) (Version: 0.52.00.00 - Christian Kindahl) ING Presents 2 (HKLM-x32\...\{1FF60815-7D22-4BC2-8F82-AB3C81CA266D}) (Version: 1.1.316 - ING) Install LoJack for Laptops (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0.39 - Absolute Software) IntegriSign Desktop (x32 Version: 11.1 - ePadLink) Hidden IntegriSign Desktop 11.1 R1403 (HKLM-x32\...\{774DE618-F4A2-43FA-A3DE-46BF334B6357}) (Version: 11.1 - ePadLink) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation) Jackson Architect (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\eedd4287f76a77b3) (Version: 2012.6.29.322 - Jackson Architect) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) join.me (HKU\S-1-5-21-2677679354-1192122103-4054240909-1000\...\JoinMe) (Version: 1.17.0.131 - LogMeIn, Inc.) join.me (HKU\S-1-5-21-2677679354-1192122103-4054240909-501\...\JoinMe) (Version: 1.14.0.138 - LogMeIn, Inc.) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden K-Lite Codec Pack 9.1.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.1.0 - ) K-Lite Mega Codec Pack 9.0.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.0.2 - ) Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 2.0.0713 - Kyocera Mita Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LAV Filters 0.61.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.1 - Hendrik Leppkes) Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech) Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version: - ) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation) Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 3.69 - NCH Software) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MP3MyMP3 4.1 (HKLM-x32\...\MP3MyMP3_is1) (Version: - Bruce McArthur) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Nationwide Life Illustrator 2.4.0.16 (HKLM-x32\...\Nationwide Life Illustrator) (Version: 2.4.0.16 - Nationwide) Navigator 13.30 (x32 Version: 13.30 - Pacific Life) Hidden Navigator 14.10 (x32 Version: 14.10 - Pacific Life) Hidden Navigator 14.30 (HKLM-x32\...\Navigator 14.30) (Version: 14.30 - Pacific Life) Navigator 14.30 (x32 Version: 14.30 - Pacific Life) Hidden Navigator 14.40 (HKLM-x32\...\Navigator 14.40) (Version: 14.40 - Pacific Life) Navigator 14.40 (x32 Version: 14.40 - Pacific Life) Hidden NetX360v2 (HKLM-x32\...\{0F93D447-0851-42BB-B169-B19DD47B9FDB}) (Version: 4.1.1272.6 - Pershing) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - ) OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - ) OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - ) PCGen6001 (HKLM-x32\...\PCGen6001) (Version: - ) Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.) PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software) QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7101 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SoundTaxi 4.3.8 (HKLM-x32\...\SoundTaxi_is1) (Version: 4.3.8 - cyan soft ltd) SoundTaxi Media Suite 4.3.8 (HKLM-x32\...\{EF4C657F-632F-4CED-A220-F4C1C724241C}_is1) (Version: 4.3.8 - cyan soft ltd) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.65 - NCH Software) System Requirements Lab (Test) (HKLM-x32\...\{9BFD3F1F-E5FD-4358-988F-FC9A9446286D}) (Version: 6.0.3.0 - Husdawg, LLC) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version: - Nomad Games Limited) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED) Transamerica Life Products Illustration System - TransWare (HKLM-x32\...\InstallShield_{F3C77603-C901-4F75-987C-5BFCC19E1362}) (Version: 17.40.1129 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System - TransWare (x32 Version: 17.40.1129 - Transamerica Insurance and Investment Group) Hidden Transamerica Life Products Illustration System - TransWare WFG (HKLM-x32\...\InstallShield_{F092B744-4D6C-4A68-BA57-DAC37D83A54A}) (Version: 16.40.1065 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System TransWare Prerequisite V3.0 (HKLM-x32\...\InstallShield_{A7FF92D8-D7AF-402D-83D5-3FBC7E1EDFF4}) (Version: 10.00.0000 - Transamerica Insurance and Investment Group) Transamerica Life Products Illustration System TransWare Prerequisite V3.0 (x32 Version: 10.00.0000 - Transamerica Insurance and Investment Group) Hidden TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.1 - Tweaking.com) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software) WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{2A3862B1-F0C6-49F3-AB9A-C53D7C4EEBEA}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{5A6ABA38-E8D6-4B52-B0BF-44081833E1D2}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{e502616c-37a2-498e-a9ee-cd1234ccc820}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.) Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI) Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI) Windows Driver Package - Intel (MEIx64) System (09/05/2013 9.5.15.1730) (HKLM\...\F98E078C999BA86CEEC91CEA311B72C87BD5B8BF) (Version: 09/05/2013 9.5.15.1730 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\3217B9A82A0DA65403CDBC1201521A5A89CA30B0) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\A407B55DF46FB0EC67FBA1F9E59A2070FBA6AB51) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel System (07/25/2013 9.2.0.1035) (HKLM\...\F9896E3572C670F73505CCC79DE5C1CAFD3323BE) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Intel USB (07/25/2013 9.2.0.1035) (HKLM\...\5440E99AD8CDDC888AEBFCF0DC65C990C0437319) (Version: 07/25/2013 9.2.0.1035 - Intel) Windows Driver Package - Synaptics (SynTP) Mouse (04/29/2011 15.3.5.0) (HKLM\...\50FA4D39375145CADEF24334B6ECB241E5DE978E) (Version: 04/29/2011 15.3.5.0 - Synaptics) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{3ce0edac-95b9-48c3-afcf-495417920263}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{6c477fd9-33a3-4d23-a0fc-897aea92a50c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1082\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2677679354-1192122103-4054240909-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 19-11-2014 11:00:43 Windows Update 25-11-2014 16:05:41 Windows Update 28-11-2014 07:41:34 WD SmartWare Installer 28-11-2014 07:47:23 WD SmartWare Installer 28-11-2014 18:10:56 Windows Update 02-12-2014 16:53:34 Windows Update 04-12-2014 23:59:06 Removed Brother Software Suite 05-12-2014 00:33:49 Installed Brother Software Suite ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2014-11-10 17:09 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1E9CEC7D-4286-4659-A774-262BC0360074} - System32\Tasks\{471DABA8-46F9-4DED-9565-330211389537} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {2019B21B-EF6C-46DA-94F1-FC570FA3A3FE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.) Task: {4FAD0D2A-914D-411C-8389-6C11B7BEEA2C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software) Task: {56F38BEE-988B-45AF-8FA8-1030169AAE4D} - System32\Tasks\{767686A6-3DD6-4CC3-BA6B-8A28D333A5FA} => C:\Users\Adam Moskowitz\Desktop\PFSDB.exe Task: {5867B3C6-08F4-482F-A647-F4AC95884F19} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {63C0259C-E379-4924-896F-515CF5403E95} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {7A68A19F-54F1-47BC-94AA-6AFAA9854ED6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.) Task: {7D4DF620-3206-47E7-8272-BD64666D1D83} - System32\Tasks\{EB45CF5F-77C4-42C2-85D9-21F3FC368067} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {83D496CF-831E-4A43-AD2D-06A0A95B4C1E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation) Task: {866C2A4E-A710-46EE-8B7D-27D80C1C60AA} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {8A201777-F638-4022-8601-0D2D45C62283} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG) Task: {8BDD627E-0F7B-4ABF-BB37-1C83A861025A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.) Task: {8E85184E-DD8D-49D0-BAB8-BD8AE38F41FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated) Task: {9BEE2DE4-0240-4584-B26E-80698399357C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.) Task: {A4CE05D1-E060-4868-9EE8-CB7C42DF79A1} - System32\Tasks\{95BD8F0A-D625-416E-8F30-B9FC2CFBC46F} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: {AEA2AA44-8950-4281-9EFF-D0E7D97D569C} - System32\Tasks\Reset ShopAtHome BAC => C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\SahProcessManager.exe [2013-08-26] (ShopAtHome.com) Task: {BDBAFEB0-60CC-463B-BCC0-B7C435375E0A} - \YourFile DownloaderUpdate No Task File <==== ATTENTION Task: {C1CF1E18-E42E-4984-8A4E-BA4DC9EE7F52} - System32\Tasks\{9DE82508-F2E6-461E-9F06-538C2A413CC7} => C:\Users\Adam Moskowitz\Desktop\PFSDB.exe Task: {C54FDFBB-DBC8-4122-A4BD-7FD84960C51D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {FA91B0A6-2684-4933-BD64-777BB81A58B4} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [2014-06-03] (LionSea) Task: {FB6C11D7-60C2-416D-AF9E-E1C2460C3397} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-10-22] (Microsoft Corporation) Task: {FDF62594-7FA9-4973-94A1-DE81942F94ED} - System32\Tasks\{3BB9A3CF-92DC-4653-ADA6-B31F9AAC1C3A} => C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core.job => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA.job => C:\Users\Adam Moskowitz\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe ==================== Loaded Modules (whitelisted) ============= 2012-04-16 09:19 - 2011-02-28 14:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll 2014-09-19 15:24 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-11-17 19:04 - 2014-09-23 05:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2008-08-05 10:01 - 2008-08-05 10:01 - 00092160 _____ () C:\Program Files (x86)\Zoom Player\zpshlext64.dll 2014-05-01 16:19 - 2010-03-15 15:18 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2011-04-29 17:01 - 2011-04-29 17:01 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2012-01-21 04:26 - 2011-07-20 05:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-11-14 15:38 - 2014-11-14 15:38 - 00034672 ____R () C:\PROGRAM FILES\WESTERN DIGITAL\WD SMARTWARE\PLUGINS\WDBAIDUAPI.dll 2014-11-14 15:38 - 2014-11-14 15:38 - 00039288 ____R () C:\PROGRAM FILES\WESTERN DIGITAL\WD SMARTWARE\PLUGINS\WDTRANSPORTBAIDU.dll 2014-12-04 09:31 - 2014-12-04 09:31 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120401\algo.dll 2014-12-07 13:31 - 2014-12-07 13:31 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120702\algo.dll 2014-11-17 19:04 - 2014-09-23 03:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2014-06-20 13:31 - 2014-06-03 17:07 - 00092984 _____ () C:\Program Files (x86)\DriverTuner\zlibwapi.dll 2012-11-14 18:06 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-01-16 17:20 - 2014-01-16 17:20 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-12-04 19:26 - 2014-12-04 19:26 - 00043008 _____ () c:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvcg7zx.dll 2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox\bin\libcef.dll 2014-08-21 18:58 - 2014-12-01 13:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-21 18:58 - 2014-12-01 13:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-21 18:58 - 2014-12-01 13:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-21 18:58 - 2014-12-01 13:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2013-03-12 16:10 - 2014-11-11 10:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2014-12-03 15:18 - 2014-12-01 16:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-12-03 15:18 - 2014-12-01 16:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2014-12-03 15:18 - 2014-12-01 16:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-05-01 09:43 - 2014-12-05 17:11 - 02224832 _____ () C:\Program Files (x86)\Steam\video.dll 2014-08-21 18:58 - 2014-12-01 13:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2012-06-03 10:59 - 2014-12-05 17:11 - 00696000 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2012-06-03 10:59 - 2014-12-05 15:02 - 34636168 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-07-23 13:07 - 2014-12-05 15:02 - 01706376 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll 2014-11-25 22:56 - 2014-11-24 22:39 - 01077064 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\39.0.2171.71\libglesv2.dll 2014-11-25 22:56 - 2014-11-24 22:39 - 00211272 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\39.0.2171.71\libegl.dll 2014-11-25 22:56 - 2014-11-24 22:39 - 09009480 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll 2014-11-25 22:56 - 2014-11-24 22:39 - 01677128 _____ () C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll 2014-11-17 19:00 - 2014-11-17 19:00 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:66E02052 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AEG ForeSight Startup Services.lnk => C:\Windows\pss\AEG ForeSight Startup Services.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Adam Moskowitz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup MSCONFIG\startupreg: Uninstall C: => ========================= Accounts: ========================== Adam Moskowitz (S-1-5-21-2677679354-1192122103-4054240909-1000 - Administrator - Enabled) => C:\Users\Adam Moskowitz Administrator (S-1-5-21-2677679354-1192122103-4054240909-500 - Administrator - Disabled) ASPNET (S-1-5-21-2677679354-1192122103-4054240909-1007 - Limited - Enabled) Guest (S-1-5-21-2677679354-1192122103-4054240909-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-2677679354-1192122103-4054240909-1021 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/05/2014 04:13:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/05 16:13:59.855]: [00007364]: Initialize TwdsMain Class failed! Error: (12/05/2014 04:13:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/05 16:13:59.855]: [00007364]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/05/2014 03:30:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/05 15:30:31.635]: [00007364]: Initialize TwdsMain Class failed! Error: (12/05/2014 03:30:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/05 15:30:31.635]: [00007364]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/04/2014 05:03:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6984. Message ID: [0x2509]. Error: (12/04/2014 05:02:34 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 7552. Message ID: [0x2509]. Error: (12/04/2014 04:42:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/04 16:42:57.830]: [00007024]: Initialize TwdsMain Class failed! Error: (12/04/2014 04:42:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/12/04 16:42:57.815]: [00007024]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/04/2014 04:20:27 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 2032. Message ID: [0x2509]. Error: (12/04/2014 04:04:25 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (12/07/2014 08:01:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (12/07/2014 08:01:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/07/2014 07:51:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (12/07/2014 07:51:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/07/2014 07:41:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (12/07/2014 07:41:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/07/2014 07:31:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (12/07/2014 07:31:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/07/2014 07:21:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (12/07/2014 07:21:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (12/05/2014 04:13:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/05 16:13:59.855]: [00007364]: Initialize TwdsMain Class failed! Error: (12/05/2014 04:13:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/05 16:13:59.855]: [00007364]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/05/2014 03:30:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/05 15:30:31.635]: [00007364]: Initialize TwdsMain Class failed! Error: (12/05/2014 03:30:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/05 15:30:31.635]: [00007364]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/04/2014 05:03:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6984. Message ID: [0x2509]. Error: (12/04/2014 05:02:34 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 7552. Message ID: [0x2509]. Error: (12/04/2014 04:42:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/04 16:42:57.830]: [00007024]: Initialize TwdsMain Class failed! Error: (12/04/2014 04:42:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/12/04 16:42:57.815]: [00007024]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (12/04/2014 04:20:27 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 2032. Message ID: [0x2509]. Error: (12/04/2014 04:04:25 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) CodeIntegrity Errors: =================================== Date: 2013-05-30 16:14:58.704 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.657 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.610 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 16:14:58.564 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 15:55:23.096 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-05-30 15:55:23.049 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5-2450M CPU @ 2.50GHz Percentage of memory in use: 56% Total physical RAM: 6038.17 MB Available physical RAM: 2596.96 MB Total Pagefile: 12074.52 MB Available Pagefile: 7508.74 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:194.87 GB) NTFS Drive e: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF Drive g: (New Media) (Fixed) (Total:931.48 GB) (Free:147.44 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E) Partition 1: (Not Active) - (Size=102 MB) - (Type=DE) Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================

So, I tried to figure out the creation of the FRST fix.txt but I don't think i Did things right could somebody take a look at tghe following logs and give me a hand in the creation of the fix, I would be very appreciative. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02Ran by Adam Moskowitz (administrator) on MINAUROS on 07-12-2014 20:05:18Running from C:\Users\Adam Moskowitz\Desktop\RecoveryLoaded Profiles: Adam Moskowitz & Guest (Available profiles: Adam Moskowitz & Guest)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 10Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: "https://webmail.smarshconnect.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.smarshconnect.com%2fowa%2f", "https://mail.google.com/mail/?uip=1#inbox", "https://us-mg0.mail.yahoo.com/neo/launch?.rand=353kl63sp8ce8"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-20]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]CHR Extension: (YouTube) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-10]CHR Extension: (Adblock Plus) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-01]CHR Extension: (Google Search) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-10]CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-03-04]CHR Extension: (Google Calendar) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-04-10]CHR Extension: (Mahjong Solitaire) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogmadihniohlnmipdhchaoagjhfnohc [2014-06-15]CHR Extension: (Classic Games) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbofnbeakdognkanffmpldbjgkblljkh [2014-07-21]CHR Extension: (Avast Online Security) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-04]CHR Extension: (TinEye Reverse Image Search) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-04-10]CHR Extension: (Solitaire Games - World Collection) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmleklkkbobaonglkhkedkjofilkfjk [2014-07-21]CHR Extension: (Skype Click to Call) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-13]CHR Extension: (Solitaire) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2014-06-15]CHR Extension: (Google Wallet) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]CHR Extension: (Gmail) - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-10]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]CHR StartMenuInternet: Google Chrome - C:\Users\Adam Moskowitz\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [178160 2014-08-28] (Coupons.com Inc.)S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-09] (Dell Products, LP.) [File not signed]S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]S3 GSService; C:\Windows\SysWOW64\GSService.exe [252928 2012-05-31] () [File not signed]R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)R2 MSSQL$ITSQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-15] (Realtek Semiconductor)S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed]R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-11-14] (Western Digital Technologies, Inc.)R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)S3 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-11-19] ()R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider)S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 20:03 - 2014-12-07 20:03 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\New folder2014-12-07 15:33 - 2014-12-07 15:33 - 00000000 _____ () C:\Windows\setuperr.log2014-12-07 15:33 - 2014-12-07 15:33 - 00000000 _____ () C:\Windows\setupact.log2014-12-05 16:21 - 2014-12-05 16:21 - 00037482 _____ () C:\Users\Adam Moskowitz\Desktop\1415288871303455.htm2014-12-04 16:40 - 2014-12-04 19:26 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat2014-12-04 16:36 - 2014-12-04 16:36 - 00002146 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk2014-12-04 16:34 - 2012-07-24 23:44 - 00084480 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll2014-12-04 16:34 - 2010-02-04 18:42 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL2014-12-04 16:07 - 2014-12-04 16:31 - 121465464 _____ (A.I.SOFT,INC.) C:\Users\Adam Moskowitz\Downloads\MFC-8710DW-inst-C1-usa.EXE2014-12-01 13:29 - 2014-12-01 13:29 - 00075795 _____ () C:\Users\Adam Moskowitz\Desktop\1417425414415202.htm2014-11-27 23:46 - 2014-11-27 23:46 - 00000000 ____D () C:\Program Files\Western Digital2014-11-19 17:43 - 2014-12-07 20:05 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\Recovery2014-11-19 00:01 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-11-19 00:01 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2014-11-19 00:01 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-11-19 00:01 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2014-11-17 16:19 - 2014-11-17 16:19 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\BurnCDCC2014-11-17 16:17 - 2014-11-17 16:17 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\Hirens.BootCD.15.22014-11-13 12:30 - 2014-12-05 18:51 - 00001309 _____ () C:\Users\Public\Desktop\Navigator 14.40.lnk2014-11-11 13:03 - 2014-10-25 17:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-11-11 13:03 - 2014-10-25 16:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-11-11 13:02 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2014-11-11 13:02 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-11-11 13:02 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-11-11 13:02 - 2014-10-25 17:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-11-11 13:02 - 2014-10-25 17:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-11-11 13:02 - 2014-10-25 17:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-11-11 13:02 - 2014-10-25 17:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-11-11 13:02 - 2014-10-25 17:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-11-11 13:02 - 2014-10-25 17:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-11-11 13:02 - 2014-10-25 17:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-11-11 13:02 - 2014-10-25 17:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-11-11 13:02 - 2014-10-25 17:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-11-11 13:02 - 2014-10-25 17:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-11-11 13:02 - 2014-10-25 17:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-11-11 13:02 - 2014-10-25 17:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-11-11 13:02 - 2014-10-25 16:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-11-11 13:02 - 2014-10-25 16:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-11-11 13:02 - 2014-10-25 16:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-11-11 13:02 - 2014-10-25 16:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-11-11 13:02 - 2014-10-25 16:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-11-11 13:02 - 2014-10-25 16:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-11-11 13:02 - 2014-10-25 16:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-11-11 13:02 - 2014-10-25 16:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-11-11 13:02 - 2014-10-25 16:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-11-11 13:02 - 2014-10-25 16:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-11-11 13:02 - 2014-10-25 16:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-11-11 13:02 - 2014-10-25 16:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-11-11 13:02 - 2014-10-25 16:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-11-11 13:02 - 2014-10-25 16:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-11-11 13:02 - 2014-10-25 15:22 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2014-11-11 13:02 - 2014-10-25 15:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2014-11-11 13:02 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-11-11 13:02 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-11-11 13:02 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-11-11 13:02 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2014-11-11 13:02 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2014-11-11 13:02 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-11-11 13:02 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-11-11 13:02 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2014-11-11 13:02 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2014-11-11 13:02 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-11-11 13:02 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-11-11 13:02 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-11-11 13:02 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-11-11 13:02 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-11-11 13:02 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-11-11 13:02 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-11-11 13:02 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-11-11 13:02 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL2014-11-11 13:02 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL2014-11-11 13:01 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-11-11 13:01 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-11-11 13:01 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2014-11-11 13:01 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2014-11-11 13:01 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-11-11 13:01 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-11-11 13:01 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll2014-11-11 13:01 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2014-11-11 13:01 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll2014-11-11 13:01 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll2014-11-11 13:01 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll2014-11-11 13:01 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll2014-11-11 13:01 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll2014-11-11 13:01 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll2014-11-11 13:01 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-11-11 13:01 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-11-11 13:01 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-11-11 13:01 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-11-10 16:48 - 2014-11-10 16:48 - 00002165 _____ () C:\Users\Adam Moskowitz\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-11-10 16:48 - 2014-11-10 16:48 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MINAUROS-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-11-10 16:48 - 2014-11-10 16:48 - 00000000 ____D () C:\RegBackup2014-11-10 16:48 - 2014-11-10 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-11-10 16:47 - 2014-11-10 16:47 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 20:05 - 2013-05-28 19:33 - 00000000 ____D () C:\FRST2014-12-07 20:01 - 2012-07-02 17:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-12-07 20:00 - 2013-10-20 10:00 - 00157144 _____ () C:\Users\Adam Moskowitz\Network_Meter_Data.js2014-12-07 19:53 - 2012-11-29 11:15 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA.job2014-12-07 19:45 - 2012-07-09 19:03 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\uTorrent2014-12-07 19:23 - 2014-10-12 11:39 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\BloodBowlChaos2014-12-07 19:23 - 2012-06-03 10:52 - 00000000 ____D () C:\Program Files (x86)\Steam2014-12-07 19:21 - 2014-04-25 17:52 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-12-07 19:15 - 2012-01-21 04:57 - 01947052 _____ () C:\Windows\WindowsUpdate.log2014-12-07 16:19 - 2013-05-24 10:15 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask2014-12-07 15:53 - 2012-11-29 11:15 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core.job2014-12-07 14:30 - 2009-07-13 21:13 - 00864134 _____ () C:\Windows\system32\PerfStringBackup.INI2014-12-07 12:59 - 2014-02-20 12:10 - 00000428 _____ () C:\Windows\Tasks\One-Click Optimizer.job2014-12-06 22:37 - 2014-08-08 12:51 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Talisman2014-12-05 18:03 - 2012-04-10 13:34 - 00000000 ___RD () C:\Users\Adam Moskowitz\Dropbox2014-12-05 17:37 - 2012-09-24 12:29 - 00000000 ____D () C:\ProgramData\Zoom Player2014-12-05 17:26 - 2013-10-20 09:33 - 00031402 _____ () C:\Users\Adam Moskowitz\IP_Log_Data.js2014-12-05 11:31 - 2014-06-17 19:51 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\ShopAtHome.com BrowserAppCore Service2014-12-04 19:30 - 2009-07-13 20:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-12-04 19:30 - 2009-07-13 20:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-12-04 19:26 - 2012-04-10 13:33 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Dropbox2014-12-04 19:24 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-12-04 19:22 - 2013-10-21 11:09 - 00000027 _____ () C:\Users\Adam Moskowitz\AppData\Roaming\Network Meter_Usage.ini2014-12-04 16:42 - 2012-05-16 10:30 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\ControlCenter42014-12-04 16:36 - 2012-05-16 10:15 - 00000477 _____ () C:\Windows\Brpfx04a.ini2014-12-04 16:36 - 2012-05-16 10:15 - 00000092 _____ () C:\Windows\brpcfx.ini2014-12-04 16:36 - 2012-05-16 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother2014-12-04 16:35 - 2012-05-16 10:13 - 00000000 ____D () C:\Program Files (x86)\Browny022014-12-04 16:34 - 2012-05-16 10:12 - 00000000 ____D () C:\Program Files (x86)\Brother2014-12-04 16:34 - 2012-01-21 03:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-12-04 16:03 - 2014-04-25 17:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-12-04 14:37 - 2012-05-10 12:08 - 00000000 ____D () C:\Users\Adam Moskowitz\Documents\Navigator Data2014-12-03 14:43 - 2012-11-29 11:01 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Skype2014-12-02 08:41 - 2013-10-02 09:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2014-11-27 23:47 - 2014-08-12 10:21 - 00000000 ____D () C:\ProgramData\Package Cache2014-11-27 23:46 - 2013-05-24 22:26 - 00000000 ____D () C:\Program Files\Common Files\Western Digital2014-11-27 23:46 - 2013-05-10 18:27 - 00000000 ____D () C:\Program Files (x86)\Western Digital2014-11-27 23:46 - 2013-05-10 18:26 - 00000000 ____D () C:\ProgramData\Western Digital2014-11-26 13:04 - 2012-05-16 10:13 - 00000000 ____D () C:\ProgramData\ControlCenter42014-11-26 13:04 - 2012-05-16 10:13 - 00000000 ____D () C:\Program Files (x86)\ControlCenter42014-11-25 22:29 - 2013-09-05 17:47 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\Coleman2014-11-25 17:08 - 2012-07-02 17:16 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-11-25 17:08 - 2012-04-20 08:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-11-25 17:08 - 2012-01-21 03:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-11-24 12:23 - 2014-01-27 12:14 - 00000000 ____D () C:\Users\Adam Moskowitz\Desktop\New Client Lists2014-11-21 06:14 - 2014-04-25 17:49 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-11-21 06:14 - 2014-04-25 17:49 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-11-21 06:14 - 2012-04-12 17:38 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-11-19 13:12 - 2012-04-12 17:23 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Local\Apps\2.02014-11-17 19:06 - 2014-09-19 15:24 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-11-14 17:16 - 2012-04-10 13:33 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-11-14 10:00 - 2011-02-10 06:02 - 00000000 ____D () C:\Windows\panther2014-11-13 16:57 - 2014-05-01 16:20 - 00000679 _____ () C:\Windows\BRCALIB.INI2014-11-13 15:48 - 2012-11-29 11:15 - 00003936 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000UA2014-11-13 15:48 - 2012-11-29 11:15 - 00003540 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2677679354-1192122103-4054240909-1000Core2014-11-13 12:30 - 2014-09-29 23:43 - 00000000 ____D () C:\Program Files (x86)\Pacific Life2014-11-13 12:30 - 2013-08-05 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pacific Life Applications2014-11-11 14:37 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache2014-11-11 13:26 - 2009-07-13 20:45 - 00568840 _____ () C:\Windows\system32\FNTCACHE.DAT2014-11-11 13:23 - 2014-04-30 09:37 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-11-11 13:16 - 2013-07-20 20:59 - 00000000 ____D () C:\Windows\system32\MRT2014-11-11 13:06 - 2012-04-14 08:11 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-11-10 19:54 - 2012-04-10 12:03 - 00151080 _____ () C:\Users\Adam Moskowitz\AppData\Local\GDIPFONTCACHEV1.DAT2014-11-10 17:23 - 2010-11-20 23:16 - 00000000 ___RD () C:\Users\Public\Recorded TV2014-11-10 17:09 - 2009-07-13 18:34 - 00000471 _____ () C:\Windows\win.ini2014-11-10 16:59 - 2011-02-10 08:10 - 00864134 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-11-10 16:58 - 2014-06-26 05:49 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics2014-11-10 15:48 - 2012-04-10 12:17 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Mozilla2014-11-08 10:52 - 2013-06-13 16:18 - 00000000 ____D () C:\Users\Adam Moskowitz\AppData\Roaming\Warner Bros. Interactive Entertainment Files to move or delete:====================C:\Users\Adam Moskowitz\IP_Log_Data.jsC:\Users\Adam Moskowitz\Network_Meter_Data.js Some content of TEMP:====================C:\Users\Adam Moskowitz\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvcg7zx.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-05 12:37 ==================== End Of Log ============================

Hi Kevin, Thx for all the assistance last week, I do have a quick question for you regarding the FARBAR recovery tool, is the script that you developed for the fixlist, is there a piece of software that you use to develope that or did you just write it out yourself. I figure it might be a useful thing to know if itrs software generated other wise i assume its a learned skill. Thx again ADAM

checking let me see if there are issues seems like thinks are working again...ill reply again if there are any further issues Thank you once again for your help ADAM