Phillyt

December 5, 2014

IUKB ERROR

IDIOT USING KEYBORD
IBM
I BLAME MICROSOFT

IDIOTS BUY ME
IDIOTS BUILDING MACHINES
I'LL BUY MACINTOSHES

IT BIT ME

IT BUILT MICROSOFT

IT'S BETTER MANUALLY

I'VE BEEN MISLED
I'VE BEEN MUGGED

WINDOWS

WELL IT NEVER DOES OPERATE WITH SPEED
WHEN I NEED DATA OUTPUT WITHOUT SPEED
WHILE IDLE,NEEDS DX OR WORKSTATION
WILL INSATLL NEEDLESS DATA ON WHOLE SYSTEM
WIN

WHOPPINGLY IMMENSE NOP
WORN INFESTATION NETWARE

MS-WINDOWS NT/WIDOWS NT

MY SOLITAIRE WITH ITS NEW DE ACCELERATOR,ONLY WITH SOME NETWORK TECHNOLOGY
WELL INTENDED NETWORK DE ACCELERATOR,ONLY WORKS SOMETIMES NEVER TOTALL

WINDOWS (AS A ) NETWORK TROJAN

DIFFERENT OPERATING SYSTEM EXPECTIONS

MACINTOSH:WHAT YOU SEE IS WHAT YOU GET

MS-DOS:YOU ASKED FOR IT YOU GOT IT

UNIX:IFUH2SK UDNTWNT2KNO

VMS:YOU GOT IT,ALL OF IT,WANT IT OR NOT

RANDOM ABBREVIATIONS FOR MANY COMPUTER COMPANIES
APPLE:
ARROGANCE PRODUCES PROFIT-LOSING ENTITY
DEC:
DUMP EVERYTHING AND CLOSE

DEC:
DO EXPECT CUTS

HCL:
HILARIOUS COMPUTER LOGIC

HP:
HOT PURSUIT

IBM:
I BLAME MICROSOFT

MAC:
MOST ABSURD COMPUTER
MACINTOSH:
Most Applications Crash; If Not, The Operating System Hangs

MACINTOSH:
MOST APPLICATIONS CRASH;IF NOT THE OPERATING SYSTEM HANGS

MICROSOFT:
MOST INTELLIGENT CUSTOMERS REALIZE OUR SOFTWARE ONLY FOOLS TEENAGERS

NEXT:
NOW EXCHANGE FOR TEARS

OS/2
OBSOLETE SOON TOO

WARP:
WHAT A RAT PROGRAM

ACRONYMS FOR OTHER COMPUTER TERMS

AMIGA:
A MERELY INSIGNIFICANT GAME ADDICTION
B
BASIC:
BILLS ATTEMPT TO SEIZE INDUSTRY CONTROL

CD-ROM:
CUSTOMER DIVICE,RENDERED OBSOLETE IN MONTHS

COBOL:
COMPLETELY OBSOLETE BUSINESS ORIENTED LANGUAGE

DOS:
DEFECTIVE OPERATING SYSTEM

I
ISDN:
IT STILL DOES NOTHING

LISP:
LOTS OF INFURITIATING AND SILLY PARENTHESIS

MIPS:|MEANINGLESS INDICATION OF PROCESSOR SPEED

PCMCIA:
PEOPLE CAN'T MEMORIZE COMPUTER INDUSTRY ACRONYMS

PENTIUM:
PRODUCES ERRONEOUS NUMBERS THROUGH INCORRECT UNDERSTANDING OF MATHMATICS

SCSI:
SYSTEM CAN'T SEE IT

WWW:
WORLD WIDE WAIT

December 5, 2014

There was once a young man who, in his youth, professed his desire become a great writer.

When asked to define "great" he said, "I want to write stuff that the whole world will read, stuff that people will react to on a truly emotional level, stuff that will make them scream, cry, howl in pain and anger!"

He now works for Microsoft, writing error messages

October 1, 2014

Thanks for all you have suggested but I think I'll just junk this machine out n get a new one..I can't keep loading all these files since when I got the machine it was used

October 1, 2014

RogueKiller V9.2.13.0 (x64) [sep 25 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : PhillyT65 [Admin rights]

Mode : Scan -- Date : 10/01/2014 12:50:42

¤¤¤ Bad processes : 2 ¤¤¤

[suspicious.Path] CurseClient.exe -- C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe[-] -> KILLED [TermProc]

[suspicious.Path] (SVC) scores -- C:\Windows\score.exe[-] -> STOPPED

¤¤¤ Registry Entries : 22 ¤¤¤

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\scores (C:\Windows\score.exe) -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\scores (C:\Windows\score.exe) -> FOUND

[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\scores (C:\Windows\score.exe) -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND

[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND

[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND

[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND

[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND

[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://myyahoo.com/ -> FOUND

[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://myyahoo.com/ -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤

[suspicious.Path] \\YourFileDownloader Installer Starter -- C:\Users\PHILLY~1\AppData\Local\Temp\YourFileDownloaderaN37b7xtHB.exe (-startup) -> FOUND

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 4 (Driver: LOADED) ¤¤¤

[EAT:Addr] (explorer.exe) msi.dll - DllCanUnloadNow : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1b8e4

[EAT:Addr] (explorer.exe) msi.dll - DllGetClassObject : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1b91c

[EAT:Addr] (explorer.exe) msi.dll - DllRegisterServer : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1ba4c

[EAT:Addr] (explorer.exe) msi.dll - DllUnregisterServer : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1bb1c

¤¤¤ Web browsers : 0 ¤¤¤

¤

October 1, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014

Ran by PhillyT65 (administrator) on VIGGILANTE on 01-10-2014 12:35:14

Running from C:\Users\PhillyT65\Downloads

Loaded Profile: PhillyT65 (Available profiles: PhillyT65 & DefaultAppPool)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

() C:\Windows\score.exe

(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE

(Microsoft Corporation) C:\Windows\System32\snmp.exe

(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(Curse) C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\PhillyT65\Downloads\FSS.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Farbar) C:\Users\PhillyT65\Downloads\FSS.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Farbar) C:\Users\PhillyT65\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll

HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-05] (PDF Complete Inc)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\Run: [skyDrive] => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"

HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"

Startup: C:\Users\PhillyT65\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://myyahoo.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE10ENUS/WOL_WCP

URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKCU - DefaultScope {B04FC860-8BC8-40F1-BD12-3B0EFC986F91} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8

SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKCU - {B04FC860-8BC8-40F1-BD12-3B0EFC986F91} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8

SearchScopes: HKCU - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}

Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)

Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)

Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)

Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)

Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)

Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)

Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)

Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)

Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)

Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)

Tcpip\..\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8}: [NameServer] 81.218.119.15,199.203.35.75

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PhillyT65\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome:

=======

CHR DefaultSearchURL: Default -> https://us-mg5.mail.yahoo.com/neo/launch?action=compose&To=%s

CHR Profile: C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-13]

CHR Extension: (Google Drive) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-13]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (YouTube) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-13]

CHR Extension: (Google Search) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-24]

CHR Extension: (Google Wallet) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

CHR Extension: (Gmail) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-13]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]

R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)

R2 scores; C:\Windows\score.exe [4834816 2014-09-25] () [File not signed]

R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)

R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)

R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)

S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-01] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)

S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed]

S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed]

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX64.sys [57312 2008-06-14] (Ray Hinchliffe)

R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)

R1 MpKslc9d125c2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85280ACD-A8A1-4077-A4FA-93FF4B07333C}\MpKslc9d125c2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 12:34 - 2014-10-01 12:34 - 01100288 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST.exe

2014-10-01 12:29 - 2014-10-01 12:30 - 00001144 _____ () C:\Users\PhillyT65\Downloads\FSS.txt

2014-10-01 12:28 - 2014-10-01 12:28 - 00415232 _____ (Farbar) C:\Users\PhillyT65\Downloads\FSS.exe

2014-10-01 12:23 - 2014-10-01 12:23 - 02108928 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST64 (1).exe

2014-10-01 11:55 - 2014-10-01 11:56 - 00036596 _____ () C:\Users\PhillyT65\Downloads\Addition.txt

2014-10-01 11:54 - 2014-10-01 12:35 - 00020696 _____ () C:\Users\PhillyT65\Downloads\FRST.txt

2014-10-01 11:54 - 2014-10-01 12:35 - 00000000 ____D () C:\FRST

2014-10-01 11:53 - 2014-10-01 11:53 - 02108928 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST64.exe

2014-10-01 03:55 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-10-01 03:55 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-09-29 19:27 - 2014-10-01 05:52 - 00000112 _____ () C:\Windows\setupact.log

2014-09-29 19:27 - 2014-09-29 19:27 - 00000000 _____ () C:\Windows\setuperr.log

2014-09-26 08:00 - 2014-09-26 23:09 - 00000097 _____ () C:\Users\PhillyT65\AppData\Roaming\LauncherSettings_live.cfg

2014-09-26 07:58 - 2014-09-26 07:58 - 00000039 _____ () C:\Users\PhillyT65\AppData\Roaming\TheHunterSettings_steam_live.cfg

2014-09-26 07:58 - 2014-09-26 07:58 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\theHunter

2014-09-26 07:58 - 2014-09-26 07:58 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\theHunter

2014-09-26 07:56 - 2014-09-26 07:56 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\theHunterSteam

2014-09-26 07:56 - 2014-09-26 07:56 - 00000000 ____D () C:\ProgramData\Hunter

2014-09-25 15:12 - 2014-10-01 02:01 - 00000000 ___HD () C:\Users\Public\Temp

2014-09-25 15:11 - 2014-09-01 13:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll

2014-09-25 15:11 - 2014-09-01 13:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll

2014-09-25 15:10 - 2014-09-26 04:56 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\VOPackage

2014-09-25 15:10 - 2014-09-26 02:15 - 00004038 _____ () C:\Windows\System32\Tasks\LaunchSignup

2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\fastplayer

2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\com

2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer

2014-09-25 15:09 - 2014-09-25 10:57 - 04834816 _____ () C:\Windows\score.exe

2014-09-24 00:08 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-09-24 00:08 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-09-19 23:12 - 2014-09-19 23:12 - 00000219 _____ () C:\Users\PhillyT65\Desktop\Left 4 Dead 2.url

2014-09-12 21:11 - 2014-09-12 21:11 - 00000184 _____ () C:\Users\PhillyT65\Downloads\eula.txt

2014-09-12 21:11 - 2014-09-12 21:11 - 00000061 _____ () C:\Users\PhillyT65\Downloads\server.properties

2014-09-12 21:10 - 2014-09-12 21:11 - 10769744 _____ () C:\Users\PhillyT65\Downloads\minecraft_server.1.8.exe

2014-09-10 04:02 - 2014-09-10 04:02 - 00411056 _____ () C:\Users\PhillyT65\Downloads\setup (1).exe

2014-09-10 03:15 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-09-10 03:15 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-09-10 03:15 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-10 03:15 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-10 03:15 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-09-10 03:15 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-09-10 03:15 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-10 03:15 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-09-10 03:15 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-09-10 03:15 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-09-10 03:15 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-09-10 03:15 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-09-10 03:15 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-09-10 03:15 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-10 03:15 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-09-10 03:15 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-10 03:15 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-09-10 03:15 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-10 03:15 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-09-10 03:15 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-09-10 03:15 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-10 03:15 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-10 03:15 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-09-10 03:15 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-10 03:15 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-09-10 03:15 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-09-10 03:15 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-09-10 03:15 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-09-10 03:15 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-09-10 03:15 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-10 03:15 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-09-10 03:15 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-09-10 03:15 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-10 03:15 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-09-10 03:15 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-09-10 03:15 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-09-10 03:15 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-09-10 03:15 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-10 03:15 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-09-10 03:15 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-10 03:15 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-09-10 03:15 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-09-10 03:15 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-09-10 03:15 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-09-10 03:15 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-09-10 03:15 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-10 03:15 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-09-10 03:15 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-10 03:15 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-09-10 03:15 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-09-10 03:15 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-09-10 03:15 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-09-10 03:15 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-09-10 03:15 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-09-10 03:15 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-09-10 03:15 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-09-10 03:02 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-09-10 03:02 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-09-10 01:31 - 2014-09-23 15:31 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-09-09 16:42 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-09-09 16:42 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-09-09 16:41 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-09-09 16:41 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-09-09 16:40 - 2014-09-04 21:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-09-09 16:40 - 2014-09-04 21:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-09-09 16:40 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-09-09 16:40 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-09-09 16:40 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-09-09 16:40 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-09-09 16:40 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-09-08 06:00 - 2014-09-30 06:37 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Adobe

2014-09-06 13:10 - 2014-09-06 13:10 - 00857696 _____ ( ) C:\Users\PhillyT65\Downloads\Adobe_Flash_Setup.exe

2014-09-05 16:52 - 2014-09-05 16:52 - 00000000 ____D () C:\Users\PhillyT65\Downloads\LOIC-master

2014-09-05 13:07 - 2014-09-05 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-09-05 13:07 - 2014-09-05 13:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2014-09-05 13:07 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

2014-09-03 19:54 - 2014-09-03 19:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA

2014-09-03 19:51 - 2014-09-03 19:51 - 00000222 _____ () C:\Users\PhillyT65\Desktop\Terraria.url

2014-09-03 18:23 - 2014-09-03 18:24 - 07688351 _____ () C:\Users\PhillyT65\Desktop\INTRO!!!!!.mp4

2014-09-03 18:18 - 2014-09-03 18:18 - 00000076 _____ () C:\Users\PhillyT65\Downloads\INTRO!!!!!.mxf.sfl

2014-09-03 18:17 - 2014-09-03 18:18 - 20100156 _____ () C:\Users\PhillyT65\Downloads\INTRO!!!!!.mxf

2014-09-01 12:28 - 2014-09-01 12:31 - 00372200 _____ () C:\Users\PhillyT65\Downloads\lavender town - solkrieg's dream eater dubstep remix.mp3.sfk

2014-09-01 12:27 - 2014-09-10 04:01 - 00003212 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 12:19 - 2013-12-24 09:41 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-01 12:16 - 2013-01-07 17:43 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Deployment

2014-10-01 12:05 - 2013-01-07 16:33 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{553BECE3-7405-4C06-8481-01D3ECC7CBCD}

2014-10-01 11:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-01 11:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-01 11:17 - 2014-04-15 04:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-01 11:14 - 2014-06-13 23:28 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Skype

2014-10-01 11:14 - 2014-03-28 20:31 - 00000000 ____D () C:\ProgramData\Skype

2014-10-01 06:21 - 2013-01-07 16:24 - 01336810 _____ () C:\Windows\WindowsUpdate.log

2014-10-01 06:16 - 2014-08-20 17:09 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\LogMeIn Hamachi

2014-10-01 06:16 - 2014-05-25 00:51 - 00000000 ___RD () C:\Users\PhillyT65\OneDrive

2014-10-01 06:16 - 2013-12-24 09:41 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-01 05:55 - 2011-11-04 10:28 - 00000000 ____D () C:\ProgramData\PDFC

2014-10-01 05:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\inetsrv

2014-10-01 05:53 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-01 05:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration

2014-10-01 05:52 - 2010-11-20 22:47 - 00797270 _____ () C:\Windows\PFRO.log

2014-09-30 23:21 - 2014-05-18 18:43 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-09-30 16:46 - 2013-06-23 07:42 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-09-30 16:41 - 2014-06-18 09:22 - 00000000 ____D () C:\Program Files (x86)\OpenAL

2014-09-29 19:20 - 2013-01-07 21:14 - 00002057 _____ () C:\Windows\epplauncher.mif

2014-09-29 16:01 - 2013-01-07 16:33 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPhillyT65

2014-09-29 16:01 - 2013-01-07 16:33 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForPhillyT65.job

2014-09-29 14:36 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-09-29 13:38 - 2014-07-24 20:06 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\PMB Files

2014-09-29 12:40 - 2013-01-07 16:24 - 00000000 ____D () C:\Users\PhillyT65

2014-09-29 12:39 - 2014-07-24 20:06 - 00000000 ____D () C:\ProgramData\PMB Files

2014-09-29 12:39 - 2014-05-18 00:13 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Battle.net

2014-09-29 12:39 - 2013-10-29 16:56 - 00000000 ____D () C:\Users\DefaultAppPool

2014-09-29 12:39 - 2011-11-04 10:21 - 00000000 ____D () C:\ProgramData\RoxioNow

2014-09-29 12:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Msdtc

2014-09-29 11:17 - 2014-05-18 00:13 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Battle.net

2014-09-28 10:01 - 2013-01-08 17:40 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\CrashDumps

2014-09-27 18:37 - 2014-05-25 00:49 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Windows Live

2014-09-26 16:49 - 2011-11-04 10:22 - 00000000 ____D () C:\ProgramData\CyberLink

2014-09-26 16:49 - 2011-11-04 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-09-26 04:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\L2Schemas

2014-09-25 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-09-25 15:39 - 2009-07-14 00:13 - 00869632 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-25 15:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\TAPI

2014-09-25 15:11 - 2014-05-21 18:34 - 00000000 ____D () C:\ProgramData\Package Cache

2014-09-25 06:26 - 2014-05-25 00:51 - 00002192 _____ () C:\Users\PhillyT65\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

2014-09-24 22:00 - 2013-01-30 22:08 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-09-24 22:00 - 2013-01-09 22:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-09-24 21:59 - 2013-01-16 22:36 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\HP Support Assistant

2014-09-24 21:59 - 2013-01-08 17:39 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\HpUpdate

2014-09-22 01:42 - 2010-11-20 22:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-09-16 17:56 - 2014-06-04 21:39 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\.minecraft

2014-09-13 11:23 - 2014-05-18 00:14 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft

2014-09-13 11:23 - 2014-05-18 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net

2014-09-10 03:14 - 2011-02-11 12:15 - 00861754 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-09-10 03:13 - 2013-01-07 21:14 - 00002119 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-09-10 03:12 - 2013-07-16 07:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-10 03:12 - 2013-01-07 21:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-09-10 03:12 - 2013-01-07 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-09-10 03:03 - 2013-01-08 09:16 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-09-10 03:02 - 2014-05-05 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-09-08 10:42 - 2013-07-15 17:19 - 47296000 ___SH () C:\Users\PhillyT65\Downloads\Thumbs.db

2014-09-05 13:07 - 2014-08-20 17:08 - 00000888 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

2014-09-03 19:54 - 2014-06-19 16:12 - 00000000 ____D () C:\Users\PhillyT65\Documents\My Games

2014-09-03 18:17 - 2014-08-31 12:35 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Sony

2014-09-01 21:05 - 2013-01-07 16:35 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForVIGGILANTE$

2014-09-01 21:05 - 2013-01-07 16:35 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForVIGGILANTE$.job

Some content of TEMP:

====================

C:\Users\PhillyT65\AppData\Local\Temp\BackupSetup.exe

C:\Users\PhillyT65\AppData\Local\Temp\EdSD9.dll

C:\Users\PhillyT65\AppData\Local\Temp\EdSD9.exe

C:\Users\PhillyT65\AppData\Local\Temp\GVRA8.exe

C:\Users\PhillyT65\AppData\Local\Temp\OnlineBackup.exe

C:\Users\PhillyT65\AppData\Local\Temp\SpOrder.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-26 00:27

==================== End Of Log ============================

October 1, 2014

Farbar Service Scanner Version: 21-07-2014

Ran by PhillyT65 (administrator) on 01-10-2014 at 12:30:34

Running from "C:\Users\PhillyT65\Downloads"

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

October 1, 2014

Naturally since I am NOT PUTER PROFICIANT...Did I do that right ???

October 1, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014

Ran by PhillyT65 at 2014-10-01 11:55:19

Running from C:\Users\PhillyT65\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}

AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) Hidden

AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) Hidden

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{BCC01139-903A-6FC7-3358-85B0AE332601}) (Version: 3.0.829.0 - ATI Technologies, Inc.)

Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) Hidden

CCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hidden

ccc-utility64 (Version: 2011.0630.16.41755 - ATI) Hidden

CloudScout (x32 Version: 1.0.0.1 - www.CloudGuard.me) Hidden

CloudScout Parental Control (HKLM-x32\...\{9c7ab1b0-c461-42e4-b381-4d901f1130fe}) (Version: 1.0.0.3 - www.CloudGuard.me)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DriverTuner 3.5.0.1 (HKLM-x32\...\DriverTuner_is1) (Version: 3.5.0.1 - LionSea Software co., ltd)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)

GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden

HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)

HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)

HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)

Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)

Left 4 Dead 2 Beta (HKLM-x32\...\Steam App 223530) (Version: - )

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)

Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

OpenAL (HKLM-x32\...\OpenAL) (Version: - )

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)

PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)

Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden

Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)

RIFT (HKCU\...\RIFT) (Version: - Trion Worlds, Inc.)

RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)

Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)

Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)

Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)

theHunter (HKLM-x32\...\Steam App 253710) (Version: - Expansive Worlds)

Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version: - Secret Exit Ltd.)

Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)

Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)

Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)

VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.51 - NCH Software)

Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

XSplit Gamecaster (HKLM-x32\...\{22EE0000-ECB1-486F-B928-990CECFE7B32}) (Version: 1.9.1407.2114 - SplitmediaLabs)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{1a171a82-78ac-4df6-843e-60d242d0c94c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

30-09-2014 05:54:23 Windows Update

01-10-2014 11:17:57 Windows Update

01-10-2014 11:21:06 Windows Update

01-10-2014 16:14:06 Removed Skype™ 6.20

01-10-2014 16:15:04 Removed Skype Click to Call

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09F898B2-C354-4716-A162-DC94BD42DF13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)

Task: {1651A2FE-9179-40F3-A44B-EDA069A69CA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {16AC49F9-DC77-4D13-AA4C-FF4B8D8D9CBD} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION

Task: {3A903340-35A8-42D5-A15D-910034F54416} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)

Task: {40FA0DE6-0B63-4D8A-BEF6-0AB4CC872A65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)

Task: {59A664AB-699E-4321-BB44-EA2EE9AA68AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {5D78DE63-AF02-486A-A982-9C7DA4C70511} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {5FDE4999-50E6-4FE2-ACF8-0B482B4D75A3} - System32\Tasks\HPCeeScheduleForVIGGILANTE$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

Task: {6B32B5B6-B227-46BF-A2AC-6DC9355B5161} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)

Task: {86AC99A3-66E3-4C5E-B715-752C72F3BB12} - System32\Tasks\HPCeeScheduleForPhillyT65 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

Task: {A3EB1EB7-26A8-42FB-997C-92DD2B859666} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\PHILLY~1\AppData\Local\Temp\YourFileDownloaderaN37b7xtHB.exe <==== ATTENTION

Task: {B59861A0-1841-41F2-B98A-6EFFAD5CA27F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)

Task: {DEFA07C9-3A91-47C4-BB81-334E5727EBCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)

Task: {EF99594A-CA00-429B-9786-7949B49433E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForPhillyT65.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForVIGGILANTE$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-09-25 15:09 - 2014-09-25 10:57 - 04834816 _____ () C:\Windows\score.exe

2014-06-12 11:56 - 2014-06-12 11:56 - 00014848 ____N () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll

2014-05-26 00:59 - 2014-05-26 00:58 - 00035840 _____ () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll

2014-06-12 11:56 - 2014-06-12 11:56 - 00099840 ____N () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll

2011-06-30 02:14 - 2011-06-30 02:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-03-14 16:20 - 2011-03-14 16:20 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-09-25 06:26 - 2014-09-25 06:26 - 00081056 _____ () C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll

2013-05-20 11:16 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

2014-09-25 06:26 - 2014-09-25 06:26 - 00081056 _____ () C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL

2014-09-24 22:29 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll

2014-09-24 22:29 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll

2014-09-24 22:29 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll

2014-09-24 22:29 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll

2014-09-24 22:29 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

2014-09-24 22:29 - 2014-09-22 23:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3041398442-320649397-160515667-500 - Administrator - Disabled)

Guest (S-1-5-21-3041398442-320649397-160515667-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3041398442-320649397-160515667-1002 - Limited - Enabled)

Michael (S-1-5-21-3041398442-320649397-160515667-1005 - Administrator - Enabled)

PhillyT65 (S-1-5-21-3041398442-320649397-160515667-1000 - Administrator - Enabled) => C:\Users\PhillyT65

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (09/29/2014 07:20:08 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: VIGGILANTE)

Description: HRESULT:0x8004FF06

Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (09/29/2014 01:50:22 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a3c

Start Time: 01cfdc0c7edacd50

Termination Time: 140

Application Path: C:\Windows\Explorer.EXE

Report Id: 6d810e0f-4809-11e4-a0a9-38607782e6c5

Error: (09/29/2014 06:12:53 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9c8

Start Time: 01cfdb3ee688b89e

Termination Time: 3224

Application Path: C:\Windows\Explorer.EXE

Report Id: 78f3a400-47c9-11e4-b288-38607782e6c5

Error: (09/28/2014 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: 7759337A_stp.EXE, version: 0.0.0.0, time stamp: 0x4b1ae411

Faulting module name: NSISEncrypt.dll, version: 0.0.0.0, time stamp: 0x54280577

Exception code: 0xc0000005

Fault offset: 0x000038c8

Faulting process id: 0x1828

Faulting application start time: 0x7759337A_stp.EXE0

Faulting application path: 7759337A_stp.EXE1

Faulting module path: 7759337A_stp.EXE2

Report Id: 7759337A_stp.EXE3

Error: (09/26/2014 08:00:39 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program thehunter.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2504

Start Time: 01cfd9898a600c75

Termination Time: 24

Application Path: C:\Program Files (x86)\Steam\steamapps\common\theHunter\game\thehunter.exe

Report Id:

Error: (09/25/2014 11:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Skype.exe version 6.20.0.104 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 88c

Start Time: 01cfd905d6d250ac

Termination Time: 52

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id:

Error: (09/25/2014 03:09:56 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)

Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\Windows\Installer\MSIA0F5.tmp

Error: (09/25/2014 03:09:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)

Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStart, entry: InstallationStart, library: C:\Windows\Installer\MSI9ADC.tmp

Error: (09/14/2014 11:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x53948b55

Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7

Exception code: 0xc0000005

Fault offset: 0x0002e04e

Faulting process id: 0x3c0

Faulting application start time: 0xhl2.exe0

Faulting application path: hl2.exe1

Faulting module path: hl2.exe2

Report Id: hl2.exe3

Error: (09/05/2014 01:08:36 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program chrome.exe version 37.0.2062.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1af0

Start Time: 01cfc93425c4fe2d

Termination Time: 10

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 880e943b-3527-11e4-bc29-38607782e6c5

System errors:

=============

Error: (10/01/2014 06:00:56 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (10/01/2014 05:55:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Diagnostic System Host service hung on starting.

Error: (10/01/2014 05:55:08 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Diagnostic Service Host service hung on starting.

Error: (10/01/2014 05:53:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:

%%1058

Error: (10/01/2014 05:53:38 AM) (Source: SNMP) (EventID: 1500) (User: )

Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (10/01/2014 05:53:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Routing and Remote Access service depends on the Remote Access Connection Manager service which failed to start because of the following error:

%%1058

Error: (10/01/2014 05:53:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The HP Software Framework Service service failed to start due to the following error:

%%1053

Error: (10/01/2014 05:53:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.

Error: (10/01/2014 05:53:03 AM) (Source: NETLOGON) (EventID: 3095) (User: )

Description: This computer is configured as a member of a workgroup, not as

a member of a domain. The Netlogon service does not need to run in this

configuration.

Error: (10/01/2014 05:51:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Message Queuing service terminated with the following error:

%%-2147024877

Microsoft Office Sessions:

=========================

Error: (09/29/2014 07:20:08 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: VIGGILANTE)

Description: HRESULT:0x8004FF06

Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.

Error: (09/29/2014 01:50:22 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Explorer.EXE6.1.7601.17567a3c01cfdc0c7edacd50140C:\Windows\Explorer.EXE6d810e0f-4809-11e4-a0a9-38607782e6c5

Error: (09/29/2014 06:12:53 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Explorer.EXE6.1.7601.175679c801cfdb3ee688b89e3224C:\Windows\Explorer.EXE78f3a400-47c9-11e4-b288-38607782e6c5

Error: (09/28/2014 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: 7759337A_stp.EXE0.0.0.04b1ae411NSISEncrypt.dll0.0.0.054280577c0000005000038c8182801cfdb2d062058f2C:\Users\PHILLY~1\AppData\Local\Temp\is366025459\7759337A_stp.EXEC:\Users\PHILLY~1\AppData\Local\Temp\nsg2579.tmp\NSISEncrypt.dll4cf5b4f0-4720-11e4-b7b9-38607782e6c5

Error: (09/26/2014 08:00:39 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: thehunter.exe1.0.0.1250401cfd9898a600c7524C:\Program Files (x86)\Steam\steamapps\common\theHunter\game\thehunter.exe

Error: (09/25/2014 11:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Skype.exe6.20.0.10488c01cfd905d6d250ac52C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (09/25/2014 03:09:56 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)

Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\Windows\Installer\MSIA0F5.tmp (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/25/2014 03:09:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)

Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStart, entry: InstallationStart, library: C:\Windows\Installer\MSI9ADC.tmp (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/14/2014 11:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: hl2.exe0.0.0.053948b55ntdll.dll6.1.7601.18247521ea8e7c00000050002e04e3c001cfd099b1293705C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exeC:\Windows\SysWOW64\ntdll.dllaea158c6-3c8f-11e4-ae05-38607782e6c5

Error: (09/05/2014 01:08:36 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: chrome.exe37.0.2062.1031af001cfc93425c4fe2d10C:\Program Files (x86)\Google\Chrome\Application\chrome.exe880e943b-3527-11e4-bc29-38607782e6c5

CodeIntegrity Errors:

===================================

Date: 2014-09-25 15:25:10.294