-
Posts
12 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Phillyt
-
-
There was once a young man who, in his youth, professed his desire become a great writer.
When asked to define "great" he said, "I want to write stuff that the whole world will read, stuff that people will react to on a truly emotional level, stuff that will make them scream, cry, howl in pain and anger!"
He now works for Microsoft, writing error messages -
Thanks for all you have suggested but I think I'll just junk this machine out n get a new one..I can't keep loading all these files since when I got the machine it was used
-
RogueKiller V9.2.13.0 (x64) [sep 25 2014] by Adlice SoftwareFeedback : http://forum.adlice.comBlog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : PhillyT65 [Admin rights]Mode : Scan -- Date : 10/01/2014 12:50:42¤¤¤ Bad processes : 2 ¤¤¤[suspicious.Path] CurseClient.exe -- C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe[-] -> KILLED [TermProc][suspicious.Path] (SVC) scores -- C:\Windows\score.exe[-] -> STOPPED¤¤¤ Registry Entries : 22 ¤¤¤[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\scores (C:\Windows\score.exe) -> FOUND[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\scores (C:\Windows\score.exe) -> FOUND[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\scores (C:\Windows\score.exe) -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} | NameServer : 81.218.119.15,199.203.35.75 -> FOUND[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://myyahoo.com/ -> FOUND[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://myyahoo.com/ -> FOUND¤¤¤ Scheduled tasks : 1 ¤¤¤[suspicious.Path] \\YourFileDownloader Installer Starter -- C:\Users\PHILLY~1\AppData\Local\Temp\YourFileDownloaderaN37b7xtHB.exe (-startup) -> FOUND¤¤¤ Files : 0 ¤¤¤¤¤¤ HOSTS File : 0 ¤¤¤¤¤¤ Antirootkit : 4 (Driver: LOADED) ¤¤¤[EAT:Addr] (explorer.exe) msi.dll - DllCanUnloadNow : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1b8e4[EAT:Addr] (explorer.exe) msi.dll - DllGetClassObject : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1b91c[EAT:Addr] (explorer.exe) msi.dll - DllRegisterServer : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1ba4c[EAT:Addr] (explorer.exe) msi.dll - DllUnregisterServer : C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll @ 0x7fef3c1bb1c¤¤¤ Web browsers : 0 ¤¤¤¤
-
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014Ran by PhillyT65 (administrator) on VIGGILANTE on 01-10-2014 12:35:14Running from C:\Users\PhillyT65\DownloadsLoaded Profile: PhillyT65 (Available profiles: PhillyT65 & DefaultAppPool)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(AMD) C:\Windows\System32\atiesrxx.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Microsoft Corporation) C:\Windows\System32\mqsvc.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe() C:\Windows\score.exe(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE(Microsoft Corporation) C:\Windows\System32\snmp.exe(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe(Microsoft Corporation) C:\Windows\System32\vds.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(AMD) C:\Windows\System32\atieclxx.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Microsoft Corporation) C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe(Curse) C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\PhillyT65\Downloads\FSS.exe(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe(Farbar) C:\Users\PhillyT65\Downloads\FSS.exe(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe(Farbar) C:\Users\PhillyT65\Downloads\FRST64 (1).exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dllHKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-05] (PDF Complete Inc)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\Run: [skyDrive] => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"HKU\S-1-5-21-3041398442-320649397-160515667-1000\...\RunOnce: [uninstall C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"Startup: C:\Users\PhillyT65\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://myyahoo.com/HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE10ENUS/WOL_WCPURLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No FileSearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKLM - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKLM-x32 - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKCU - DefaultScope {B04FC860-8BC8-40F1-BD12-3B0EFC986F91} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDFSearchScopes: HKCU - {B04FC860-8BC8-40F1-BD12-3B0EFC986F91} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8SearchScopes: HKCU - {B42D1374-3E73-422B-B53E-54740E2EBFB8} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDFSearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No FileBHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileDPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)Tcpip\..\Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8}: [NameServer] 81.218.119.15,199.203.35.75FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PhillyT65\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)Chrome:=======CHR DefaultSearchURL: Default -> https://us-mg5.mail.yahoo.com/neo/launch?action=compose&To=%sCHR Profile: C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-13]CHR Extension: (Google Drive) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-13]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]CHR Extension: (YouTube) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-13]CHR Extension: (Google Search) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-24]CHR Extension: (Google Wallet) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]CHR Extension: (Gmail) - C:\Users\PhillyT65\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-13]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONCHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)R2 scores; C:\Windows\score.exe [4834816 2014-09-25] () [File not signed]R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-01] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed]S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed]R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX64.sys [57312 2008-06-14] (Ray Hinchliffe)R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)R1 MpKslc9d125c2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85280ACD-A8A1-4077-A4FA-93FF4B07333C}\MpKslc9d125c2.sys [X]==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-10-01 12:34 - 2014-10-01 12:34 - 01100288 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST.exe2014-10-01 12:29 - 2014-10-01 12:30 - 00001144 _____ () C:\Users\PhillyT65\Downloads\FSS.txt2014-10-01 12:28 - 2014-10-01 12:28 - 00415232 _____ (Farbar) C:\Users\PhillyT65\Downloads\FSS.exe2014-10-01 12:23 - 2014-10-01 12:23 - 02108928 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST64 (1).exe2014-10-01 11:55 - 2014-10-01 11:56 - 00036596 _____ () C:\Users\PhillyT65\Downloads\Addition.txt2014-10-01 11:54 - 2014-10-01 12:35 - 00020696 _____ () C:\Users\PhillyT65\Downloads\FRST.txt2014-10-01 11:54 - 2014-10-01 12:35 - 00000000 ____D () C:\FRST2014-10-01 11:53 - 2014-10-01 11:53 - 02108928 _____ (Farbar) C:\Users\PhillyT65\Downloads\FRST64.exe2014-10-01 03:55 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2014-10-01 03:55 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2014-09-29 19:27 - 2014-10-01 05:52 - 00000112 _____ () C:\Windows\setupact.log2014-09-29 19:27 - 2014-09-29 19:27 - 00000000 _____ () C:\Windows\setuperr.log2014-09-26 08:00 - 2014-09-26 23:09 - 00000097 _____ () C:\Users\PhillyT65\AppData\Roaming\LauncherSettings_live.cfg2014-09-26 07:58 - 2014-09-26 07:58 - 00000039 _____ () C:\Users\PhillyT65\AppData\Roaming\TheHunterSettings_steam_live.cfg2014-09-26 07:58 - 2014-09-26 07:58 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\theHunter2014-09-26 07:58 - 2014-09-26 07:58 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\theHunter2014-09-26 07:56 - 2014-09-26 07:56 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\theHunterSteam2014-09-26 07:56 - 2014-09-26 07:56 - 00000000 ____D () C:\ProgramData\Hunter2014-09-25 15:12 - 2014-10-01 02:01 - 00000000 ___HD () C:\Users\Public\Temp2014-09-25 15:11 - 2014-09-01 13:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll2014-09-25 15:11 - 2014-09-01 13:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll2014-09-25 15:10 - 2014-09-26 04:56 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\VOPackage2014-09-25 15:10 - 2014-09-26 02:15 - 00004038 _____ () C:\Windows\System32\Tasks\LaunchSignup2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\fastplayer2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\com2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer2014-09-25 15:09 - 2014-09-25 10:57 - 04834816 _____ () C:\Windows\score.exe2014-09-24 00:08 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2014-09-24 00:08 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2014-09-19 23:12 - 2014-09-19 23:12 - 00000219 _____ () C:\Users\PhillyT65\Desktop\Left 4 Dead 2.url2014-09-12 21:11 - 2014-09-12 21:11 - 00000184 _____ () C:\Users\PhillyT65\Downloads\eula.txt2014-09-12 21:11 - 2014-09-12 21:11 - 00000061 _____ () C:\Users\PhillyT65\Downloads\server.properties2014-09-12 21:10 - 2014-09-12 21:11 - 10769744 _____ () C:\Users\PhillyT65\Downloads\minecraft_server.1.8.exe2014-09-10 04:02 - 2014-09-10 04:02 - 00411056 _____ () C:\Users\PhillyT65\Downloads\setup (1).exe2014-09-10 03:15 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-09-10 03:15 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-09-10 03:15 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-09-10 03:15 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-09-10 03:15 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-09-10 03:15 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-09-10 03:15 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-09-10 03:15 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-09-10 03:15 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-09-10 03:15 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-09-10 03:15 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-09-10 03:15 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-09-10 03:15 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-09-10 03:15 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-09-10 03:15 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-09-10 03:15 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-09-10 03:15 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-09-10 03:15 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-09-10 03:15 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-09-10 03:15 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-09-10 03:15 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-09-10 03:15 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-09-10 03:15 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-09-10 03:15 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-09-10 03:15 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-09-10 03:15 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-09-10 03:15 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-09-10 03:15 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-09-10 03:15 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-09-10 03:15 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-09-10 03:15 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-09-10 03:15 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-09-10 03:15 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-09-10 03:15 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-09-10 03:15 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-09-10 03:15 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-09-10 03:15 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-09-10 03:15 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-09-10 03:15 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-09-10 03:15 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-09-10 03:15 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-09-10 03:15 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-09-10 03:15 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-09-10 03:15 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-09-10 03:15 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-09-10 03:15 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-09-10 03:15 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-09-10 03:15 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-09-10 03:15 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-09-10 03:15 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-09-10 03:15 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-09-10 03:15 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-09-10 03:15 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-09-10 03:15 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-09-10 03:15 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-09-10 03:15 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-09-10 03:02 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2014-09-10 03:02 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2014-09-10 01:31 - 2014-09-23 15:31 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-09-09 16:42 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll2014-09-09 16:42 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll2014-09-09 16:41 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-09-09 16:41 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-09-09 16:40 - 2014-09-04 21:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-09-09 16:40 - 2014-09-04 21:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-09-09 16:40 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-09-09 16:40 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-09-09 16:40 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-09-09 16:40 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-09-09 16:40 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-09-08 06:00 - 2014-09-30 06:37 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Adobe2014-09-06 13:10 - 2014-09-06 13:10 - 00857696 _____ ( ) C:\Users\PhillyT65\Downloads\Adobe_Flash_Setup.exe2014-09-05 16:52 - 2014-09-05 16:52 - 00000000 ____D () C:\Users\PhillyT65\Downloads\LOIC-master2014-09-05 13:07 - 2014-09-05 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2014-09-05 13:07 - 2014-09-05 13:07 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2014-09-05 13:07 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys2014-09-03 19:54 - 2014-09-03 19:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA2014-09-03 19:51 - 2014-09-03 19:51 - 00000222 _____ () C:\Users\PhillyT65\Desktop\Terraria.url2014-09-03 18:23 - 2014-09-03 18:24 - 07688351 _____ () C:\Users\PhillyT65\Desktop\INTRO!!!!!.mp42014-09-03 18:18 - 2014-09-03 18:18 - 00000076 _____ () C:\Users\PhillyT65\Downloads\INTRO!!!!!.mxf.sfl2014-09-03 18:17 - 2014-09-03 18:18 - 20100156 _____ () C:\Users\PhillyT65\Downloads\INTRO!!!!!.mxf2014-09-01 12:28 - 2014-09-01 12:31 - 00372200 _____ () C:\Users\PhillyT65\Downloads\lavender town - solkrieg's dream eater dubstep remix.mp3.sfk2014-09-01 12:27 - 2014-09-10 04:01 - 00003212 _____ () C:\Windows\System32\Tasks\YourFileDownloader Installer Starter==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-10-01 12:19 - 2013-12-24 09:41 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-01 12:16 - 2013-01-07 17:43 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Deployment2014-10-01 12:05 - 2013-01-07 16:33 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{553BECE3-7405-4C06-8481-01D3ECC7CBCD}2014-10-01 11:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-10-01 11:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-10-01 11:17 - 2014-04-15 04:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-01 11:14 - 2014-06-13 23:28 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Skype2014-10-01 11:14 - 2014-03-28 20:31 - 00000000 ____D () C:\ProgramData\Skype2014-10-01 06:21 - 2013-01-07 16:24 - 01336810 _____ () C:\Windows\WindowsUpdate.log2014-10-01 06:16 - 2014-08-20 17:09 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\LogMeIn Hamachi2014-10-01 06:16 - 2014-05-25 00:51 - 00000000 ___RD () C:\Users\PhillyT65\OneDrive2014-10-01 06:16 - 2013-12-24 09:41 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-01 05:55 - 2011-11-04 10:28 - 00000000 ____D () C:\ProgramData\PDFC2014-10-01 05:55 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\inetsrv2014-10-01 05:53 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-01 05:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration2014-10-01 05:52 - 2010-11-20 22:47 - 00797270 _____ () C:\Windows\PFRO.log2014-09-30 23:21 - 2014-05-18 18:43 - 00000000 ____D () C:\Program Files (x86)\Steam2014-09-30 16:46 - 2013-06-23 07:42 - 00000000 ___HD () C:\Windows\msdownld.tmp2014-09-30 16:41 - 2014-06-18 09:22 - 00000000 ____D () C:\Program Files (x86)\OpenAL2014-09-29 19:20 - 2013-01-07 21:14 - 00002057 _____ () C:\Windows\epplauncher.mif2014-09-29 16:01 - 2013-01-07 16:33 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPhillyT652014-09-29 16:01 - 2013-01-07 16:33 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForPhillyT65.job2014-09-29 14:36 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF2014-09-29 13:38 - 2014-07-24 20:06 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\PMB Files2014-09-29 12:40 - 2013-01-07 16:24 - 00000000 ____D () C:\Users\PhillyT652014-09-29 12:39 - 2014-07-24 20:06 - 00000000 ____D () C:\ProgramData\PMB Files2014-09-29 12:39 - 2014-05-18 00:13 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Battle.net2014-09-29 12:39 - 2013-10-29 16:56 - 00000000 ____D () C:\Users\DefaultAppPool2014-09-29 12:39 - 2011-11-04 10:21 - 00000000 ____D () C:\ProgramData\RoxioNow2014-09-29 12:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Msdtc2014-09-29 11:17 - 2014-05-18 00:13 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Battle.net2014-09-28 10:01 - 2013-01-08 17:40 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\CrashDumps2014-09-27 18:37 - 2014-05-25 00:49 - 00000000 ____D () C:\Users\PhillyT65\AppData\Local\Windows Live2014-09-26 16:49 - 2011-11-04 10:22 - 00000000 ____D () C:\ProgramData\CyberLink2014-09-26 16:49 - 2011-11-04 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-09-26 04:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\L2Schemas2014-09-25 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2014-09-25 15:39 - 2009-07-14 00:13 - 00869632 _____ () C:\Windows\system32\PerfStringBackup.INI2014-09-25 15:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\TAPI2014-09-25 15:11 - 2014-05-21 18:34 - 00000000 ____D () C:\ProgramData\Package Cache2014-09-25 06:26 - 2014-05-25 00:51 - 00002192 _____ () C:\Users\PhillyT65\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk2014-09-24 22:00 - 2013-01-30 22:08 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2014-09-24 22:00 - 2013-01-09 22:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log2014-09-24 21:59 - 2013-01-16 22:36 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\HP Support Assistant2014-09-24 21:59 - 2013-01-08 17:39 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\HpUpdate2014-09-22 01:42 - 2010-11-20 22:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-09-16 17:56 - 2014-06-04 21:39 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\.minecraft2014-09-13 11:23 - 2014-05-18 00:14 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft2014-09-13 11:23 - 2014-05-18 00:12 - 00000000 ____D () C:\Program Files (x86)\Battle.net2014-09-10 03:14 - 2011-02-11 12:15 - 00861754 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-09-10 03:13 - 2013-01-07 21:14 - 00002119 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk2014-09-10 03:12 - 2013-07-16 07:57 - 00000000 ____D () C:\Windows\system32\MRT2014-09-10 03:12 - 2013-01-07 21:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client2014-09-10 03:12 - 2013-01-07 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client2014-09-10 03:03 - 2013-01-08 09:16 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-09-10 03:02 - 2014-05-05 20:44 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-09-08 10:42 - 2013-07-15 17:19 - 47296000 ___SH () C:\Users\PhillyT65\Downloads\Thumbs.db2014-09-05 13:07 - 2014-08-20 17:08 - 00000888 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk2014-09-03 19:54 - 2014-06-19 16:12 - 00000000 ____D () C:\Users\PhillyT65\Documents\My Games2014-09-03 18:17 - 2014-08-31 12:35 - 00000000 ____D () C:\Users\PhillyT65\AppData\Roaming\Sony2014-09-01 21:05 - 2013-01-07 16:35 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForVIGGILANTE$2014-09-01 21:05 - 2013-01-07 16:35 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForVIGGILANTE$.jobSome content of TEMP:====================C:\Users\PhillyT65\AppData\Local\Temp\BackupSetup.exeC:\Users\PhillyT65\AppData\Local\Temp\EdSD9.dllC:\Users\PhillyT65\AppData\Local\Temp\EdSD9.exeC:\Users\PhillyT65\AppData\Local\Temp\GVRA8.exeC:\Users\PhillyT65\AppData\Local\Temp\OnlineBackup.exeC:\Users\PhillyT65\AppData\Local\Temp\SpOrder.dll==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-09-26 00:27==================== End Of Log ============================
-
Farbar Service Scanner Version: 21-07-2014Ran by PhillyT65 (administrator) on 01-10-2014 at 12:30:34Running from "C:\Users\PhillyT65\Downloads"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible.Other Services:==============File Check:========C:\Windows\System32\nsisvc.dll => File is digitally signedC:\Windows\System32\drivers\nsiproxy.sys => File is digitally signedC:\Windows\System32\dhcpcore.dll => File is digitally signedC:\Windows\System32\drivers\afd.sys => File is digitally signedC:\Windows\System32\drivers\tdx.sys => File is digitally signedC:\Windows\System32\Drivers\tcpip.sys => File is digitally signedC:\Windows\System32\dnsrslvr.dll => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signed**** End of log ****
-
Naturally since I am NOT PUTER PROFICIANT...Did I do that right ???
-
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014Ran by PhillyT65 at 2014-10-01 11:55:19Running from C:\Users\PhillyT65\DownloadsBoot Mode: Normal============================================================================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) HiddenAMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) HiddenAMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) HiddenApple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)ATI Catalyst Install Manager (HKLM\...\{BCC01139-903A-6FC7-3358-85B0AE332601}) (Version: 3.0.829.0 - ATI Technologies, Inc.)Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) HiddenCatalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) HiddenCCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hiddenccc-utility64 (Version: 2011.0630.16.41755 - ATI) HiddenCloudScout (x32 Version: 1.0.0.1 - www.CloudGuard.me) HiddenCloudScout Parental Control (HKLM-x32\...\{9c7ab1b0-c461-42e4-b381-4d901f1130fe}) (Version: 1.0.0.3 - www.CloudGuard.me)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDriverTuner 3.5.0.1 (HKLM-x32\...\DriverTuner_is1) (Version: 3.5.0.1 - LionSea Software co., ltd)Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenGunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) HiddenHP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) HiddenHP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) HiddenHP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) HiddenJunk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenKerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)Left 4 Dead 2 Beta (HKLM-x32\...\Steam App 223530) (Version: - )LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) HiddenMicrosoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) HiddenMicrosoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) HiddenMSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )OpenAL (HKLM-x32\...\OpenAL) (Version: - )Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenPlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) HiddenRemote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)RIFT (HKCU\...\RIFT) (Version: - Trion Worlds, Inc.)RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)theHunter (HKLM-x32\...\Steam App 253710) (Version: - Expansive Worlds)Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version: - Secret Exit Ltd.)Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.51 - NCH Software)Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenWinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)XSplit Gamecaster (HKLM-x32\...\{22EE0000-ECB1-486F-B928-990CECFE7B32}) (Version: 1.9.1407.2114 - SplitmediaLabs)Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)==================== Custom CLSID (selected items): ==========================(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{1a171a82-78ac-4df6-843e-60d242d0c94c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-3041398442-320649397-160515667-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)==================== Restore Points =========================30-09-2014 05:54:23 Windows Update01-10-2014 11:17:57 Windows Update01-10-2014 11:21:06 Windows Update01-10-2014 16:14:06 Removed Skype™ 6.2001-10-2014 16:15:04 Removed Skype Click to Call==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)Task: {09F898B2-C354-4716-A162-DC94BD42DF13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)Task: {1651A2FE-9179-40F3-A44B-EDA069A69CA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {16AC49F9-DC77-4D13-AA4C-FF4B8D8D9CBD} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTIONTask: {3A903340-35A8-42D5-A15D-910034F54416} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)Task: {40FA0DE6-0B63-4D8A-BEF6-0AB4CC872A65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)Task: {59A664AB-699E-4321-BB44-EA2EE9AA68AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {5D78DE63-AF02-486A-A982-9C7DA4C70511} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: {5FDE4999-50E6-4FE2-ACF8-0B482B4D75A3} - System32\Tasks\HPCeeScheduleForVIGGILANTE$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)Task: {6B32B5B6-B227-46BF-A2AC-6DC9355B5161} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)Task: {86AC99A3-66E3-4C5E-B715-752C72F3BB12} - System32\Tasks\HPCeeScheduleForPhillyT65 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)Task: {A3EB1EB7-26A8-42FB-997C-92DD2B859666} - System32\Tasks\YourFileDownloader Installer Starter => C:\Users\PHILLY~1\AppData\Local\Temp\YourFileDownloaderaN37b7xtHB.exe <==== ATTENTIONTask: {B59861A0-1841-41F2-B98A-6EFFAD5CA27F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.)Task: {DEFA07C9-3A91-47C4-BB81-334E5727EBCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)Task: {EF99594A-CA00-429B-9786-7949B49433E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\HPCeeScheduleForPhillyT65.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exeTask: C:\Windows\Tasks\HPCeeScheduleForVIGGILANTE$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe==================== Loaded Modules (whitelisted) =============2014-09-25 15:09 - 2014-09-25 10:57 - 04834816 _____ () C:\Windows\score.exe2014-06-12 11:56 - 2014-06-12 11:56 - 00014848 ____N () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll2014-05-26 00:59 - 2014-05-26 00:58 - 00035840 _____ () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll2014-06-12 11:56 - 2014-06-12 11:56 - 00099840 ____N () C:\Users\PhillyT65\AppData\Local\Apps\2.0\ERXJTPLH.73J\WHMQDXBJ.2ZK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll2011-06-30 02:14 - 2011-06-30 02:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2011-03-14 16:20 - 2011-03-14 16:20 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-09-25 06:26 - 2014-09-25 06:26 - 00081056 _____ () C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll2013-05-20 11:16 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll2014-09-25 06:26 - 2014-09-25 06:26 - 00081056 _____ () C:\Users\PhillyT65\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL2014-09-24 22:29 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll2014-09-24 22:29 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll2014-09-24 22:29 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll2014-09-24 22:29 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll2014-09-24 22:29 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll2014-09-24 22:29 - 2014-09-22 23:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll==================== Alternate Data Streams (whitelisted) =========(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)==================== Safe Mode (whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"==================== EXE Association (whitelisted) =============(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)==================== MSCONFIG/TASK MANAGER disabled items =========(Currently there is no automatic fix for this section.)========================= Accounts: ==========================Administrator (S-1-5-21-3041398442-320649397-160515667-500 - Administrator - Disabled)Guest (S-1-5-21-3041398442-320649397-160515667-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-3041398442-320649397-160515667-1002 - Limited - Enabled)Michael (S-1-5-21-3041398442-320649397-160515667-1005 - Administrator - Enabled)PhillyT65 (S-1-5-21-3041398442-320649397-160515667-1000 - Administrator - Enabled) => C:\Users\PhillyT65==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (09/29/2014 07:20:08 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: VIGGILANTE)Description: HRESULT:0x8004FF06Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.Error: (09/29/2014 01:50:22 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: a3cStart Time: 01cfdc0c7edacd50Termination Time: 140Application Path: C:\Windows\Explorer.EXEReport Id: 6d810e0f-4809-11e4-a0a9-38607782e6c5Error: (09/29/2014 06:12:53 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 9c8Start Time: 01cfdb3ee688b89eTermination Time: 3224Application Path: C:\Windows\Explorer.EXEReport Id: 78f3a400-47c9-11e4-b288-38607782e6c5Error: (09/28/2014 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: 7759337A_stp.EXE, version: 0.0.0.0, time stamp: 0x4b1ae411Faulting module name: NSISEncrypt.dll, version: 0.0.0.0, time stamp: 0x54280577Exception code: 0xc0000005Fault offset: 0x000038c8Faulting process id: 0x1828Faulting application start time: 0x7759337A_stp.EXE0Faulting application path: 7759337A_stp.EXE1Faulting module path: 7759337A_stp.EXE2Report Id: 7759337A_stp.EXE3Error: (09/26/2014 08:00:39 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program thehunter.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 2504Start Time: 01cfd9898a600c75Termination Time: 24Application Path: C:\Program Files (x86)\Steam\steamapps\common\theHunter\game\thehunter.exeReport Id:Error: (09/25/2014 11:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program Skype.exe version 6.20.0.104 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 88cStart Time: 01cfd905d6d250acTermination Time: 52Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exeReport Id:Error: (09/25/2014 03:09:56 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\Windows\Installer\MSIA0F5.tmpError: (09/25/2014 03:09:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStart, entry: InstallationStart, library: C:\Windows\Installer\MSI9ADC.tmpError: (09/14/2014 11:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x53948b55Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x0002e04eFaulting process id: 0x3c0Faulting application start time: 0xhl2.exe0Faulting application path: hl2.exe1Faulting module path: hl2.exe2Report Id: hl2.exe3Error: (09/05/2014 01:08:36 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program chrome.exe version 37.0.2062.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 1af0Start Time: 01cfc93425c4fe2dTermination Time: 10Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exeReport Id: 880e943b-3527-11e4-bc29-38607782e6c5System errors:=============Error: (10/01/2014 06:00:56 AM) (Source: DCOM) (EventID: 10010) (User: )Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}Error: (10/01/2014 05:55:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Diagnostic System Host service hung on starting.Error: (10/01/2014 05:55:08 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Diagnostic Service Host service hung on starting.Error: (10/01/2014 05:53:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:%%1058Error: (10/01/2014 05:53:38 AM) (Source: SNMP) (EventID: 1500) (User: )Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.Error: (10/01/2014 05:53:36 AM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Routing and Remote Access service depends on the Remote Access Connection Manager service which failed to start because of the following error:%%1058Error: (10/01/2014 05:53:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The HP Software Framework Service service failed to start due to the following error:%%1053Error: (10/01/2014 05:53:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.Error: (10/01/2014 05:53:03 AM) (Source: NETLOGON) (EventID: 3095) (User: )Description: This computer is configured as a member of a workgroup, not asa member of a domain. The Netlogon service does not need to run in thisconfiguration.Error: (10/01/2014 05:51:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )Description: The Message Queuing service terminated with the following error:%%-2147024877Microsoft Office Sessions:=========================Error: (09/29/2014 07:20:08 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: VIGGILANTE)Description: HRESULT:0x8004FF06Description:Microsoft Security Essentials is already installed. A newer version of Security Essentials is already installed on your computer. Error code:0x8004FF06.Error: (09/29/2014 01:50:22 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Explorer.EXE6.1.7601.17567a3c01cfdc0c7edacd50140C:\Windows\Explorer.EXE6d810e0f-4809-11e4-a0a9-38607782e6c5Error: (09/29/2014 06:12:53 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: Explorer.EXE6.1.7601.175679c801cfdb3ee688b89e3224C:\Windows\Explorer.EXE78f3a400-47c9-11e4-b288-38607782e6c5Error: (09/28/2014 10:01:19 AM) (Source: Application Error) (EventID: 1000) (User: )Description: 7759337A_stp.EXE0.0.0.04b1ae411NSISEncrypt.dll0.0.0.054280577c0000005000038c8182801cfdb2d062058f2C:\Users\PHILLY~1\AppData\Local\Temp\is366025459\7759337A_stp.EXEC:\Users\PHILLY~1\AppData\Local\Temp\nsg2579.tmp\NSISEncrypt.dll4cf5b4f0-4720-11e4-b7b9-38607782e6c5Error: (09/26/2014 08:00:39 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: thehunter.exe1.0.0.1250401cfd9898a600c7524C:\Program Files (x86)\Steam\steamapps\common\theHunter\game\thehunter.exeError: (09/25/2014 11:05:03 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Skype.exe6.20.0.10488c01cfd905d6d250ac52C:\Program Files (x86)\Skype\Phone\Skype.exeError: (09/25/2014 03:09:56 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\Windows\Installer\MSIA0F5.tmp (NULL)(NULL)(NULL)(NULL)(NULL)Error: (09/25/2014 03:09:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: VIGGILANTE)Description: Product: Snap.Do -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStart, entry: InstallationStart, library: C:\Windows\Installer\MSI9ADC.tmp (NULL)(NULL)(NULL)(NULL)(NULL)Error: (09/14/2014 11:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )Description: hl2.exe0.0.0.053948b55ntdll.dll6.1.7601.18247521ea8e7c00000050002e04e3c001cfd099b1293705C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exeC:\Windows\SysWOW64\ntdll.dllaea158c6-3c8f-11e4-ae05-38607782e6c5Error: (09/05/2014 01:08:36 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: chrome.exe37.0.2062.1031af001cfc93425c4fe2d10C:\Program Files (x86)\Google\Chrome\Application\chrome.exe880e943b-3527-11e4-bc29-38607782e6c5CodeIntegrity Errors:===================================Date: 2014-09-25 15:25:10.294Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.Date: 2014-09-25 15:25:09.958Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.Date: 2014-09-25 15:25:09.621Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.Date: 2014-09-25 15:15:35.696Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.Date: 2014-09-25 15:15:35.341Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.Date: 2014-09-25 15:15:34.976Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.==================== Memory info ===========================Processor: AMD E2-3200 APU with Radeon HD GraphicsPercentage of memory in use: 56%Total physical RAM: 3570.82 MBAvailable physical RAM: 1539.93 MBTotal Pagefile: 7139.81 MBAvailable Pagefile: 4206.77 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB==================== Drives ================================Drive c: (OS) (Fixed) (Total:919.75 GB) (Free:700.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (HP_RECOVERY) (Fixed) (Total:11.66 GB) (Free:1.43 GB) NTFS ==>[system with boot components (obtained from reading drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EAD598F5)Partition 1: (Active) - (Size=98 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=919.8 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)==================== End Of Log ============================
-
That is so Baaaaaaaaaaaad
-
AHHHH Haaaaaaa....Laughin my butt off
-
I had no issues logging in anywhere...
Yesterday I logon and get:
hxxp://astromenda.com/?f=7&a=ast_dnldstr_14_39_ch&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0Dzz0CyE0C0E0DyE0F0DtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBzyyEyCtD0EtBtCtG0F0DyC0EtGtCtB0FyDtG0A0FtD0CtGtD0BzyyEyE0DyE0FtAzzzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtDyEtAtA0B0FtG0AzztAyDtGyE0BtCtBtG0AyD0DzytG0EyE0F0D0FyD0CtA0FtA0Fzz2Q&cr=402266813&ir=
I have never been to this site...there were options to delete the link ..those options DO NOT work..all one gets is popups..
I have other sites on my list which I can access using tabs but the astromedia site comes up right at login..and will not go away
-
Was really surprised when the new version popped up...no issues so far...
Starting to run low on jokes I can tell...
in Tailwaggers and Jokes
Posted
IUKB ERROR
IDIOT USING KEYBORD
IBM
I BLAME MICROSOFT
IDIOTS BUY ME
IDIOTS BUILDING MACHINES
I'LL BUY MACINTOSHES
IT BIT ME
IT BUILT MICROSOFT
IT'S BETTER MANUALLY
I'VE BEEN MISLED
I'VE BEEN MUGGED
WINDOWS
WELL IT NEVER DOES OPERATE WITH SPEED
WHEN I NEED DATA OUTPUT WITHOUT SPEED
WHILE IDLE,NEEDS DX OR WORKSTATION
WILL INSATLL NEEDLESS DATA ON WHOLE SYSTEM
WIN
WHOPPINGLY IMMENSE NOP
WORN INFESTATION NETWARE
MS-WINDOWS NT/WIDOWS NT
MY SOLITAIRE WITH ITS NEW DE ACCELERATOR,ONLY WITH SOME NETWORK TECHNOLOGY
WELL INTENDED NETWORK DE ACCELERATOR,ONLY WORKS SOMETIMES NEVER TOTALL
WINDOWS (AS A ) NETWORK TROJAN
DIFFERENT OPERATING SYSTEM EXPECTIONS
MACINTOSH:WHAT YOU SEE IS WHAT YOU GET
MS-DOS:YOU ASKED FOR IT YOU GOT IT
UNIX:IFUH2SK UDNTWNT2KNO
VMS:YOU GOT IT,ALL OF IT,WANT IT OR NOT
RANDOM ABBREVIATIONS FOR MANY COMPUTER COMPANIES
APPLE:
ARROGANCE PRODUCES PROFIT-LOSING ENTITY
DEC:
DUMP EVERYTHING AND CLOSE
DEC:
DO EXPECT CUTS
HCL:
HILARIOUS COMPUTER LOGIC
HP:
HOT PURSUIT
IBM:
I BLAME MICROSOFT
MAC:
MOST ABSURD COMPUTER
MACINTOSH:
Most Applications Crash; If Not, The Operating System Hangs
MACINTOSH:
MOST APPLICATIONS CRASH;IF NOT THE OPERATING SYSTEM HANGS
MICROSOFT:
MOST INTELLIGENT CUSTOMERS REALIZE OUR SOFTWARE ONLY FOOLS TEENAGERS
NEXT:
NOW EXCHANGE FOR TEARS
OS/2
OBSOLETE SOON TOO
WARP:
WHAT A RAT PROGRAM
ACRONYMS FOR OTHER COMPUTER TERMS
AMIGA:
A MERELY INSIGNIFICANT GAME ADDICTION
B
BASIC:
BILLS ATTEMPT TO SEIZE INDUSTRY CONTROL
CD-ROM:
CUSTOMER DIVICE,RENDERED OBSOLETE IN MONTHS
COBOL:
COMPLETELY OBSOLETE BUSINESS ORIENTED LANGUAGE
DOS:
DEFECTIVE OPERATING SYSTEM
I
ISDN:
IT STILL DOES NOTHING
LISP:
LOTS OF INFURITIATING AND SILLY PARENTHESIS
MIPS:|MEANINGLESS INDICATION OF PROCESSOR SPEED
PCMCIA:
PEOPLE CAN'T MEMORIZE COMPUTER INDUSTRY ACRONYMS
PENTIUM:
PRODUCES ERRONEOUS NUMBERS THROUGH INCORRECT UNDERSTANDING OF MATHMATICS
SCSI:
SYSTEM CAN'T SEE IT
WWW:
WORLD WIDE WAIT