nima_sherpa
Members-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by nima_sherpa
-
kevin thanks for being with me. i've just completed mbam and here's the log Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 05-06-2014Scan Time: 02:24:22Logfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.06.04.11Rootkit Database: v2014.06.02.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8CPU: x64File System: NTFSUser: hp1 Scan Type: Threat ScanResult: CompletedObjects Scanned: 322974Time Elapsed: 13 min, 55 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.OptimumInstaller.A, C:\Users\hp1\Downloads\java_setup.exe, Quarantined, [aad1ec88c8b3e353c8ca62ed4db40cf4], Physical Sectors: 0(No malicious items detected) (end)
-
thanks here is the jrt.txt ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8 Single Language x64Ran by hp1 on 05-06-2014 at 2:04:50.45~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistpluginSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\hp1\appdata\local\{C315A3C9-010D-4B2C-8BFD-84377B122BC7}Successfully deleted: [Empty Folder] C:\Users\hp1\appdata\local\{F135D571-3251-41F9-B429-51625A4AF976} ~~~ FireFox Emptied folder: C:\Users\hp1\AppData\Roaming\mozilla\firefox\profiles\tda6zgi4.default\minidumps [4 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 05-06-2014 at 2:13:44.47End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
i'm sorry for the delay. here's adwcleaner log # AdwCleaner v3.211 - Report created 05/06/2014 at 01:59:04# Updated 26/05/2014 by Xplode# Operating System : Windows 8 Single Language (64 bits)# Username : hp1 - NIMA_LEONIE# Running from : C:\Users\hp1\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** Service Deleted : winzipersvc ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AssistantFolder Deleted : C:\ProgramData\QuickSetFolder Deleted : C:\ProgramData\WPMFolder Deleted : C:\ProgramData\NewSoaverFolder Deleted : C:\ProgramData\SauveNNewaAppzFolder Deleted : C:\ProgramData\suRf and KEepFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipperFolder Deleted : C:\Program Files (x86)\BonanzaDealsFolder Deleted : C:\Program Files (x86)\iSafeFolder Deleted : C:\Program Files (x86)\orbitdownloaderFolder Deleted : C:\Program Files (x86)\SimilarSitesFolder Deleted : C:\Program Files (x86)\WinZipperFolder Deleted : C:\Program Files (x86)\NewSoaverFolder Deleted : C:\Program Files (x86)\suRf and KEepFolder Deleted : C:\Program Files (x86)\Common Files\337Folder Deleted : C:\Users\Administrator\AppData\Local\torchFolder Deleted : C:\Users\Guest\AppData\Local\torchFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torchFolder Deleted : C:\Users\hp1\AppData\Roaming\OxyFolder Deleted : C:\Users\hp1\AppData\Roaming\pdfforgeFolder Deleted : C:\Users\hp1\AppData\Roaming\WinZipperFolder Deleted : C:\Users\Leonie\AppData\Local\torchFolder Deleted : C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.default\CT2712698Folder Deleted : C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.default\Extensions\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciepccboidphdgoodegeeghcmlcgejjnFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciepccboidphdgoodegeeghcmlcgejjnFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciepccboidphdgoodegeeghcmlcgejjnFolder Deleted : C:\Users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciepccboidphdgoodegeeghcmlcgejjnFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebnfippiamgijnbdiofkgcielccibfpoFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebnfippiamgijnbdiofkgcielccibfpoFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebnfippiamgijnbdiofkgcielccibfpoFolder Deleted : C:\Users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebnfippiamgijnbdiofkgcielccibfpoFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nealcklbfgnjecldanleegmaakecfdodFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nealcklbfgnjecldanleegmaakecfdodFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nealcklbfgnjecldanleegmaakecfdodFolder Deleted : C:\Users\Leonie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nealcklbfgnjecldanleegmaakecfdodFile Deleted : C:\Users\hp1\AppData\Roaming\LiveSupport.exe_log.txtFile Deleted : C:\Users\hp1\AppData\Roaming\regsvr32.exe_log.txtFile Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvcKey Deleted : HKLM\SOFTWARE\Classes\NewSaVEr.NewSaVErKey Deleted : HKLM\SOFTWARE\Classes\NewSaVEr.NewSaVEr.1.1Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA657915-E81A-FADA-CDC9-AF5B7FE16117}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7F7A6C9-A476-06C7-1A20-5CF4F94A3146}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7F7A6C9-A476-06C7-1A20-5CF4F94A3146}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F7F7A6C9-A476-06C7-1A20-5CF4F94A3146}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA657915-E81A-FADA-CDC9-AF5B7FE16117}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F7F7A6C9-A476-06C7-1A20-5CF4F94A3146}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CA657915-E81A-FADA-CDC9-AF5B7FE16117}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F7F7A6C9-A476-06C7-1A20-5CF4F94A3146}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe]Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe]Key Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\EscoladeKey Deleted : HKCU\Software\OrbitKey Deleted : HKCU\Software\RegisteredApplicationsExKey Deleted : HKCU\Software\SoftonicKey Deleted : HKCU\Software\AppDataLow\SoftwareKey Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}Key Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DesksvcKey Deleted : HKLM\Software\GS.EnablerKey Deleted : HKLM\Software\hdcodeKey Deleted : HKLM\Software\IePluginKey Deleted : HKLM\Software\OrbitKey Deleted : HKLM\Software\V9Key Deleted : HKLM\Software\winzipersvcKey Deleted : HKLM\Software\WpmKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipperKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WpmKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Mozilla Firefox v29.0.1 (en-US) [ File : C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.default\prefs.js ] Line Deleted : user_pref("extensions.01U2r.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexO[...]Line Deleted : user_pref("extensions.Oux3rj6PO.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]Line Deleted : user_pref("extensions.VkI7xhR.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]Line Deleted : user_pref("extensions.tO2T5.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexO[...] -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10668 octets] - [05/06/2014 01:56:59]AdwCleaner[s0].txt - [10427 octets] - [05/06/2014 01:59:04] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10488 octets] ##########
-
Here's the fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014Ran by hp1 at 2014-06-04 00:22:50 Run:1Running from C:\Users\hp1\DesktopBoot Mode: Normal============================================== Content of fixlist:*****************StartAppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4395520 2014-03-29] ()GroupPolicy: Group Policy on Chrome detected <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp...q={searchTerms}SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDFS2 Wpm; [X]U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; ask: {CF2BC2EC-8486-4AB6-8E6A-EF6F2FCED0D1} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTIONEnd***************** "C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL" => Value Data removed successfully.C:\Windows\system32\GroupPolicy\Machine => Moved successfully.C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.Wpm => Service deleted successfully.BthAvrcpTg => Service deleted successfully.BthHFEnum => Service deleted successfully.bthhfhid => Service deleted successfully. The system needed a reboot. ==== End of Fixlog ====
-
How can I run fixlist.txt I downloaded it from your attachment and opened the file. It shows StartAppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4395520 2014-03-29] ()GroupPolicy: Group Policy on Chrome detected <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp...q={searchTerms}SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDFS2 Wpm; [X]U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; ask: {CF2BC2EC-8486-4AB6-8E6A-EF6F2FCED0D1} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTIONEnd
-
The Addition.txt is here: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01Ran by hp1 at 2014-06-02 20:53:56Running from C:\Users\hp1\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) HiddenAdobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) HiddenAMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) HiddenAMD Catalyst Install Manager (HKLM\...\{5977D04D-1D6A-952C-97AF-04D9D4C0AE56}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)Assistant (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}) (Version: - Verified Publisher) <==== ATTENTIONAudacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenBuild-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) HiddenCatalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) HiddenChuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) HiddenCollage Maker (HKLM-x32\...\{05F2884D-89AC-4DE4-A63D-7DB3FE3398DC}) (Version: 3.80 - Galleria Software)Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) HiddenCrazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) HiddenCyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) HiddenCyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) HiddenCyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) HiddenCyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) HiddenCyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) HiddenCyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) HiddenCyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddendeskPDF Studio X (HKLM-x32\...\deskPDF Studio_is1) (Version: - Docudesk)Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) HiddenFile Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) HiddenFlashCrypt for Windows (HKLM-x32\...\FlashCrypt_is1) (Version: 1.0 - FSPro Labs)FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) HiddenGovernor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) HiddenHewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) HiddenHP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) HiddenHP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) HiddenHP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) HiddenHP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) HiddenJava 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenJohn Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) HiddenK-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) HiddenLuxor Evolved (x32 Version: 2.2.0.98 - WildTangent) HiddenMahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenNaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.28.24.exe - NETGEAR Inc.)Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - www.orbitdownloader.com)PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)PDFCreator Bundle by Fileparade.com (HKLM-x32\...\PDFCreator Bundle by Fileparade.com) (Version: 1.0.0.0 - ) <==== ATTENTIONPeggle Nights (x32 Version: 2.2.0.98 - WildTangent) HiddenPenguins! (x32 Version: 2.2.0.98 - WildTangent) HiddenPhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 2.46 - NCH Software)PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version: - FINEDREAM INVEST LTD) <==== ATTENTIONPolar Bowler (x32 Version: 2.2.0.97 - WildTangent) HiddenPolar Golfer (x32 Version: 2.2.0.98 - WildTangent) HiddenPX Profile Update (x32 Version: 1.00.1. - AMD) HiddenRalink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenShutdown8 (HKCU\...\Shutdown8) (Version: 1.08 - Bandisoft.com)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) HiddenTrinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) HiddenUnity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)Update Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenVLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) HiddenWindows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )WinZipper (HKLM-x32\...\WinZipper) (Version: 1.4.8 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTIONWPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTIONYahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Restore Points ========================= 25-05-2014 10:02:28 Installed PDF Architect 2 View Module01-06-2014 17:24:57 Installed Collage Maker ==================== Scheduled Tasks (whitelisted) ============= Task: {009C247A-B4EE-4D47-9C5F-0BBC20A7A063} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-30] (Symantec Corporation)Task: {1900DBDA-1F74-436F-83B1-F3984F256905} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {25412BFB-725F-4689-B149-D30C13474013} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)Task: {2CB1AC0B-56C1-4C28-8B33-36B03DE00FE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)Task: {600C444D-BA13-4772-93F8-8A4AFC54946E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)Task: {6C7C6A9F-4730-472E-82AE-9A75467175C7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)Task: {741961B7-7C79-4CCC-A097-4335E10D8B0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {988173EF-12AC-4242-A2DE-1A89E1AC0D43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)Task: {9AA86E7D-BBFB-4310-8DE3-5231AC4F6416} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {A9ED1E18-92FB-43AA-A7E8-BC0FCF1A300D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)Task: {AA6AA318-DDEA-4163-BE68-5E739C8B8FB8} - System32\Tasks\HPCeeScheduleForhp1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {AF9EF7D3-AEE7-453B-A74C-7E394D62C1B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)Task: {AFBED8B4-2026-4721-87E2-72950A327244} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001Core => C:\Users\hp1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-10] (Facebook Inc.)Task: {BED81B5B-FAB7-4FD6-A351-8944A085453B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {CF2BC2EC-8486-4AB6-8E6A-EF6F2FCED0D1} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTIONTask: {DD95D6CC-C19C-4071-ACBE-31BF534E60A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {E1D781F0-AD01-49AB-A3CD-0C25AB75D919} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-28] (CyberLink)Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {FCA6C78D-F979-47C9-8319-CC1AD2E79568} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001UA => C:\Users\hp1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-10] (Facebook Inc.)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001Core.job => C:\Users\hp1\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001UA.job => C:\Users\hp1\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\HPCeeScheduleForhp1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-20 10:02 - 2013-06-17 17:40 - 00035944 _____ () C:\Windows\system32\ddmon4-64x.dll2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll2013-10-02 03:47 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll2012-07-26 01:38 - 2012-07-26 01:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2013-04-07 17:08 - 2013-04-07 17:08 - 01044224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe2013-04-07 17:12 - 2013-04-07 17:12 - 00123136 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe2012-08-07 00:24 - 2012-08-07 00:24 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2014-01-28 02:48 - 2014-01-28 02:48 - 00612520 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll2013-02-19 12:16 - 2013-02-19 12:16 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll2013-02-19 12:16 - 2013-02-19 12:16 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll2013-06-05 06:52 - 2013-06-05 06:52 - 00481280 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll2013-03-27 14:12 - 2013-03-27 14:12 - 01553920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll2013-02-19 12:16 - 2013-02-19 12:16 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll2013-05-10 08:42 - 2013-05-10 08:42 - 00229888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll2013-03-27 14:13 - 2013-03-27 14:13 - 01067520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll2013-05-28 11:51 - 2013-05-28 11:51 - 04334592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll2013-03-27 14:22 - 2013-03-27 14:22 - 00500736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll2013-03-27 14:20 - 2013-03-27 14:20 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll2013-03-27 14:21 - 2013-03-27 14:21 - 01198080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll2013-05-15 08:26 - 2013-05-15 08:26 - 08432128 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll2013-04-28 11:55 - 2013-04-28 11:55 - 01205760 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll2013-03-27 14:12 - 2013-03-27 14:12 - 00088064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll2013-03-27 14:21 - 2013-03-27 14:21 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll2013-05-14 10:48 - 2013-05-14 10:48 - 00931840 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll2013-03-27 14:19 - 2013-03-27 14:19 - 00438272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll2013-02-19 12:16 - 2013-02-19 12:16 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll2013-03-27 14:12 - 2013-03-27 14:12 - 00137728 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll2013-03-27 08:28 - 2013-03-27 08:28 - 00139264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll2012-11-29 15:26 - 2012-11-29 15:26 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll2013-03-27 08:28 - 2013-03-27 08:28 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL2013-03-27 08:28 - 2013-03-27 08:28 - 00074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll2013-03-27 08:28 - 2013-03-27 08:28 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll2013-03-27 14:21 - 2013-03-27 14:21 - 00714240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll2013-03-27 14:19 - 2013-03-27 14:19 - 00485376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll2013-03-27 14:19 - 2013-03-27 14:19 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll2013-03-27 08:28 - 2013-03-27 08:28 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll2013-12-06 07:22 - 2013-12-04 08:17 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll2013-12-06 07:22 - 2013-12-04 08:17 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll2012-09-17 12:51 - 2012-06-08 09:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll2012-06-09 00:04 - 2012-06-09 00:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll2013-08-13 12:16 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll2013-12-06 07:22 - 2013-12-04 08:18 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll2013-12-06 07:22 - 2013-12-04 08:18 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll2013-12-06 07:22 - 2013-12-04 08:17 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll2013-12-06 07:22 - 2013-12-04 08:18 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll2014-05-02 05:00 - 2012-05-30 12:21 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll2012-09-17 12:30 - 2012-06-26 00:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (06/02/2014 05:14:23 PM) (Source: ATIeRecord) (EventID: 16388) (User: )Description: ATI EEU Client event error Error: (06/02/2014 00:31:00 AM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/01/2014 11:02:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NIMA_LEONIE)Description: App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos did not launch within its allotted time. Error: (06/01/2014 10:50:56 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/01/2014 10:50:54 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/01/2014 10:50:49 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/01/2014 10:50:49 PM) (Source: SideBySide) (EventID: 78) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/01/2014 05:55:54 PM) (Source: ATIeRecord) (EventID: 16388) (User: )Description: ATI EEU Client event error Error: (06/01/2014 05:06:27 PM) (Source: ATIeRecord) (EventID: 16388) (User: )Description: ATI EEU Client event error Error: (06/01/2014 04:41:07 PM) (Source: ATIeRecord) (EventID: 16388) (User: )Description: ATI EEU Client event error System errors:=============Error: (06/02/2014 08:38:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 08:38:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Assistant service to connect. Error: (06/02/2014 08:38:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 05:14:19 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 05:14:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Wpm Service service failed to start due to the following error: %%87 Error: (06/02/2014 05:12:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 05:12:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 05:12:40 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 05:12:40 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Error: (06/02/2014 04:37:28 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)Description: There was an error while attempting to read the local hosts file. Microsoft Office Sessions:========================= CodeIntegrity Errors:=================================== Date: 2013-11-30 19:10:19.313 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.283 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.255 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.227 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.199 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.172 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.144 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-11-30 19:10:19.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\igdumd64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-08-08 05:17:25.891 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2013-08-08 05:11:52.845 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 48%Total physical RAM: 3986.27 MBAvailable physical RAM: 2058.39 MBTotal Pagefile: 4946.27 MBAvailable Pagefile: 2612.81 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:222.7 GB) (Free:27.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (RECOVERY) (Fixed) (Total:24 GB) (Free:2.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive f: (Backup) (Fixed) (Total:218.29 GB) (Free:41.84 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 526DF2E5) Partition: GPT Partition Type. ==================== End Of Log ============================
-
Here's Frst.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01Ran by hp1 (administrator) on NIMA_LEONIE on 02-06-2014 20:52:45Running from C:\Users\hp1\DesktopPlatform: Windows 8 Single Language (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe(Docudesk Corporation) C:\Program Files (x86)\Docudesk\deskPDF Studio X\deskPDFCreator.exe(AMD) C:\Windows\System32\atieclxx.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\splwow64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-08] (IDT, Inc.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-07] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [btTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2442161694-1867086132-3323340639-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)HKU\S-1-5-21-2442161694-1867086132-3323340639-1001\...\Run: [Facebook Update] => C:\Users\hp1\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-10] (Facebook Inc.)HKU\S-1-5-21-2442161694-1867086132-3323340639-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1044224 2013-04-07] ()HKU\S-1-5-21-2442161694-1867086132-3323340639-1001\...\Run: [deskPDF Creator] => C:\Program Files (x86)\Docudesk\deskPDF Studio X\deskPDFCreator.exe [2346664 2013-11-02] (Docudesk Corporation)AppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4395520 2014-03-29] ()GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1390856039&from=vtt&uid=HitachiXHTS547550A9E384_J2160051KPK7MCKPK7MCX&q={searchTerms}StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJSSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJSSearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDFSearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://in.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDFSearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies) Hosts: Hosts file not detected in the default directoryTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{589C6022-C6E1-4197-9FA1-02CAF38653E8}: [NameServer]10.15.19.1,4.2.2.2 FireFox:========FF ProfilePath: C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.defaultFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: PDF Architect 2 - C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\hp1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\hp1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: hp.com/HPDetect - C:\Users\hp1\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)FF Extension: NetVideoHunter - C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.default\Extensions\netvideohunter@netvideohunter.com [2014-03-07]FF Extension: WeLoveGames - C:\Users\hp1\AppData\Roaming\Mozilla\Firefox\Profiles\tda6zgi4.default\Extensions\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8} [2014-06-01]FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-10]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [] Chrome: =======CHR DefaultSearchKeyword: google.co.inCHR Extension: (Google Docs) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-09]CHR Extension: (Google Drive) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-09]CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-16]CHR Extension: (YouTube) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-09]CHR Extension: (Adblock Plus) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-01]CHR Extension: (Google Search) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-09]CHR Extension: (AddBlocKnWaTch) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcafohaaolpcbgalddehiohiljbljfna [2014-02-09]CHR Extension: (Google Wallet) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-09]CHR Extension: (Gmail) - C:\Users\hp1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-09]CHR Extension: (NewSoaver) - C:\ProgramData\eholgdgaancdjnfdjgbjhkfolhhfjkdl [2014-01-01]CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-02]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2014-01-28] (Taiwan Shui Mu Chih Ching Technology Limited.)S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",serviceS2 Wpm; [X] ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)U4 BthAvrcpTg; U4 BthHFEnum; U4 bthhfhid; S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131011.001\IDSvia64.sys [520280 2013-10-10] (Symantec Corporation)S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131013.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131013.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwNe64.sys [11400192 2012-06-02] (Intel Corporation)R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2014-05-17] (CACE Technologies, Inc.)S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)R3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)R3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-06-21] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-10] (Symantec Corporation)R3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-02 20:52 - 2014-06-02 20:53 - 00021482 _____ () C:\Users\hp1\Desktop\FRST.txt2014-06-02 20:52 - 2014-06-02 20:52 - 00000000 ____D () C:\FRST2014-06-02 20:50 - 2014-06-02 20:50 - 22150984 _____ () C:\Users\hp1\Downloads\NRI_3.avi.crdownload2014-06-02 16:58 - 2014-06-01 19:53 - 02067456 _____ (Farbar) C:\Users\hp1\Desktop\FRST64.exe2014-06-02 16:55 - 2014-06-02 16:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-02 16:55 - 2014-06-02 16:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-02 16:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-02 16:55 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-02 16:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-02 16:51 - 2014-06-02 16:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hp1\Downloads\mbam-setup-2.0.2.1012 (1).exe2014-06-01 22:56 - 2014-06-01 22:56 - 00001072 _____ () C:\Users\Public\Desktop\Collage Maker 3.80.lnk2014-06-01 22:56 - 2014-05-30 23:18 - 526504904 _____ () C:\Users\hp1\Desktop\Blended.flv2014-06-01 22:55 - 2014-06-01 22:56 - 00000000 ____D () C:\Users\hp1\Documents\Collage Maker Projects2014-06-01 22:55 - 2014-06-01 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.802014-06-01 22:55 - 2014-06-01 22:55 - 00000000 ____D () C:\Program Files (x86)\Collage Maker 3.802014-06-01 22:54 - 2014-06-01 22:54 - 00000000 ___RD () C:\Users\hp1\Desktop\New folder2014-06-01 22:51 - 2014-06-01 22:54 - 27515904 _____ () C:\Users\hp1\Desktop\CollageMaker3.8.msi2014-06-01 22:28 - 2014-06-01 22:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hp1\Downloads\mbam-setup-2.0.2.1012.exe2014-05-27 01:12 - 2014-05-27 01:12 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity2014-05-27 01:11 - 2014-05-27 01:11 - 00527423 _____ ( ) C:\Users\hp1\Downloads\Lame_v3.99.3_for_Windows.exe2014-05-27 00:54 - 2014-05-27 01:26 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\Audacity2014-05-27 00:54 - 2014-05-27 00:54 - 00001023 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk2014-05-27 00:53 - 2014-05-27 00:54 - 00000000 ____D () C:\Program Files (x86)\Audacity2014-05-27 00:50 - 2014-05-27 00:53 - 22180353 _____ (Audacity Team ) C:\Users\hp1\Downloads\audacity-win-2.0.5.exe2014-05-27 00:24 - 2014-05-27 15:42 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\TeamViewer2014-05-27 00:24 - 2014-05-27 00:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer2014-05-26 16:34 - 2014-05-26 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-26 16:28 - 2014-05-31 11:01 - 00008152 _____ () C:\Users\hp1\Documents\bookmarks_5_26_14.html2014-05-26 16:11 - 2014-05-27 00:41 - 00000905 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.txt2014-05-26 16:11 - 2014-05-27 00:41 - 00000000 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-05-26 16:11 - 2014-05-26 16:11 - 00001167 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.1.txt2014-05-26 16:10 - 2014-05-26 16:10 - 00752176 _____ (NCH Software) C:\Users\hp1\Downloads\vxlsetupfree.exe2014-05-26 03:37 - 2014-05-26 03:58 - 00000000 ____D () C:\Users\hp1\Downloads\DSpeech2014-05-26 03:03 - 2014-05-26 03:03 - 00359891 _____ () C:\Users\hp1\Downloads\pilotscafe.apps.navtrainer.apk2014-05-25 15:45 - 2014-05-25 15:45 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\HewlettPackard2014-05-25 15:44 - 2014-05-25 15:44 - 01099264 _____ () C:\Users\hp1\Downloads\HPDetect.msi2014-05-25 15:33 - 2014-05-25 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 22014-05-25 15:32 - 2014-05-25 15:32 - 00000000 ____D () C:\Users\hp1\Documents\PDF Architect 22014-05-25 15:32 - 2014-05-25 15:32 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 22014-05-25 15:29 - 2014-05-25 15:33 - 00000000 ____D () C:\Program Files (x86)\PDFCreator2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\pdfforge2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\PDF Architect 22014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator2014-05-25 15:29 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX2014-05-25 15:29 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll2014-05-25 15:29 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL2014-05-25 15:26 - 2014-05-25 15:28 - 27843432 _____ (pdfforge ) C:\Users\hp1\Downloads\PDFCreator-1_7_3_setup.exe2014-05-25 15:07 - 2014-05-25 15:07 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe2014-05-25 15:06 - 2014-05-25 15:15 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool2014-05-24 01:59 - 2014-05-24 01:59 - 00000000 ____D () C:\Users\hp1\Downloads\C2014-05-21 23:20 - 2014-05-26 03:28 - 00000000 ____D () C:\ProgramData\NaturalReaders2014-05-21 21:53 - 2014-05-21 21:53 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\.mono2014-05-21 00:12 - 2014-05-21 00:14 - 00000000 ____D () C:\Users\hp1\Downloads\2nd Year2014-05-21 00:09 - 2014-05-21 00:11 - 00000000 ____D () C:\Users\hp1\Downloads\3rd Year2014-05-20 10:07 - 2014-05-20 10:12 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\deskPDF Editor2014-05-20 10:02 - 2014-05-20 10:02 - 00000953 _____ () C:\Windows\deskinst.log2014-05-20 10:02 - 2014-05-20 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Docudesk2014-05-20 10:02 - 2013-08-12 11:29 - 00081608 _____ () C:\Windows\SysWOW64\ddcvt4.exe2014-05-20 10:02 - 2013-08-12 11:29 - 00081608 _____ () C:\Windows\system32\ddcvt4.exe2014-05-20 10:02 - 2013-08-12 11:28 - 00057032 _____ () C:\Windows\SysWOW64\desksc.exe2014-05-20 10:02 - 2013-08-12 11:28 - 00057032 _____ () C:\Windows\system32\desksc.exe2014-05-20 10:02 - 2013-06-17 17:40 - 00035944 _____ () C:\Windows\system32\ddmon4-64x.dll2014-05-20 10:01 - 2014-05-20 10:01 - 00000000 ____D () C:\Program Files (x86)\Docudesk2014-05-20 09:46 - 2014-05-20 09:46 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion Document Converter.lnk2014-05-18 12:04 - 2014-05-18 12:05 - 00000000 ____D () C:\Windows\rescache2014-05-17 18:17 - 2014-05-20 10:18 - 00000000 ____D () C:\Users\hp1\Downloads\bca2014-05-17 17:04 - 2014-05-17 17:05 - 00000000 ____D () C:\Users\hp1\AppData\Local\NETGEARGenie2014-05-17 17:04 - 2014-05-17 17:04 - 00369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys2014-05-17 17:04 - 2014-05-17 17:04 - 00002072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\NETGEAR Genie2014-05-17 14:58 - 2014-06-01 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-05-17 14:58 - 2014-05-27 00:41 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-05-17 14:58 - 2014-05-26 16:11 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\NCH Software2014-05-17 14:58 - 2014-05-26 16:11 - 00000000 ____D () C:\ProgramData\NCH Software2014-05-17 14:58 - 2014-05-17 14:58 - 00001150 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Image Editor.lnk2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\Windows Live2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\{F135D571-3251-41F9-B429-51625A4AF976}2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\{C315A3C9-010D-4B2C-8BFD-84377B122BC7}2014-05-16 08:03 - 2014-05-16 08:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security2014-05-14 18:37 - 2014-03-29 00:49 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys2014-05-14 18:37 - 2014-03-24 03:41 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys2014-05-14 18:36 - 2014-03-28 13:53 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2014-05-14 16:35 - 2014-04-12 14:57 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-05-14 16:35 - 2014-04-12 14:40 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-05-14 16:35 - 2014-04-12 14:39 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll2014-05-14 16:35 - 2014-04-12 14:39 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll2014-05-14 16:35 - 2014-04-12 14:39 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-05-14 16:35 - 2014-04-12 14:39 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-05-14 16:35 - 2014-04-12 14:38 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-05-14 16:35 - 2014-04-12 14:38 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-05-14 16:35 - 2014-04-12 14:38 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll2014-05-14 16:35 - 2014-04-12 14:38 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-05-14 16:35 - 2014-04-12 14:37 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-05-14 16:35 - 2014-04-12 12:53 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll2014-05-14 16:35 - 2014-04-12 12:53 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll2014-05-14 16:35 - 2014-04-12 12:53 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-05-14 16:35 - 2014-04-12 12:53 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-05-14 16:35 - 2014-04-12 12:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-05-14 16:35 - 2014-04-12 12:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-05-14 16:35 - 2014-04-12 12:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-05-14 16:35 - 2014-04-12 12:28 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll2014-05-14 16:35 - 2014-03-28 13:53 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-05-14 16:35 - 2014-03-28 11:48 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-05-14 16:35 - 2014-03-11 09:02 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-05-14 16:35 - 2014-03-11 08:55 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2014-05-14 16:35 - 2014-03-11 06:11 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll2014-05-14 16:35 - 2014-03-11 06:11 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-05-14 16:35 - 2014-03-11 06:11 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll2014-05-14 16:35 - 2014-03-11 06:09 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2014-05-14 16:35 - 2014-03-11 06:08 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll2014-05-14 16:35 - 2014-03-11 06:08 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2014-05-14 16:35 - 2014-03-10 08:35 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-05-14 16:35 - 2014-03-10 06:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-05-14 16:35 - 2014-03-04 04:37 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2014-05-14 16:34 - 2014-05-06 10:44 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-14 16:34 - 2014-05-06 10:44 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-14 16:34 - 2014-05-06 09:18 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-14 16:34 - 2014-05-06 09:18 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-14 16:34 - 2014-05-06 09:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-14 16:34 - 2014-05-06 08:56 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-14 16:33 - 2014-03-01 15:17 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-05-14 16:33 - 2014-03-01 15:17 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll2014-05-14 16:33 - 2014-03-01 13:37 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll2014-05-14 16:33 - 2014-03-01 12:29 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-05-14 16:33 - 2014-02-27 04:48 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys2014-05-14 16:33 - 2014-02-27 04:48 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2014-05-14 16:33 - 2014-02-27 04:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys2014-05-14 16:33 - 2014-02-27 04:48 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2014-05-14 16:33 - 2014-02-15 09:45 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys2014-05-13 23:47 - 2014-05-13 23:47 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-05-11 03:08 - 2014-05-11 03:08 - 00018416 _____ () C:\Users\hp1\Downloads\[exrapidleech]_wSUq4_[exrapidleech.info]2014-05-11 03:03 - 2014-05-11 03:03 - 00009192 _____ () C:\Users\hp1\Downloads\1ffe955806c5eb67fe62359205699262.htm2014-05-11 03:02 - 2014-05-11 03:02 - 00000082 _____ () C:\Users\hp1\Downloads\[exrapidleech]_Rapidgator_[exrapidleech.info]2014-05-10 21:16 - 2014-04-19 15:09 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe2014-05-10 21:16 - 2014-04-19 14:15 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll2014-05-10 21:16 - 2014-04-19 14:15 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-05-10 21:16 - 2014-04-19 12:27 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll2014-05-10 21:16 - 2014-04-19 12:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-05-10 21:16 - 2014-01-31 06:18 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll2014-05-10 21:15 - 2014-02-04 05:26 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-05-10 21:15 - 2014-02-04 05:26 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-05-10 21:15 - 2014-01-31 06:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll2014-05-10 21:15 - 2014-01-31 05:36 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll2014-05-10 21:15 - 2014-01-27 09:12 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-05-10 21:15 - 2014-01-27 09:09 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-05-10 21:15 - 2014-01-27 04:47 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml2014-05-10 21:15 - 2014-01-16 05:12 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys2014-05-10 21:15 - 2014-01-11 12:18 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-05-10 21:15 - 2014-01-11 10:36 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-05-10 21:15 - 2014-01-03 05:05 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll2014-05-10 21:15 - 2014-01-03 05:02 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll2014-05-10 21:13 - 2014-03-07 06:18 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-10 21:13 - 2014-03-07 06:18 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-10 21:13 - 2014-03-07 06:17 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-10 21:13 - 2014-03-07 06:17 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-10 21:13 - 2014-03-07 06:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-10 21:13 - 2014-03-07 05:38 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-10 21:13 - 2014-03-07 05:38 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-10 21:13 - 2014-03-07 05:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-10 21:13 - 2014-03-07 05:38 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll2014-05-10 21:13 - 2014-03-07 05:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-10 21:13 - 2014-03-07 05:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-10 21:13 - 2013-05-16 04:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll2014-05-10 21:13 - 2013-05-16 04:05 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll2014-05-10 21:13 - 2013-02-21 15:59 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2014-05-10 21:13 - 2013-02-21 15:59 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-10 21:13 - 2013-02-21 15:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-10 21:13 - 2013-02-21 15:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-10 21:13 - 2013-02-21 15:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2014-05-10 21:13 - 2013-02-19 15:23 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll2014-05-10 21:13 - 2012-11-08 09:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-10 21:13 - 2012-11-08 09:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-10 21:13 - 2012-07-26 08:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-10 21:12 - 2014-03-07 06:17 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-10 21:12 - 2014-03-07 06:17 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-10 21:12 - 2014-03-07 06:17 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-05-10 21:12 - 2014-03-07 05:38 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-10 21:12 - 2014-03-07 05:38 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-10 21:12 - 2014-03-07 05:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-05-10 21:12 - 2013-02-21 15:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-09 06:15 - 2014-05-09 06:15 - 00000791 _____ () C:\Users\hp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pics.lnk2014-05-07 23:28 - 2014-05-07 23:28 - 00012800 ___SH () C:\Users\hp1\Documents\Thumbs.db ==================== One Month Modified Files and Folders ======= 2014-06-02 20:53 - 2014-06-02 20:52 - 00021482 _____ () C:\Users\hp1\Desktop\FRST.txt2014-06-02 20:53 - 2013-08-07 22:20 - 00000000 ____D () C:\Users\hp1\AppData\Local\Temp2014-06-02 20:52 - 2014-06-02 20:52 - 00000000 ____D () C:\FRST2014-06-02 20:50 - 2014-06-02 20:50 - 22150984 _____ () C:\Users\hp1\Downloads\NRI_3.avi.crdownload2014-06-02 20:45 - 2013-08-18 18:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-06-02 20:40 - 2014-01-28 02:48 - 00000000 ____D () C:\Program Files (x86)\WinZipper2014-06-02 20:40 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\ELAM2014-06-02 20:38 - 2013-08-08 03:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-02 20:38 - 2013-03-22 10:00 - 00000983 _____ () C:\Windows\SysWOW64\bscs.ini2014-06-02 17:14 - 2014-03-17 17:12 - 00437376 _____ () C:\Windows\system32\FNTCACHE.DAT2014-06-02 17:14 - 2013-08-10 17:08 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForhp1.job2014-06-02 17:14 - 2012-07-26 12:52 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-02 17:13 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Assistant2014-06-02 17:13 - 2013-12-15 01:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-06-02 17:13 - 2012-08-04 03:53 - 00052610 _____ () C:\Windows\PFRO.log2014-06-02 17:12 - 2014-04-14 13:25 - 00000000 ____D () C:\ProgramData\SauveNNewaAppz2014-06-02 17:12 - 2014-02-28 11:46 - 00000000 ____D () C:\ProgramData\DownSavve2014-06-02 17:12 - 2014-02-01 22:30 - 00000000 ____D () C:\ProgramData\AddBlocKnWaTch2014-06-02 17:12 - 2014-01-28 02:26 - 00000000 ____D () C:\ProgramData\WPM2014-06-02 17:12 - 2013-12-28 15:14 - 00000000 ____D () C:\ProgramData\suRf and KEep2014-06-02 17:12 - 2013-11-24 07:26 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\Orbit2014-06-02 17:12 - 2012-07-26 10:56 - 02359296 ___SH () C:\Windows\system32\config\BBI2014-06-02 16:57 - 2014-06-02 16:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-02 16:55 - 2014-06-02 16:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-02 16:55 - 2014-06-02 16:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-02 16:53 - 2014-06-02 16:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hp1\Downloads\mbam-setup-2.0.2.1012 (1).exe2014-06-02 16:44 - 2013-08-07 22:20 - 01860901 _____ () C:\Windows\WindowsUpdate.log2014-06-02 16:33 - 2013-09-23 12:43 - 00000000 ____D () C:\Users\hp1\Documents\Leonie2014-06-02 16:30 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\sru2014-06-02 16:20 - 2013-08-08 03:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-02 16:19 - 2013-11-10 19:14 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001UA.job2014-06-02 00:30 - 2013-08-10 17:40 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\vlc2014-06-01 23:03 - 2014-05-17 14:58 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-06-01 22:56 - 2014-06-01 22:56 - 00001072 _____ () C:\Users\Public\Desktop\Collage Maker 3.80.lnk2014-06-01 22:56 - 2014-06-01 22:55 - 00000000 ____D () C:\Users\hp1\Documents\Collage Maker Projects2014-06-01 22:55 - 2014-06-01 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.802014-06-01 22:55 - 2014-06-01 22:55 - 00000000 ____D () C:\Program Files (x86)\Collage Maker 3.802014-06-01 22:54 - 2014-06-01 22:54 - 00000000 ___RD () C:\Users\hp1\Desktop\New folder2014-06-01 22:54 - 2014-06-01 22:51 - 27515904 _____ () C:\Users\hp1\Desktop\CollageMaker3.8.msi2014-06-01 22:30 - 2014-06-01 22:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\hp1\Downloads\mbam-setup-2.0.2.1012.exe2014-06-01 19:53 - 2014-06-02 16:58 - 02067456 _____ (Farbar) C:\Users\hp1\Desktop\FRST64.exe2014-06-01 14:51 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\AUInstallAgent2014-05-31 11:52 - 2013-08-10 17:08 - 00003158 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForhp12014-05-31 11:52 - 2013-08-07 22:20 - 00000000 ____D () C:\Users\hp12014-05-31 11:01 - 2014-05-26 16:28 - 00008152 _____ () C:\Users\hp1\Documents\bookmarks_5_26_14.html2014-05-30 23:18 - 2014-06-01 22:56 - 526504904 _____ () C:\Users\hp1\Desktop\Blended.flv2014-05-29 22:50 - 2013-08-08 02:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log2014-05-29 22:49 - 2013-08-08 02:05 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2014-05-28 11:23 - 2014-04-26 11:42 - 00000000 ____D () C:\Users\hp1\Downloads\pics2014-05-27 15:42 - 2014-05-27 00:24 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\TeamViewer2014-05-27 01:26 - 2014-05-27 00:54 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\Audacity2014-05-27 01:12 - 2014-05-27 01:12 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity2014-05-27 01:11 - 2014-05-27 01:11 - 00527423 _____ ( ) C:\Users\hp1\Downloads\Lame_v3.99.3_for_Windows.exe2014-05-27 00:54 - 2014-05-27 00:54 - 00001023 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk2014-05-27 00:54 - 2014-05-27 00:53 - 00000000 ____D () C:\Program Files (x86)\Audacity2014-05-27 00:53 - 2014-05-27 00:50 - 22180353 _____ (Audacity Team ) C:\Users\hp1\Downloads\audacity-win-2.0.5.exe2014-05-27 00:41 - 2014-05-26 16:11 - 00000905 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.txt2014-05-27 00:41 - 2014-05-26 16:11 - 00000000 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2014-05-27 00:41 - 2014-05-17 14:58 - 00000000 ____D () C:\Program Files (x86)\NCH Software2014-05-27 00:24 - 2014-05-27 00:24 - 00000000 ____D () C:\Program Files (x86)\TeamViewer2014-05-26 16:34 - 2014-05-26 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-26 16:11 - 2014-05-26 16:11 - 00001167 _____ () C:\Users\hp1\AppData\Roaming\trace_FilterInstaller.1.txt2014-05-26 16:11 - 2014-05-17 14:58 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\NCH Software2014-05-26 16:11 - 2014-05-17 14:58 - 00000000 ____D () C:\ProgramData\NCH Software2014-05-26 16:10 - 2014-05-26 16:10 - 00752176 _____ (NCH Software) C:\Users\hp1\Downloads\vxlsetupfree.exe2014-05-26 03:58 - 2014-05-26 03:37 - 00000000 ____D () C:\Users\hp1\Downloads\DSpeech2014-05-26 03:28 - 2014-05-21 23:20 - 00000000 ____D () C:\ProgramData\NaturalReaders2014-05-26 03:03 - 2014-05-26 03:03 - 00359891 _____ () C:\Users\hp1\Downloads\pilotscafe.apps.navtrainer.apk2014-05-25 16:37 - 2013-08-07 23:59 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2442161694-1867086132-3323340639-10012014-05-25 15:45 - 2014-05-25 15:45 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\HewlettPackard2014-05-25 15:44 - 2014-05-25 15:44 - 01099264 _____ () C:\Users\hp1\Downloads\HPDetect.msi2014-05-25 15:33 - 2014-05-25 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 22014-05-25 15:33 - 2014-05-25 15:29 - 00000000 ____D () C:\Program Files (x86)\PDFCreator2014-05-25 15:32 - 2014-05-25 15:32 - 00000000 ____D () C:\Users\hp1\Documents\PDF Architect 22014-05-25 15:32 - 2014-05-25 15:32 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 22014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\pdfforge2014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\PDF Architect 22014-05-25 15:29 - 2014-05-25 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator2014-05-25 15:28 - 2014-05-25 15:26 - 27843432 _____ (pdfforge ) C:\Users\hp1\Downloads\PDFCreator-1_7_3_setup.exe2014-05-25 15:18 - 2013-08-13 12:16 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\Yahoo!2014-05-25 15:15 - 2014-05-25 15:06 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool2014-05-25 15:07 - 2014-05-25 15:07 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe2014-05-24 01:59 - 2014-05-24 01:59 - 00000000 ____D () C:\Users\hp1\Downloads\C2014-05-22 19:19 - 2013-11-10 19:14 - 00000904 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2442161694-1867086132-3323340639-1001Core.job2014-05-22 07:53 - 2012-07-26 12:58 - 00941050 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-21 21:53 - 2014-05-21 21:53 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\.mono2014-05-21 02:00 - 2013-11-17 06:23 - 00000000 ____D () C:\Users\hp1\AppData\Local\Microsoft Help2014-05-21 00:41 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\FxsTmp2014-05-21 00:14 - 2014-05-21 00:12 - 00000000 ____D () C:\Users\hp1\Downloads\2nd Year2014-05-21 00:11 - 2014-05-21 00:09 - 00000000 ____D () C:\Users\hp1\Downloads\3rd Year2014-05-20 10:18 - 2014-05-17 18:17 - 00000000 ____D () C:\Users\hp1\Downloads\bca2014-05-20 10:12 - 2014-05-20 10:07 - 00000000 ____D () C:\Users\hp1\AppData\Roaming\deskPDF Editor2014-05-20 10:02 - 2014-05-20 10:02 - 00000953 _____ () C:\Windows\deskinst.log2014-05-20 10:02 - 2014-05-20 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Docudesk2014-05-20 10:01 - 2014-05-20 10:01 - 00000000 ____D () C:\Program Files (x86)\Docudesk2014-05-20 09:46 - 2014-05-20 09:46 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doxillion Document Converter.lnk2014-05-20 09:38 - 2014-02-26 20:15 - 00000000 ____D () C:\Users\hp1\Downloads\Pen2014-05-18 12:05 - 2014-05-18 12:04 - 00000000 ____D () C:\Windows\rescache2014-05-18 11:01 - 2013-10-02 03:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-05-17 17:19 - 2012-07-26 13:42 - 00000000 ___HD () C:\Windows\ELAMBKUP2014-05-17 17:05 - 2014-05-17 17:04 - 00000000 ____D () C:\Users\hp1\AppData\Local\NETGEARGenie2014-05-17 17:04 - 2014-05-17 17:04 - 00369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll2014-05-17 17:04 - 2014-05-17 17:04 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys2014-05-17 17:04 - 2014-05-17 17:04 - 00002072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\NETGEAR Genie2014-05-17 16:12 - 2013-08-08 04:17 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI2014-05-17 16:12 - 2013-08-08 04:17 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI2014-05-17 15:12 - 2014-01-05 15:19 - 00000414 _____ () C:\Windows\SysWOW64\REMOTEDEVICE.INI2014-05-17 15:02 - 2014-02-26 19:36 - 00000000 ____D () C:\Users\hp1\Downloads\New folder2014-05-17 14:58 - 2014-05-17 14:58 - 00001150 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Image Editor.lnk2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\Windows Live2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\{F135D571-3251-41F9-B429-51625A4AF976}2014-05-17 14:54 - 2014-05-17 14:54 - 00000000 ____D () C:\Users\hp1\AppData\Local\{C315A3C9-010D-4B2C-8BFD-84377B122BC7}2014-05-17 14:08 - 2013-10-09 10:03 - 00118512 _____ () C:\Users\hp1\AppData\Local\GDIPFONTCACHEV1.DAT2014-05-16 08:03 - 2014-05-16 08:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security2014-05-16 07:58 - 2012-09-17 13:04 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration2014-05-16 07:58 - 2012-09-17 13:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security2014-05-16 07:58 - 2012-09-17 13:03 - 00000000 ____D () C:\Windows\system32\Drivers\NISx642014-05-16 07:57 - 2013-08-07 22:23 - 00000000 ___RD () C:\Users\hp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-05-16 07:57 - 2013-08-07 22:23 - 00000000 ___RD () C:\Users\hp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ___RD () C:\Windows\ToastData2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ____D () C:\Program Files\Windows Defender2014-05-15 19:29 - 2012-07-26 13:42 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-05-14 21:50 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\NDF2014-05-14 19:03 - 2012-09-17 12:34 - 00005497 _____ () C:\Windows\system32\RaCoInst.log2014-05-14 19:03 - 2012-07-26 13:29 - 00000000 ____D () C:\Windows\CbsTemp2014-05-14 19:01 - 2013-11-17 06:23 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-05-14 19:01 - 2013-08-14 16:25 - 00000000 ____D () C:\Windows\system32\MRT2014-05-14 18:59 - 2013-08-09 09:37 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-05-13 23:48 - 2013-08-18 18:40 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-05-13 23:47 - 2014-05-13 23:47 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-05-12 09:25 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\WinStore2014-05-12 07:26 - 2014-06-02 16:55 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-05-12 07:26 - 2014-06-02 16:55 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-05-12 07:25 - 2014-06-02 16:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-11 03:08 - 2014-05-11 03:08 - 00018416 _____ () C:\Users\hp1\Downloads\[exrapidleech]_wSUq4_[exrapidleech.info]2014-05-11 03:03 - 2014-05-11 03:03 - 00009192 _____ () C:\Users\hp1\Downloads\1ffe955806c5eb67fe62359205699262.htm2014-05-11 03:02 - 2014-05-11 03:02 - 00000082 _____ () C:\Users\hp1\Downloads\[exrapidleech]_Rapidgator_[exrapidleech.info]2014-05-10 20:10 - 2012-07-26 12:51 - 00058646 _____ () C:\Windows\setupact.log2014-05-09 16:54 - 2013-12-30 05:23 - 04855296 ___SH () C:\Users\hp1\Downloads\Thumbs.db2014-05-09 06:15 - 2014-05-09 06:15 - 00000791 _____ () C:\Users\hp1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pics.lnk2014-05-07 23:28 - 2014-05-07 23:28 - 00012800 ___SH () C:\Users\hp1\Documents\Thumbs.db2014-05-06 10:44 - 2014-05-14 16:34 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-06 10:44 - 2014-05-14 16:34 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-06 09:18 - 2014-05-14 16:34 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-06 09:18 - 2014-05-14 16:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-06 09:07 - 2014-05-14 16:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-06 08:56 - 2014-05-14 16:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-05 16:48 - 2012-07-26 10:56 - 00000167 _____ () C:\Windows\win.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe[2014-05-14 16:35] - [2014-04-12 14:40] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B C:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-28 13:37 ==================== End Of Log ============================