Jump to content

Desktop Temperature Monitor


Recommended Posts

Yesterday I received a notification from Firefox that my browser wasn't protected and ran a fix.  This installed Desktop Temperature Monitor.  When I try to uninstall it, Norton gives me a warning about the file (uninstall.exe) being too new and recommends not running it.  When I try to run it, it wants me to shut down Norton, among other programs.  I didn't run it.  Now, Firefox isn't working and svchost.exe seems to be eating up a lot of memory.  I shut the Desktop Temperature Monitor off in Process Manager.  Here's the output from the scans.  Do you need me to run them when Desktop Temperature Monitor is running?

 

I do have uTorrent but I don't think it's running.  If it is, could someone tell me how to disable it?  Thanks for any help!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Dave (administrator) on DAVE-PC on 20-07-2014 09:51:11
Running from C:\Users\Dave\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe
() C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [updatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-26] (Bitleader)
HKLM-x32\...\Run: [updatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [WinCast] => D:\CDSetup\setup.exe -leng
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [728120 2012-03-16] (Sony Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-05] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [MediaFace Integration] => C:\Program Files (x86)\Fellowes\MediaFACE 4.2\SetHook.exe [53248 2005-03-28] (Fellowes, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" 
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [Google Update] => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2011-03-15] (Google Inc.)
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup 
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4851008 2014-05-01] (Evernote)
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: M - M:\EasySuite.exe
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {36cf9423-f559-11e2-82cc-d02788027694} - O:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {3ec4560a-5718-11e0-b107-d02788027694} - M:\EasySuite.exe
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {47697f98-04b3-11e3-98ad-d02788027694} - O:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {4f1cbb59-b65e-11e2-807d-d02788027694} - N:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {bf470c47-db38-11e3-b214-d02788027694} - O:\VZW_Software_upgrade_assistant.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnk
ShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Dave\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360311e106p0415v155k4772r348
URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = 
SearchScopes: HKLM-x32 - DefaultScope {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C8EED65C-AB51-47AA-956F-896CB6C3A78C}&mid=8cbd2acabaed47d0b9d3016ecee69f67-5d4283b35e9969dc98305c1e4234bf6729e2ee91〈=en&ds=ft011&pr=sa&d=2012-04-12 15:33:19&v=10.2.0.3&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D73B3D7F-5C8D-4176-B3AE-E211FC3E2064} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 01 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 02 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 03 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 04 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 05 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Winsock: Catalog9 16 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
 
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Dave\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF user.js: detected! => C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Screengrab - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi [2011-07-19]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-20]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-03]
FF HKCU\...\Firefox\Extensions: [{FB304EF5-15D3-D544-9F7F-4585F9A14A3B}] - C:\Program Files (x86)\di5Re-Markable\175.xpi
 
Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-12-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (Skype Click to Call) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-05]
CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-06-03]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dave\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-06-03]
CHR HKCU\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08]
 
==================== Services (Whitelisted) =================
 
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2011-02-11] (CyberLink)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [249856 2012-02-14] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed]
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\N360.exe [265040 2014-05-23] (Symantec Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [476728 2012-03-16] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [243712 2012-02-14] (SMServer) [File not signed]
R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [178528 2011-09-09] (RapidSolution Software AG)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog)
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [191944 2011-10-31] (Hauppauge, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MusCAudio; C:\Windows\System32\drivers\MusCAudio.sys [34040 2012-02-14] (Windows ® Win 7 DDK provider)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\ENG64.SYS [126040 2014-07-13] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\EX64.SYS [2099288 2014-07-13] (Symantec Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)
R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-09-09] (RapidSolution Software AG)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-07-07] (Corsica)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-20 09:51 - 2014-07-20 09:52 - 00041142 _____ () C:\Users\Dave\Downloads\FRST.txt
2014-07-20 09:51 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST
2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html
2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144
2014-07-19 22:19 - 2014-07-20 09:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe
2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk
2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe
2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-19 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-19 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-19 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-19 21:37 - 2014-07-19 21:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\System Optimizer Pro
2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-07-19 21:03 - 2014-07-19 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-07-19 21:03 - 2014-07-19 21:03 - 00000000 ____D () C:\Users\Dave\AppData\Local\System_Alerts_LLC
2014-07-19 21:02 - 2014-07-20 09:23 - 00000000 ____D () C:\Users\Dave\AppData\Local\DesktopTemperature
2014-07-19 21:02 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-19 21:00 - 2014-07-07 11:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones
2014-07-16 15:54 - 2014-07-16 16:02 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification
2014-07-15 13:39 - 2014-07-17 12:04 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con
2014-07-09 22:20 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 22:20 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 22:20 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 22:20 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 22:20 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 22:20 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 22:20 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 22:20 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 22:20 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 22:20 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 22:19 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 22:19 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 22:19 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 22:19 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 22:19 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 22:19 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 22:19 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 22:19 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 22:19 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 22:19 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 22:19 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 22:19 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 22:19 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 22:19 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 22:19 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 22:19 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 22:19 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 22:19 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 22:19 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 22:19 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 22:19 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 22:19 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 22:19 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 22:19 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 22:19 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 22:19 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 22:19 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 22:19 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 22:19 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 22:19 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 22:19 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 22:19 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 22:19 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 22:19 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 22:19 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 22:19 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 22:19 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 22:19 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 22:19 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 22:19 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 22:19 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 22:19 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 22:19 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 22:19 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 22:19 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 22:19 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 22:19 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 22:19 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 22:19 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 22:19 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 22:19 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 22:19 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 22:19 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 22:19 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 22:19 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 22:19 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 22:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 22:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 22:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt
2014-07-07 09:23 - 2014-07-07 20:43 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009
2014-07-06 10:10 - 2014-07-06 12:48 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk
2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest
2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest
2014-07-06 10:08 - 2014-07-06 10:09 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe
2014-06-30 18:23 - 2014-06-30 18:24 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse
2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe
2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll
2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls
2014-06-23 15:31 - 2014-06-23 15:38 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus
 
==================== One Month Modified Files and Folders =======
 
2014-07-20 09:52 - 2014-07-20 09:51 - 00041142 _____ () C:\Users\Dave\Downloads\FRST.txt
2014-07-20 09:51 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST
2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2014-07-20 09:41 - 2010-08-14 01:41 - 01331099 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 09:37 - 2011-06-30 05:20 - 00000000 ____D () C:\Users\Dave\Documents\ProcessExplorer
2014-07-20 09:35 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 09:35 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 09:33 - 2012-04-24 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 09:32 - 2011-03-26 09:23 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job
2014-07-20 09:24 - 2014-06-11 03:33 - 00000000 ____D () C:\Users\Dave\AppData\Local\Skitch
2014-07-20 09:23 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\DesktopTemperature
2014-07-20 09:23 - 2011-04-23 22:20 - 00000429 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-20 09:22 - 2011-11-18 20:16 - 00000343 _____ () C:\Windows\lgfwup.ini
2014-07-20 09:22 - 2011-11-18 20:12 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-07-20 09:20 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 09:20 - 2009-07-14 00:51 - 00354714 _____ () C:\Windows\setupact.log
2014-07-20 09:19 - 2014-07-19 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-20 09:19 - 2010-05-31 23:34 - 02901910 _____ () C:\Windows\PFRO.log
2014-07-20 09:18 - 2010-05-31 23:24 - 00000000 ____D () C:\Windows\oem
2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html
2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144
2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe
2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk
2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe
2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-19 21:39 - 2012-04-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-19 21:38 - 2014-07-19 21:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-19 21:15 - 2011-11-02 13:12 - 00036864 ___SH () C:\Users\Dave\Thumbs.db
2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\System Optimizer Pro
2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2014-07-19 21:05 - 2014-07-19 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-07-19 21:03 - 2014-07-19 21:03 - 00000000 ____D () C:\Users\Dave\AppData\Local\System_Alerts_LLC
2014-07-19 21:02 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature
2014-07-19 21:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-19 21:00 - 2011-09-15 22:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-07-19 20:58 - 2014-06-18 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 15:32 - 2011-03-26 09:23 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job
2014-07-19 01:36 - 2011-11-29 15:55 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent
2014-07-17 12:04 - 2014-07-15 13:39 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con
2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones
2014-07-16 16:02 - 2014-07-16 15:54 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification
2014-07-10 12:51 - 2014-05-02 13:31 - 00886459 _____ () C:\QDATA1.IDX
2014-07-10 12:51 - 2011-03-25 23:26 - 00000000 ____D () C:\Users\Dave\Quicken
2014-07-10 12:51 - 2006-07-31 11:20 - 06316056 _____ () C:\QDATA1.QDF
2014-07-10 12:51 - 2006-07-31 11:20 - 00035840 _____ () C:\QDATA1.QEL
2014-07-10 12:40 - 2011-04-07 00:46 - 00000000 ____D () C:\BACKUP
2014-07-10 04:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 03:23 - 2009-07-14 00:45 - 00351752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 03:21 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 03:21 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 03:04 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:03 - 2011-03-26 08:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 04:40 - 2012-04-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt
2014-07-09 01:33 - 2012-04-24 11:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 01:33 - 2012-04-24 11:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 01:33 - 2011-05-26 05:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 20:43 - 2014-07-07 09:23 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009
2014-07-07 11:04 - 2014-07-19 21:00 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-07 00:35 - 2011-09-15 22:02 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-07-06 20:47 - 2010-08-14 01:47 - 00000000 ____D () C:\Program Files (x86)\Gateway Photo Frame
2014-07-06 12:48 - 2014-07-06 10:10 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk
2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest
2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest
2014-07-06 10:09 - 2014-07-06 10:08 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe
2014-07-05 16:21 - 2014-01-31 12:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-04 17:11 - 2013-09-14 10:12 - 00000000 ____D () C:\Users\Dave\Downloads\MMPRToys
2014-07-04 15:40 - 2013-11-29 11:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Paint.NET
2014-06-30 18:24 - 2014-06-30 18:23 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse
2014-06-29 22:09 - 2014-07-09 22:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-09 22:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 15:40 - 2011-03-30 07:15 - 00000000 ____D () C:\Users\Dave\AppData\Local\CrashDumps
2014-06-28 14:47 - 2013-11-29 11:14 - 00001195 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-06-28 14:47 - 2013-11-29 11:14 - 00001183 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-06-28 14:47 - 2013-11-29 11:14 - 00000000 ____D () C:\Program Files\Paint.NET
2014-06-28 14:11 - 2011-03-15 03:07 - 00084440 _____ () C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-25 11:17 - 2012-06-07 09:31 - 02932224 ___SH () C:\Users\Dave\Downloads\Thumbs.db
2014-06-24 16:20 - 2013-10-24 11:55 - 00000000 ____D () C:\Users\Dave\Downloads\Monster High
2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe
2014-06-24 15:42 - 2011-03-15 18:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Mozilla
2014-06-24 15:42 - 2011-03-15 03:38 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google
2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll
2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls
2014-06-23 15:38 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus
2014-06-23 15:27 - 2011-03-26 09:23 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA
2014-06-23 15:27 - 2011-03-26 09:23 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core
2014-06-20 16:14 - 2014-07-09 22:19 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 15:39 - 2014-07-09 22:19 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
 
Some content of TEMP:
====================
C:\Users\Dave\AppData\Local\Temp\air1510.exe
C:\Users\Dave\AppData\Local\Temp\air5115.exe
C:\Users\Dave\AppData\Local\Temp\airC41E.exe
C:\Users\Dave\AppData\Local\Temp\airC6DE.exe
C:\Users\Dave\AppData\Local\Temp\airC9BD.exe
C:\Users\Dave\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Dave\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Dave\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installStart.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 01:45
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
I need the Addition.txt... :)

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please copy and paste these logs in your next reply.

Link to post
Share on other sites

Hello Jurgen and thanks for helping me!  I tried to attach the addition.txt and it said the message was too long.  I didn't want to post another message until someone else responded so no one thought I was already being helped.  Here is the file.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by Dave at 2014-07-20 09:52:46
Running from C:\Users\Dave\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
 Leawo DVD Creator version  4.0.0.0 (HKLM-x32\...\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1) (Version:  - )
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.2.28595 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Aimersoft Blu-ray Ripper(Build 3.0.0.3) (HKLM-x32\...\Aimersoft Blu-ray Ripper_is1) (Version:  - Aimersoft Software)
Aimersoft DRM Media Converter(Build 1.5.3.0) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
Aimersoft DVD to iPad Converter(Build 2.5.0.0) (HKLM-x32\...\Aimersoft DVD to iPad Converter_is1) (Version:  - Aimersoft Software)
Aimersoft Video Converter Ultimate(Build 4.2.4.0) (HKLM-x32\...\Aimersoft Video Converter Ultimate_is1) (Version:  - Aimersoft Software)
AllMusicConverter 4.3.5 (HKLM-x32\...\AllMusicConverter_is1) (Version: 4.3.5 - Ramka Ltd.)
AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: 2.0.45.12 - ArcSoft)
ATI AVIVO64 Codecs (Version: 10.12.0.00210 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{CADBC192-932B-EC76-510D-4012A33C5E20}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audials (HKLM-x32\...\{D8F247BA-4325-465E-A62D-D3DD1E6E70A7}) (Version: 8.0.54900.0 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Blaze Audio Power Record (HKLM-x32\...\Blaze Audio Power Record_is1) (Version:  - Blaze Audio)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-240C (HKLM-x32\...\{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Caillou's Kindergarten (HKLM-x32\...\Caillou's Kindergarten) (Version:  - Brighter Child Interactive)
Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32\...\Software Guide) (Version: 1.3.0.1 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Personal Printing Guide (HKLM-x32\...\Personal Printing Guide) (Version: 1.1.1.3 - Canon Inc.)
Canon PowerShot SX130 IS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX130IS) (Version: 1.0.0.1 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.5.0 build 3621  (Oct-10-2013) - Carbonite)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0210.2206.39615 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help English (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help French (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help German (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
ccc-utility64 (Version: 2010.0210.2206.39615 - ATI) Hidden
CDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version:  - Henri Gourvest.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertMovie 4.4 (HKLM-x32\...\ConvertMovie 4.4) (Version: 4.4 - MOVAVI)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
Cucusoft DVD to iPod + iPod Video Converter Suite 8.8.8.8 (HKLM-x32\...\Cucusoft DVD to iPod + iPod Video Converter Suite_is1) (Version:  - Cucusoft, Inc.)
Cucusoft iPad Video Converter 8.08 (HKLM-x32\...\Cucusoft iPad Video Converter_is1) (Version:  - Cucusoft, Inc.)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.3226 - CyberLink Corp.) Hidden
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
CyberLink LG Burning Tool (x32 Version: 6.2.4009 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 4 (HKLM-x32\...\InstallShield_{44510C84-AE2A-4079-A75B-D44E68D73B9A}) (Version: 4.0.4317.0 - CyberLink Corp.)
CyberLink PhotoDirector 4 (x32 Version: 4.0.4317.0 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3305 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3305 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3817.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3817.50 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.2821 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.3530 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 1.0.3530 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daniusoft DVD to MP4 Converter(Build 2.3.5.1) (HKLM-x32\...\Daniusoft DVD to MP4 Converter_is1) (Version:  - Daniusoft Software)
Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.24.0.0 - System Alerts LLC)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
eM Client (HKLM-x32\...\{88B17ABF-1B95-4DE8-B06F-CB511AFC2D8A}) (Version: 5.0.19406.0 - eM Client Inc.)
Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)
Free YouTube Download version 3.2.38.530 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.38.530 - DVDVideoSoft Ltd.)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Gateway Incorporated)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version:  - Hauppauge Computer Works)
Hauppauge WinTV IR Blaster (HKLM-x32\...\Hauppauge WinTV IR Blaster) (Version: 7.4.29102 - Hauppauge Computer Works, Inc.)
Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version:  - )
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Gateway Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.0.20.17316 - LeapFrog)
LeapFrog Connect (x32 Version: 5.0.20.17316 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 5.0.19.17305 - LeapFrog) Hidden
LeapFrog Tag Plugin (x32 Version: 5.0.19.17305 - LeapFrog) Hidden
Learning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
MakeMKV v1.7.2 (HKLM-x32\...\MakeMKV) (Version: v1.7.2 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaFACE 4.2 (HKLM-x32\...\InstallShield_{E129EC5D-FC37-4260-B6B7-1113D8613A89}) (Version: 4.2 - Fellowes)
MediaFACE 4.2 (x32 Version: 4.2 - Fellowes) Hidden
MediaFACE 4.2 Image Library (HKLM-x32\...\InstallShield_{2D6DFE76-A197-4337-90BA-8DCB840CA84B}) (Version: 4.2 - Fellowes)
MediaFACE 4.2 Image Library (x32 Version: 4.2 - Fellowes) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version:  - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero 9 Essentials (HKLM-x32\...\{e6817f01-cedf-45af-8195-bd1691311e1c}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.6.2.101 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.33.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Opera 11.50 (HKLM-x32\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)
paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.2.00.03162 - Sony Corporation)
PowerDirector (Version: 9.00.0000 - CyberLink Corp.) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.40.0 - PS3 Media Server)
Quicken 2006 (HKLM-x32\...\{2818095F-FB6C-42C8-827E-0A406CC9AFF5}) (Version: 15.1.2.7 - Intuit)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM-x32\...\Skitch 2.3.1.163) (Version: 2.3.1.163 - Evernote Corp.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.9.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.9.0 - SmartSound Software Inc) Hidden
SRWare Iron version SRWare Iron 30.0.1650.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 30.0.1650.0 - SRWare)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13082_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13082_1 - Samsung Electronics Co., Ltd.) Hidden
The Land Before Time Kindergarten Adventure (HKLM-x32\...\The Land Before Time Kindergarten Adventure) (Version:  - )
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.3.13 - Electronic Arts)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2675 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0436 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0210 - Intuit Inc.) Hidden
TurboTax 2011 wpaiper (x32 Version: 011.000.1429 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0120 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.1804 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0402 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0164 - Intuit Inc.) Hidden
TurboTax 2012 wpaiper (x32 Version: 012.000.1162 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
Ulead GIF Animator 5 TBYB (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version:  - Ulead System)
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 5.0.19.17305 - LeapFrog)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
WBFS Manager 2.5 (HKLM\...\{9DADBA45-2B06-4F7F-970B-E854ABC8917A}) (Version: 2.5 - WBFS)
WBFS Manager 2.5 (HKLM-x32\...\{A5B5B6D8-DE44-44A3-90C4-8C07A1E0FAD4}) (Version: 2.5 - WBFS)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3013 - Gateway Incorporated)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinX HD Video Converter Deluxe 3.10.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software,Inc.)
WN111v2 (x32 Version: 3.0.0.3 - NETGEAR) Hidden
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
 
==================== Restore Points  =========================
 
17-07-2014 17:48:47 Scheduled Checkpoint
20-07-2014 02:15:44 Revo Uninstaller's restore point - Desktop Temperature Monitor
20-07-2014 02:20:34 avast! antivirus system restore point
20-07-2014 02:32:00 Revo Uninstaller's restore point - Desktop Temperature Monitor
20-07-2014 02:33:56 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {016AE68E-99E7-4529-AE89-A27456FF10B2} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0558B69C-B840-4686-8C1E-952BB608C053} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: {20D2C945-3700-474E-86FE-B0253AB27D10} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {5B751779-593B-4718-A0FB-D2C562EC8387} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D11633F-A3C4-4B42-9B58-8EF933DC3BA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {6792B421-8313-4211-85DD-67537D516A0E} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {9D58DAC7-ECB8-4308-BD90-E2759695C1BF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-08-04 08:40 - 2010-08-04 08:40 - 00611872 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
2011-11-18 20:06 - 2009-07-02 10:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-08-26 15:25 - 2010-08-19 05:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-11-05 05:40 - 2012-11-05 04:50 - 00377800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2009-08-14 13:55 - 2009-08-14 13:55 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-14 01:39 - 2010-08-14 01:39 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-03 21:55 - 2014-03-03 21:55 - 01046288 _____ () C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-08-04 05:47 - 2010-08-04 05:47 - 00144896 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll
2009-06-12 19:37 - 2009-06-12 19:37 - 00032768 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll
2009-06-12 19:37 - 2009-06-12 19:37 - 00025088 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll
2011-03-25 20:17 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-01-17 16:19 - 2011-03-16 17:15 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-11-05 05:40 - 2010-06-23 21:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2012-11-05 05:40 - 2010-07-13 09:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2012-11-05 05:40 - 2010-06-01 22:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2012-11-05 05:40 - 2010-06-01 22:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2012-11-05 05:40 - 2012-08-06 05:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2012-11-05 05:40 - 2010-06-01 22:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2012-11-05 05:40 - 2010-06-01 22:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2012-11-05 05:40 - 2010-07-05 05:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2012-11-05 05:40 - 2010-11-11 05:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2012-11-05 05:40 - 2010-06-02 01:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2013-11-13 21:55 - 2013-10-05 22:22 - 00875008 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll
2013-11-13 21:55 - 2013-10-05 22:25 - 00102912 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll
2013-11-13 21:55 - 2013-10-05 21:12 - 00861696 _____ () C:\Program Files (x86)\SRWare Iron\ffmpegsumo.dll
2014-07-09 01:33 - 2014-07-09 01:33 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/20/2014 00:48:39 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.
 
Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]
 
Error: (07/18/2014 11:46:38 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/17/2014 01:43:19 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/15/2014 01:26:58 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/13/2014 01:10:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/12/2014 00:57:07 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/10/2014 11:52:10 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (07/10/2014 01:35:13 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
 
System errors:
=============
Error: (07/20/2014 09:40:51 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (07/20/2014 09:38:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Click to Call PNR Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/20/2014 09:34:44 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (07/20/2014 09:33:41 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (07/20/2014 09:30:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (07/20/2014 09:29:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (07/20/2014 09:29:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (07/20/2014 09:28:33 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (07/20/2014 09:27:14 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (07/20/2014 09:23:27 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 10.0.0.3192.168.137.0255.255.255.0
 
 
Microsoft Office Sessions:
=========================
Error: (07/20/2014 00:48:39 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070013, The media is write protected.
 
Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.
 
Error: (07/18/2014 11:46:38 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/17/2014 01:43:19 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/15/2014 01:26:58 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/13/2014 01:10:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/12/2014 00:57:07 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/10/2014 11:52:10 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (07/10/2014 01:35:13 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 32%
Total physical RAM: 8175.76 MB
Available physical RAM: 5546.05 MB
Total Pagefile: 16349.7 MB
Available Pagefile: 13608.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (Gateway) (Fixed) (Total:915.35 GB) (Free:20.03 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:298.09 GB) (Free:32.35 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931 GB) (Disk ID: BA1D51B1)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=915 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

disable Norton realtime protection please...

revouninstaller.png

  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:

    Desktop Temperature Monitor 
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete

    note: you may have to expand some folders by clicking the "+" mark

  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish
  • Does it work?
Link to post
Share on other sites

Hi,

disable Norton realtime protection please...

 

How do I disable Norton realtime protection?  When I right-click Norton in my task bar, I have these two options:

 

Disable smart firewall
Disable antivirus auto-protect
 
I tried disabling antivirus auto-protect yesterday and used Revo, but the uninstaller still wanted me to completely stop Norton (n360.exe in Task Manager).  Maybe I was doing the wrong thing with Norton, though.  I also tried installing avast, thinking if I killed the n360.exe I would still be protected with avast.  However I wasn't able to kill n360.exe and the uninstaller then wanted me to kill Norton and Avast.
Link to post
Share on other sites

I chose that and when Revo got to the built-in uninstaller it gave me the same message to shut down Norton among other programs.  I took a screenshot if you'd like it.  I cancelled that, as I can't and don't think I'd want to shut down Norton.  Revo gave me the option to scan for any leftover references to the program, but I didn't run that since I didn't uninstall anything.

Link to post
Share on other sites

I can't close Norton.  When I try to kill n360.exe in task manager, I get an error.  I looked online and it says this happens because viruses try to kill Norton and then they could harm the computer.  The only way to stop Norton appears to be completely uninstalling it, and I don't want to do that.  What if this uninstall.exe is actually a virus that will do bad things to my PC if Norton is turned off?

Link to post
Share on other sites

OK,

Step 1

frst.pngfrstfix.png

Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.

    Please copy and paste its contents in your next reply.

fixlist.txt

After the reboot:

Step 2

SystemLook:

  • Please download SystemLook (32-bit) by jpshortstuff and save it to your desktop
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop
  • Double-click the program to run it, paste the entire text into the main text box:

    :folderfind*DesktopTemperature*
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 15:17 on 20/07/2014 by Dave

Administrator - Elevation successful

 

========== folderfind ==========

 

Searching for "*DesktopTemperature*"

C:\Users\Dave\AppData\Local\DesktopTemperature d------ [01:02 20/07/2014]

C:\Users\Dave\AppData\Local\System_Alerts_LLC\DesktopTemperature.exe_Url_er5aqtwibhbrlyw3fc3slp2vcmebwzaa d------ [01:03 20/07/2014]

 

-= EOF =-

Link to post
Share on other sites

Ok,

 

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

 

 

Link to post
Share on other sites

Hi please try these alternative method:

 

Reboot your computer and repeatedly hit the F8 key until the Advanced Boot menu appears. Select Safe Mode, or Safe Mode with Networking.

Once you are in Safe mode, open the Control Panel and select Add/Remove to uninstall Desktop Temperature Monitor.

 

Let me know if it works for you...

Link to post
Share on other sites

Here are the results from step 2.  I will try the directions in your most recent message.

 

# AdwCleaner v3.216 - Report created 20/07/2014 at 16:02:10
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dave - DAVE-PC
# Running from : C:\Users\Dave\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : webinstr
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\System Optimizer Pro
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Dave\AppData\Local\Conduit
Folder Deleted : C:\Users\Dave\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Dave\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Dave\AppData\Local\torch
Folder Deleted : C:\Users\Dave\AppData\LocalLow\Conduit
[x] Not Deleted : C:\Users\Dave\AppData\Roaming\Aimersoft Video Converter Ultimate
Folder Deleted : C:\Users\Dave\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Dave\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Dave\AppData\Roaming\SearchProtect
[x] Not Deleted : C:\Users\Dave\Documents\Aimersoft Video Converter Ultimate
File Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
File Deleted : C:\END
File Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\user.js
File Deleted : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3299568
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\torch
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\prefs.js ]
 
Line Deleted : user_pref("CT3281675.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DZQdRJRQ9tgk%26list%3DPL3D04FE12A78B652D\",\"EB_MAIN_FRAME_TITLE\":\"Darkwing%20Duck%2[...]
Line Deleted : user_pref("CT3281675_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367590754491,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3299568_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376930986285,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN23192938167530147&UM=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3299568");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "entrusted11 Customized Web Search");
Line Deleted : user_pref("smartbar.machineId", "9GXZLVUUEEYS+YVPL1/LX99PYA+LIMLPEDHSPDCB/FD7KOD9UJUUHELQZFNBGP3ZEFR7AIY8QDR8SAK61K18JW");
 
-\\ Google Chrome v
 
[ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={C8EED65C-AB51-47AA-956F-896CB6C3A78C}&mid=〈=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN24501010554306260&ctid=CT3299568&UM=2
Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [11150 octets] - [20/07/2014 15:59:18]
AdwCleaner[s0].txt - [10732 octets] - [20/07/2014 16:02:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10793 octets] ##########
Link to post
Share on other sites

I booted in safe mode.  Uninstall from Control Panel didn't work, it got about halfway through then was stuck for over 20 minutes.  I shut that down then ran through Revo and it worked!  First through moderate mode then advanced, so hopefully it got everything.  I don't see any evidence of the program and I opened Firefox and it's working again.  Thanks so much!  Anything else I need to do?

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014

Ran by Dave (administrator) on DAVE-PC on 20-07-2014 18:20:02

Running from C:\Users\Dave\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe

(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

() C:\Program Files\CyberLink\Shared files\RichVideo64.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

() C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)

HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-11] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI)

HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)

HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)

HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [updatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)

HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-26] (Bitleader)

HKLM-x32\...\Run: [updatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-01] (CyberLink Corp.)

HKLM-x32\...\Run: [WinCast] => D:\CDSetup\setup.exe -leng

HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [728120 2012-03-16] (Sony Corporation)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-05] ()

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [MediaFace Integration] => C:\Program Files (x86)\Fellowes\MediaFACE 4.2\SetHook.exe [53248 2005-03-28] (Fellowes, Inc.)

HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" 

HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [Google Update] => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2011-03-15] (Google Inc.)

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup 

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4851008 2014-05-01] (Evernote)

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: M - M:\EasySuite.exe

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {36cf9423-f559-11e2-82cc-d02788027694} - O:\VZW_Software_upgrade_assistant.exe

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {3ec4560a-5718-11e0-b107-d02788027694} - M:\EasySuite.exe

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {47697f98-04b3-11e3-98ad-d02788027694} - O:\VZW_Software_upgrade_assistant.exe

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {4f1cbb59-b65e-11e2-807d-d02788027694} - N:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {bf470c47-db38-11e3-b214-d02788027694} - O:\VZW_Software_upgrade_assistant.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk

ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)

Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)

ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)

ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)

ShellIconOverlayIdentifiers-x32: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360311e106p0415v155k4772r348

SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKLM - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = 

SearchScopes: HKLM-x32 - DefaultScope value is missing.




SearchScopes: HKCU - {D73B3D7F-5C8D-4176-B3AE-E211FC3E2064} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)

DPF: HKLM-x32 {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

 

FireFox:

========

FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default

FF Homepage: hxxp://xfinity.comcast.net/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Dave\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF Extension: Screengrab - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi [2011-07-19]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18]

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-20]

FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-03]

FF HKCU\...\Firefox\Extensions: [{FB304EF5-15D3-D544-9F7F-4585F9A14A3B}] - C:\Program Files (x86)\di5Re-Markable\175.xpi

 

Chrome: 

=======

CHR HomePage: 

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)

CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File

CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Extension: (Entanglement Web App) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-12-23]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]

CHR Extension: (Skype Click to Call) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-05]

CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dave\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-08-21]

CHR HKCU\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]

CHR HKLM-x32\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08]

 

==================== Services (Whitelisted) =================

 

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)

S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2011-02-11] (CyberLink)

S3 GSService; C:\Windows\SysWOW64\GSService.exe [249856 2012-02-14] () [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]

R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed]

R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\N360.exe [265040 2014-05-23] (Symantec Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [476728 2012-03-16] (Sony Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]

R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()

S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [243712 2012-02-14] (SMServer) [File not signed]

R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [178528 2011-09-09] (RapidSolution Software AG)

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)

S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog)

S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [191944 2011-10-31] (Hauppauge, Inc.)

R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)

R3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)

R3 MusCAudio; C:\Windows\System32\drivers\MusCAudio.sys [34040 2012-02-14] (Windows ® Win 7 DDK provider)

R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\ENG64.SYS [126040 2014-07-13] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\EX64.SYS [2099288 2014-07-13] (Symantec Corporation)

S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))

R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))

S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)

R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)

R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-09-09] (RapidSolution Software AG)

R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)

S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-29] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)

R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-20 15:59 - 2014-07-20 16:03 - 00000000 ____D () C:\AdwCleaner

2014-07-20 15:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-07-20 15:17 - 2014-07-20 15:18 - 00000830 _____ () C:\Users\Dave\Downloads\SystemLook.txt

2014-07-20 15:16 - 2014-07-20 15:16 - 00165376 _____ () C:\Users\Dave\Downloads\SystemLook_x64.exe

2014-07-20 14:21 - 2014-07-20 14:21 - 00000259 _____ () C:\Users\Dave\Downloads\fixlist.txt

2014-07-20 09:52 - 2014-07-20 09:53 - 00045414 _____ () C:\Users\Dave\Downloads\Addition.txt

2014-07-20 09:51 - 2014-07-20 18:20 - 00038701 _____ () C:\Users\Dave\Downloads\FRST.txt

2014-07-20 09:51 - 2014-07-20 18:20 - 00000000 ____D () C:\FRST

2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe

2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html

2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144

2014-07-19 22:19 - 2014-07-20 09:19 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe

2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk

2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe

2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-19 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-19 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-19 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-19 21:37 - 2014-07-19 21:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore

2014-07-19 21:03 - 2014-07-19 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore

2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf

2014-07-19 21:00 - 2014-07-07 11:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys

2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones

2014-07-16 15:54 - 2014-07-16 16:02 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification

2014-07-15 13:39 - 2014-07-17 12:04 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con

2014-07-09 22:20 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-09 22:20 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-09 22:20 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 22:20 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 22:20 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 22:20 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 22:20 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 22:20 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 22:20 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 22:20 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 22:19 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 22:19 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 22:19 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 22:19 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 22:19 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 22:19 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 22:19 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 22:19 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 22:19 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 22:19 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 22:19 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 22:19 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 22:19 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 22:19 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 22:19 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 22:19 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 22:19 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 22:19 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 22:19 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 22:19 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 22:19 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 22:19 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 22:19 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 22:19 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 22:19 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 22:19 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 22:19 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 22:19 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 22:19 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 22:19 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 22:19 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 22:19 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 22:19 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 22:19 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 22:19 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 22:19 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 22:19 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 22:19 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 22:19 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 22:19 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 22:19 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 22:19 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 22:19 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 22:19 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 22:19 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 22:19 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 22:19 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 22:19 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 22:19 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 22:19 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 22:19 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 22:19 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 22:19 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 22:19 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 22:19 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 22:19 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 22:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 22:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 22:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt

2014-07-07 09:23 - 2014-07-07 20:43 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009

2014-07-06 10:10 - 2014-07-06 12:48 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk

2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest

2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest

2014-07-06 10:08 - 2014-07-06 10:09 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe

2014-06-30 18:23 - 2014-06-30 18:24 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse

2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe

2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll

2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll

2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls

2014-06-23 15:31 - 2014-06-23 15:38 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus

 

==================== One Month Modified Files and Folders =======

 

2014-07-20 18:22 - 2014-07-20 09:51 - 00038701 _____ () C:\Users\Dave\Downloads\FRST.txt

2014-07-20 18:20 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST

2014-07-20 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-20 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-20 17:52 - 2010-08-14 01:41 - 01342370 _____ () C:\Windows\WindowsUpdate.log

2014-07-20 17:46 - 2014-06-11 03:33 - 00000000 ____D () C:\Users\Dave\AppData\Local\Skitch

2014-07-20 17:44 - 2011-11-18 20:16 - 00000343 _____ () C:\Windows\lgfwup.ini

2014-07-20 17:44 - 2011-11-18 20:12 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate

2014-07-20 17:43 - 2011-04-23 22:20 - 00000430 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-07-20 17:42 - 2010-05-31 23:34 - 02903828 _____ () C:\Windows\PFRO.log

2014-07-20 17:42 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-20 17:42 - 2009-07-14 00:51 - 00354826 _____ () C:\Windows\setupact.log

2014-07-20 17:34 - 2014-03-30 16:57 - 00023040 _____ () C:\Users\Dave\Desktop\2014 vacations.xls

2014-07-20 16:48 - 2012-02-14 08:19 - 00398848 ___SH () C:\Users\Dave\Desktop\Thumbs.db

2014-07-20 16:33 - 2012-04-24 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-20 16:32 - 2011-03-26 09:23 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job

2014-07-20 16:03 - 2014-07-20 15:59 - 00000000 ____D () C:\AdwCleaner

2014-07-20 15:51 - 2010-08-14 01:47 - 00000000 ____D () C:\Program Files (x86)\Gateway Photo Frame

2014-07-20 15:32 - 2011-03-26 09:23 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job

2014-07-20 15:18 - 2014-07-20 15:17 - 00000830 _____ () C:\Users\Dave\Downloads\SystemLook.txt

2014-07-20 15:16 - 2014-07-20 15:16 - 00165376 _____ () C:\Users\Dave\Downloads\SystemLook_x64.exe

2014-07-20 14:21 - 2014-07-20 14:21 - 00000259 _____ () C:\Users\Dave\Downloads\fixlist.txt

2014-07-20 09:53 - 2014-07-20 09:52 - 00045414 _____ () C:\Users\Dave\Downloads\Addition.txt

2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe

2014-07-20 09:37 - 2011-06-30 05:20 - 00000000 ____D () C:\Users\Dave\Documents\ProcessExplorer

2014-07-20 09:19 - 2014-07-19 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-07-20 09:18 - 2010-05-31 23:24 - 00000000 ____D () C:\Windows\oem

2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html

2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144

2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe

2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk

2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe

2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-19 21:39 - 2012-04-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-19 21:38 - 2014-07-19 21:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-19 21:15 - 2011-11-02 13:12 - 00036864 ___SH () C:\Users\Dave\Thumbs.db

2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore

2014-07-19 21:05 - 2014-07-19 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore

2014-07-19 21:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf

2014-07-19 21:00 - 2011-09-15 22:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-07-19 20:58 - 2014-06-18 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-19 01:36 - 2011-11-29 15:55 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent

2014-07-17 12:04 - 2014-07-15 13:39 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con

2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones

2014-07-16 16:02 - 2014-07-16 15:54 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification

2014-07-10 12:51 - 2014-05-02 13:31 - 00886459 _____ () C:\QDATA1.IDX

2014-07-10 12:51 - 2011-03-25 23:26 - 00000000 ____D () C:\Users\Dave\Quicken

2014-07-10 12:51 - 2006-07-31 11:20 - 06316056 _____ () C:\QDATA1.QDF

2014-07-10 12:51 - 2006-07-31 11:20 - 00035840 _____ () C:\QDATA1.QEL

2014-07-10 12:40 - 2011-04-07 00:46 - 00000000 ____D () C:\BACKUP

2014-07-10 04:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-07-10 03:23 - 2009-07-14 00:45 - 00351752 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-10 03:21 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-10 03:21 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-10 03:04 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-10 03:03 - 2011-03-26 08:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 04:40 - 2012-04-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt

2014-07-09 01:33 - 2012-04-24 11:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-09 01:33 - 2012-04-24 11:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-09 01:33 - 2011-05-26 05:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-07 20:43 - 2014-07-07 09:23 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009

2014-07-07 11:04 - 2014-07-19 21:00 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys

2014-07-07 00:35 - 2011-09-15 22:02 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server

2014-07-06 12:48 - 2014-07-06 10:10 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk

2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest

2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest

2014-07-06 10:09 - 2014-07-06 10:08 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe

2014-07-05 16:21 - 2014-01-31 12:01 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-04 17:11 - 2013-09-14 10:12 - 00000000 ____D () C:\Users\Dave\Downloads\MMPRToys

2014-07-04 15:40 - 2013-11-29 11:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Paint.NET

2014-06-30 18:24 - 2014-06-30 18:23 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse

2014-06-29 22:09 - 2014-07-09 22:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-29 22:04 - 2014-07-09 22:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-28 15:40 - 2011-03-30 07:15 - 00000000 ____D () C:\Users\Dave\AppData\Local\CrashDumps

2014-06-28 14:47 - 2013-11-29 11:14 - 00001195 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk

2014-06-28 14:47 - 2013-11-29 11:14 - 00001183 _____ () C:\Users\Public\Desktop\Paint.NET.lnk

2014-06-28 14:47 - 2013-11-29 11:14 - 00000000 ____D () C:\Program Files\Paint.NET

2014-06-28 14:11 - 2011-03-15 03:07 - 00084440 _____ () C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-25 11:17 - 2012-06-07 09:31 - 02932224 ___SH () C:\Users\Dave\Downloads\Thumbs.db

2014-06-24 16:20 - 2013-10-24 11:55 - 00000000 ____D () C:\Users\Dave\Downloads\Monster High

2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe

2014-06-24 15:42 - 2011-03-15 18:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Mozilla

2014-06-24 15:42 - 2011-03-15 03:38 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google

2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll

2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll

2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls

2014-06-23 15:38 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus

2014-06-23 15:27 - 2011-03-26 09:23 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA

2014-06-23 15:27 - 2011-03-26 09:23 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core

2014-06-20 16:14 - 2014-07-09 22:19 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 15:39 - 2014-07-09 22:19 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

 

Some content of TEMP:

====================

C:\Users\Dave\AppData\Local\Temp\air1510.exe

C:\Users\Dave\AppData\Local\Temp\air5115.exe

C:\Users\Dave\AppData\Local\Temp\airC41E.exe

C:\Users\Dave\AppData\Local\Temp\airC6DE.exe

C:\Users\Dave\AppData\Local\Temp\airC9BD.exe

C:\Users\Dave\AppData\Local\Temp\DRHelper_installFinish.exe

C:\Users\Dave\AppData\Local\Temp\DRHelper_installStart.exe

C:\Users\Dave\AppData\Local\Temp\DRHelper_uninstallComplete.exe

C:\Users\Dave\AppData\Local\Temp\Quarantine.exe

C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installFinish.exe

C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installStart.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-18 01:45

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

let's do a final check up:

Step 1

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 2

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Can you please tell me which problems still persist now?
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.