Jump to content

perfor~1.dll bad image error on all .exe files after scan and removal


Recommended Posts

Hello,

 

I have run a scan and repair and since then get errors upon startup of *.exe - Bad Image

c:\progr~3\perfor~1\perfor~1.dll is either not designed to run on windows or it contains an error.  try installing the program again using the original media or contact your system administrator or the software vendor for support.  I have run FRST and here is the FRST.txt file:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014 01
Ran by Chris (administrator) on CHRIS-PC on 10-12-2014 14:23:46
Running from C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHKF1H2U
Loaded Profile: Chris (Available profiles: Chris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Sentelic Corporation) C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\FspUip.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(VIZIO Computer Inc.) C:\Program Files (x86)\VIZIO\VIZIO_FN_Key_Utility\XVx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(Microsoft Corporation) C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHKF1H2U\msert.exe
(Microsoft Corporation) C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHKF1H2U\msert.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FspUip] => C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\FspUip.exe [5406104 2012-05-01] (Sentelic Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170752 2012-05-09] (SRS Labs, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020064 2012-02-13] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-13] (Atheros Commnucations)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [OSD Utility] => C:\Program Files (x86)\VIZIO\VIZIO_FN_Key_Utility\XVx.exe [7892992 2012-04-27] (VIZIO Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-260076764-703697265-172786246-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\S-1-5-21-260076764-703697265-172786246-1000\...\Run: [bRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1173504 2014-08-10] ()
HKU\S-1-5-21-260076764-703697265-172786246-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe [540848 2014-11-13] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL => C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll [4303360 2014-09-02] ()
AppInit_DLLs-x32: c:\progra~3\perfor~1\perfor~1.dll => c:\ProgramData\Performance Optimizer\PerformanceOptimizer.dll [4125184 2014-09-02] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-260076764-703697265-172786246-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
HKU\S-1-5-21-260076764-703697265-172786246-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_omxmedia_14_50_ie&cd=2XzuyEtN2Y1L1QzutDtDyC0Bzy0EtDtAtBzyyEyE0EtC0FtCtN0D0Tzu0SzyyDtAtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyDyByCzy0AyDtB0DtGzyyByD0FtGyBzz0FzytG0B0EzzyEtGyEtAtA0E0B0A0DtAyEyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0DtA0D0EtCyB0DtG0FyEyEyBtGyE0B0CyCtGzztDtAyEtGtB0A0F0CzzzyyCzz0DtB0A0F2Q&cr=1073685614&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_omxmedia_14_50_ie&cd=2XzuyEtN2Y1L1QzutDtDyC0Bzy0EtDtAtBzyyEyE0EtC0FtCtN0D0Tzu0SzyyDtAtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyDyByCzy0AyDtB0DtGzyyByD0FtGyBzz0FzytG0B0EzzyEtGyEtAtA0E0B0A0DtAyEyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0DtA0D0EtCyB0DtG0FyEyEyBtGyE0B0CyCtGzztDtAyEtGtB0A0F0CzzzyyCzz0DtB0A0F2Q&cr=1073685614&ir=
SearchScopes: HKU\S-1-5-21-260076764-703697265-172786246-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_omxmedia_14_50_ie&cd=2XzuyEtN2Y1L1QzutDtDyC0Bzy0EtDtAtBzyyEyE0EtC0FtCtN0D0Tzu0SzyyDtAtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyDyByCzy0AyDtB0DtGzyyByD0FtGyBzz0FzytG0B0EzzyEtGyEtAtA0E0B0A0DtAyEyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0DtA0D0EtCyB0DtG0FyEyEyBtGyE0B0CyCtGzztDtAyEtGtB0A0F0CzzzyyCzz0DtB0A0F2Q&cr=1073685614&ir=
SearchScopes: HKU\S-1-5-21-260076764-703697265-172786246-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_omxmedia_14_50_ie&cd=2XzuyEtN2Y1L1QzutDtDyC0Bzy0EtDtAtBzyyEyE0EtC0FtCtN0D0Tzu0SzyyDtAtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyDyByCzy0AyDtB0DtGzyyByD0FtGyBzz0FzytG0B0EzzyEtGyEtAtA0E0B0A0DtAyEyCyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0DtA0D0EtCyB0DtG0FyEyEyBtGyE0B0CyCtGzztDtAyEtGtB0A0F0CzzzyyCzz0DtB0A0F2Q&cr=1073685614&ir=
BHO: deal2dealit -> {17162c00-06b4-4f47-b0db-d4ab6160435c} -> C:\ProgramData\deal2dealit\9sg1IjwJjf8Meo.x64.dll ()
BHO: dealster -> {3385d76f-b058-47ca-ab35-37fc678edf0e} -> C:\ProgramData\dealster\wacN4hNk295C0y.x64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: greAtsavviing -> {90A2ADE3-38F5-94A2-4081-21554C5EB912} -> C:\ProgramData\greAtsavviing\NvSZYk1R8.x64.dll ()
BHO: soaveiitKeep. -> {9B2B4819-794A-07C2-F22F-152665DCE55A} -> C:\ProgramData\soaveiitKeep\XjBZqoN.x64.dll ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: sURfKeeepiot -> {C3AA9739-1FB6-E3D6-9DB4-1381332AC6F9} -> C:\ProgramData\sURfKeeepiot\TGbgo.x64.dll ()
BHO: CoolSaleCoupon -> {df54bfe0-956d-4ab8-b6db-c76805f3b5be} -> C:\ProgramData\CoolSaleCoupon\xzOW4bLFnAKZdu.x64.dll ()
BHO-x32: deal2dealit -> {17162c00-06b4-4f47-b0db-d4ab6160435c} -> C:\ProgramData\deal2dealit\9sg1IjwJjf8Meo.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: dealster -> {3385d76f-b058-47ca-ab35-37fc678edf0e} -> C:\ProgramData\dealster\wacN4hNk295C0y.dll ()
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: greAtsavviing -> {90A2ADE3-38F5-94A2-4081-21554C5EB912} -> C:\ProgramData\greAtsavviing\NvSZYk1R8.dll ()
BHO-x32: soaveiitKeep. -> {9B2B4819-794A-07C2-F22F-152665DCE55A} -> C:\ProgramData\soaveiitKeep\XjBZqoN.dll ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: sURfKeeepiot -> {C3AA9739-1FB6-E3D6-9DB4-1381332AC6F9} -> C:\ProgramData\sURfKeeepiot\TGbgo.dll ()
BHO-x32: CoolSaleCoupon -> {df54bfe0-956d-4ab8-b6db-c76805f3b5be} -> C:\ProgramData\CoolSaleCoupon\xzOW4bLFnAKZdu.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.6

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Mah Jong Connect) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfjdflmdlnffhlfmjdpbcoccaeamikk [2014-10-06]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-09]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25]
CHR Extension: (Save my Tabs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\djadfifncobffjpicnkiegahdiobpaap [2014-09-02]
CHR Extension: (websaver) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednndnhpihngjdfjblghijdgnnnalbhj [2014-11-10]
CHR Extension: (QR Code Maker and Decoder) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkkpjnnhmokcnfdllcgldppopnneooi [2014-09-20]
CHR Extension: (Clean IMDb) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingodbhkemojiibhhbfhjaeaciikbiik [2014-11-13]
CHR Extension: (Awesome Dictionary Widget ANTP) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdigjjbkpjljoknifbgaijaemafihhga [2014-11-10]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 892cc6a3; c:\ProgramData\Performance Optimizer\PerformanceOptimizerSvc.dll [186192 2014-09-02] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-13] (Atheros Commnucations) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-27] (Microsoft Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [231752 2012-09-25] (NETGEAR)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFDx64.sys [35840 2012-04-02] (Cirrus Logic)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-05-01] (CACE Technologies, Inc.)
R3 ViWDM; C:\Windows\System32\DRIVERS\ViWDM.SYS [14336 2012-03-07] (Primax Electronics Ltd.)
S1 ttnfd; system32\drivers\ttnfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 14:23 - 2014-12-10 14:23 - 00000000 ____D () C:\FRST
2014-12-10 13:18 - 2014-12-10 13:18 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-02 16:24 - 2014-12-02 16:24 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Astromenda
2014-11-26 16:46 - 2014-12-02 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-26 16:46 - 2014-11-26 16:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-26 16:41 - 2014-11-26 16:41 - 00000000 ____D () C:\Program Files (x86)\sURfKeeepiot
2014-11-26 16:40 - 2014-11-26 16:40 - 00000000 ____D () C:\Program Files (x86)\soaveiitKeep
2014-11-26 16:39 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files (x86)\greAtsavviing
2014-11-26 16:39 - 2014-11-26 16:39 - 00000000 ____D () C:\Program Files (x86)\deal2dealit
2014-11-18 19:05 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 19:05 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 19:05 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 19:05 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 18:54 - 2014-11-13 18:54 - 00000000 __SHD () C:\Users\Chris\AppData\Local\EmieBrowserModeList
2014-11-13 18:34 - 2014-12-02 18:46 - 00000000 ____D () C:\ProgramData\deal2dealit
2014-11-11 12:58 - 2014-11-07 13:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 12:58 - 2014-11-07 13:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 12:58 - 2014-11-05 22:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 12:58 - 2014-11-05 22:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 12:58 - 2014-11-05 21:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 12:58 - 2014-11-05 21:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 12:58 - 2014-11-05 21:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 12:58 - 2014-11-05 21:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 12:58 - 2014-11-05 21:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 12:58 - 2014-11-05 21:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 12:58 - 2014-11-05 21:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 12:58 - 2014-11-05 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 12:58 - 2014-11-05 21:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 12:58 - 2014-11-05 21:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 12:58 - 2014-11-05 21:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 12:58 - 2014-11-05 21:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 12:58 - 2014-11-05 21:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 12:58 - 2014-11-05 21:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 12:58 - 2014-11-05 21:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 12:58 - 2014-11-05 21:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 12:58 - 2014-11-05 21:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 12:58 - 2014-11-05 21:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 12:58 - 2014-11-05 21:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 12:58 - 2014-11-05 20:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 12:58 - 2014-11-05 20:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 12:58 - 2014-11-05 20:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 12:58 - 2014-11-05 20:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 12:58 - 2014-11-05 20:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 12:58 - 2014-11-05 20:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 12:58 - 2014-11-05 20:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 12:58 - 2014-11-05 20:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 12:58 - 2014-11-05 20:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 12:58 - 2014-11-05 20:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 12:58 - 2014-11-05 20:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 12:58 - 2014-11-05 20:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 12:58 - 2014-11-05 20:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 12:58 - 2014-11-05 20:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 12:58 - 2014-11-05 20:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 12:58 - 2014-11-05 20:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 12:58 - 2014-11-05 20:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 12:58 - 2014-11-05 19:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 12:58 - 2014-11-05 19:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 12:58 - 2014-11-05 19:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 12:58 - 2014-11-05 19:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 12:57 - 2014-11-05 22:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 12:57 - 2014-11-05 21:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 12:57 - 2014-11-05 21:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 12:57 - 2014-11-05 21:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 12:57 - 2014-11-05 21:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 12:57 - 2014-11-05 21:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 12:57 - 2014-11-05 21:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 12:57 - 2014-11-05 21:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 12:57 - 2014-11-05 21:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 12:57 - 2014-11-05 20:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 12:57 - 2014-11-05 20:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 12:57 - 2014-11-05 20:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 12:54 - 2014-11-05 11:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 12:54 - 2014-11-05 11:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 12:54 - 2014-11-05 11:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 12:54 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 12:54 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 12:54 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 12:54 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 12:54 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 12:54 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 12:54 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 12:54 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 12:54 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 12:49 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 12:49 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 12:49 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 12:49 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 12:49 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 12:49 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 12:49 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 12:49 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 12:49 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 12:49 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 12:49 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 12:49 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 12:49 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 12:49 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 12:48 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 12:48 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 12:48 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 12:48 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 12:48 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 12:48 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 12:48 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 12:48 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 12:48 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 12:48 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 12:48 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 12:48 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 12:47 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 12:47 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-10 15:46 - 2014-12-02 18:46 - 00000000 ____D () C:\ProgramData\CoolSaleCoupon
2014-11-10 15:40 - 2014-12-02 18:46 - 00000000 ____D () C:\ProgramData\dealster
2014-11-10 15:39 - 2014-12-02 18:46 - 00000000 ____D () C:\ProgramData\SaleItCoupon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 14:18 - 2012-06-06 06:48 - 01307982 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 14:10 - 2014-06-22 05:59 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 13:42 - 2014-02-17 09:13 - 00000344 _____ () C:\Windows\Tasks\bench-S-1-5-21-260076764-703697265-172786246-1000.job
2014-12-10 13:40 - 2014-08-10 15:39 - 00000292 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-12-10 13:39 - 2012-01-02 03:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-10 13:25 - 2009-07-13 22:45 - 00027744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:25 - 2009-07-13 22:45 - 00027744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 13:18 - 2014-06-22 05:59 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 13:18 - 2012-05-04 12:49 - 00037731 _____ () C:\Windows\setupact.log
2014-12-10 13:17 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 05:50 - 2013-03-24 17:08 - 00000000 ____D () C:\Users\Chris\Documents\Bluetooth Folder
2014-12-02 18:49 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-02 18:47 - 2013-03-26 20:13 - 00000000 ____D () C:\Users\Chris\AppData\Local\Solid Savings
2014-12-02 18:47 - 2013-03-26 20:13 - 00000000 ____D () C:\Program Files (x86)\Solid Savings
2014-12-02 18:47 - 2013-03-24 17:07 - 00000000 ____D () C:\Users\Chris
2014-12-02 18:46 - 2014-10-06 17:16 - 00000000 ____D () C:\ProgramData\sURfKeeepiot
2014-12-02 18:46 - 2014-09-20 08:43 - 00000000 ____D () C:\ProgramData\greAtsavviing
2014-12-02 18:46 - 2014-09-02 19:05 - 00000000 ____D () C:\ProgramData\soaveiitKeep
2014-12-02 18:46 - 2014-09-02 18:52 - 00000000 ____D () C:\ProgramData\Performance Optimizer
2014-12-02 18:46 - 2014-08-10 15:39 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\WSE_Astromenda
2014-12-02 18:46 - 2014-08-10 15:39 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-12-02 18:46 - 2014-02-17 09:13 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-12-02 18:46 - 2013-05-01 18:36 - 00000000 ____D () C:\Users\Chris\AppData\Local\NETGEARGenie
2014-12-02 18:46 - 2013-05-01 18:36 - 00000000 ____D () C:\Program Files (x86)\NETGEAR Genie
2014-12-02 18:46 - 2012-06-06 06:45 - 00000000 ____D () C:\ProgramData\Atheros
2014-12-02 18:46 - 2012-01-02 03:18 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-02 18:46 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2014-12-02 18:45 - 2013-05-20 21:45 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\SoftGrid Client
2014-11-30 10:07 - 2013-03-24 17:07 - 00058016 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 10:23 - 2014-08-24 08:39 - 00000095 _____ () C:\Users\Chris\AppData\Roaming\WB.CFG
2014-11-23 10:22 - 2014-02-17 09:13 - 00000344 _____ () C:\Windows\Tasks\bench-sys.job
2014-11-21 06:45 - 2009-07-13 23:13 - 00786732 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 16:40 - 2013-04-16 16:07 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-11-18 20:22 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 18:41 - 2012-01-02 03:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 18:41 - 2012-01-02 03:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 18:41 - 2012-01-02 03:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-13 18:34 - 2014-09-02 19:05 - 00000000 ____D () C:\ProgramData\979389aa6182f077
2014-11-13 18:13 - 2009-07-13 22:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 18:12 - 2014-05-08 21:31 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\CloudBackup9561.exe
C:\Users\Chris\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-10 13:47

==================== End Of Log ============================

 

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01
Ran by Chris at 2014-12-10 14:25:41
Running from C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHKF1H2U
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.122 - Atheros)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cirrus Logic Audio (HKLM-x32\...\{3A69FD31-5EE7-42C9-918B-81C07AA21043}) (Version: 10.14.0.0 - Cirrus Logic)
Cirrus Logic Audio x64 (Version: 7.25.38.0 - Cirrus Logic) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CoolSaleCoupon (HKLM-x32\...\{0C516764-8CFC-C2FE-7BB0-A50A646E4DCD}) (Version:  - CoolSaleCoupon) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
deal2dealit (HKLM-x32\...\{D831E399-50FE-84AE-F5F7-0A63AC282464}) (Version:  - "") <==== ATTENTION
dealster (HKLM-x32\...\{5E03DFA7-51FC-7C12-CEE5-4D75FBB01E8F}) (Version:  - "") <==== ATTENTION
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
greAtsavviing (HKLM-x32\...\{439763FF-59EC-FF1D-B0B5-CB9E213A7A5C}) (Version:  - greatSaviNg)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36279 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2752 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.27.1  - NETGEAR Inc.)
Performance Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}) (Version:  - Linker Ltd) <==== ATTENTION
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.3000 - SRS Labs, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
SaleItCoupon (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - SaleItCoupon) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
soaveiitKeep. (HKLM-x32\...\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}) (Version:  - ssAveiTkkeeep.)
Solid Savings (HKLM-x32\...\Solid Savings) (Version: 1.26.153.1 - 215 Apps)
sURfKeeepiot (HKLM-x32\...\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}) (Version:  - surfkEepit) <==== ATTENTION
Video Poker for Winners (HKLM-x32\...\{F9A035E8-731F-4437-93E1-8CD9CB9AACF5}) (Version: 1.77.0000 - Action Gaming, Inc)
VIZIO Wireless Driver (HKLM-x32\...\{3A9C1D7A-A227-442F-B296-14AEBC4E85C1}) (Version: 1.00.0001 - VIZIO)
VIZIO Wireless Touchpad (HKLM-x32\...\{3F0E78CA-735E-446D-8E60-69C6CA27EC95}) (Version: 1.00.0001 - VIZIO)
VIZIO_FN_Key_Utility (HKLM-x32\...\{106AEB0E-1FF7-44BD-B510-6CF9A3934FAC}) (Version: 1.3.15 - VIZIO)
VIZIOUtility version 1.0 (HKLM-x32\...\{4F949BD9-1E99-40C7-9102-C67E2D384995}_is1) (Version: 1.0 - VIZIO)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION
Zune (HKLM\...\Zune) (Version: 04.07.1404.01 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

06-11-2014 22:29:57 Windows Update
10-11-2014 21:38:23 Windows Update
11-11-2014 21:51:12 Windows Update
16-11-2014 20:24:29 Windows Update
19-11-2014 03:28:31 Windows Update
23-11-2014 16:33:48 Windows Update
26-11-2014 22:37:57 Removed 7-Zip 9.21
26-11-2014 22:38:51 Removed 7-Zip 9.21
26-11-2014 22:40:27 Removed Skype™ 6.11
27-11-2014 14:14:00 Windows Update
02-12-2014 22:12:24 Restore Operation
10-12-2014 19:54:24 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {372C798C-A5B3-4AA4-BBF2-B7E73240D486} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation)
Task: {3AEBF879-1AD8-49AF-840B-E57951EDBD05} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-260076764-703697265-172786246-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {68382BF7-54BC-4B56-8D81-59D5B547AE99} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {795C9DD4-84DD-4612-B8E5-6C26954A7C70} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation)
Task: {8480AB79-E986-47E6-BBF4-998CF129A14F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-260076764-703697265-172786246-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {97907229-8F30-490F-9F2A-D35F0B9DED7C} - System32\Tasks\WSE_Astromenda => C:\Users\Chris\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-08-10] () <==== ATTENTION
Task: {A3064102-475F-43F0-BE40-A5057E3BD1AA} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-02-12] () <==== ATTENTION
Task: {C03A4285-905A-4362-AA3D-138B53052C70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-22] (Google Inc.)
Task: {C05AE3B7-5D8E-4CBC-8B04-2B2D5FA958F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-22] (Google Inc.)
Task: {C5E1112F-43F2-4BEE-99A2-79ADA35DF515} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)
Task: {D554016A-66D0-473F-AF68-C1AEF7899824} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {DD45FF0C-8F3F-4F7E-82F1-BBC96068F2D6} - System32\Tasks\bench-S-1-5-21-260076764-703697265-172786246-1000 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-02-12] () <==== ATTENTION
Task: {E8CC02F9-BBF1-4448-A445-DF894FA0FB6B} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {F3F63578-81BD-44AC-AB6D-7221DEB5D924} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-260076764-703697265-172786246-1000.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Chris\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-04-27 16:43 - 2012-03-19 16:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 07:54 - 2012-10-16 07:54 - 01041736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
2014-08-10 15:39 - 2014-08-10 15:39 - 01173504 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2012-04-17 10:20 - 2012-04-17 10:20 - 00293376 _____ () C:\Program Files (x86)\VIZIO\VIZIO_FN_Key_Utility\vCapture64.dll
2012-03-28 12:15 - 2012-03-28 12:15 - 00013824 _____ () C:\Program Files (x86)\VIZIO\VIZIO_FN_Key_Utility\WMI_DLL64.dll
2012-04-27 16:03 - 2012-03-28 08:36 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2012-09-25 00:06 - 2012-09-25 00:06 - 00122696 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2014-09-02 18:52 - 2014-09-02 18:52 - 04303360 _____ () C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-18 17:30 - 2012-05-03 15:56 - 00089600 _____ () C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\FspLib.dll
2012-05-18 17:30 - 2012-05-03 10:48 - 00093696 _____ () C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\move_ctrl.dll
2012-05-18 17:30 - 2012-04-20 17:11 - 00034816 _____ () C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\KbdHook.dll
2012-05-18 17:30 - 2012-03-15 11:19 - 00241664 _____ () C:\Program Files (x86)\VIZIO\VIZIO Wireless Touchpad\vCapture.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll
2012-05-09 20:34 - 2012-05-09 20:34 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll
2012-05-09 20:34 - 2012-05-09 20:34 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00478720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 01553408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00229888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 01062400 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2012-10-16 19:41 - 2012-10-16 19:41 - 03775488 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00500736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 01132032 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 08295424 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 01188352 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00088064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00920064 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00438272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll
2012-05-11 00:24 - 2012-05-11 00:24 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00150528 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-09-25 00:06 - 2012-09-25 00:06 - 01233389 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00082432 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL
2012-10-11 18:57 - 2012-10-11 18:57 - 00083968 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00138752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00702464 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00504832 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2012-10-11 18:57 - 2012-10-11 18:57 - 00076288 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2012-04-27 16:03 - 2012-03-28 08:18 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-13 18:34 - 2014-11-13 18:34 - 00758272 _____ () C:\ProgramData\deal2dealit\9sg1IjwJjf8Meo.dll
2014-11-10 15:40 - 2014-11-10 15:40 - 00764928 _____ () C:\ProgramData\dealster\wacN4hNk295C0y.dll
2014-09-20 08:43 - 2014-09-20 08:43 - 00624640 _____ () C:\ProgramData\greAtsavviing\NvSZYk1R8.dll
2014-09-02 19:05 - 2014-09-02 19:05 - 00611328 _____ () C:\ProgramData\soaveiitKeep\XjBZqoN.dll
2014-10-06 17:16 - 2014-10-06 17:16 - 00634368 _____ () C:\ProgramData\sURfKeeepiot\TGbgo.dll
2014-11-10 15:46 - 2014-11-10 15:46 - 00761856 _____ () C:\ProgramData\CoolSaleCoupon\xzOW4bLFnAKZdu.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-260076764-703697265-172786246-500 - Administrator - Disabled)
Chris (S-1-5-21-260076764-703697265-172786246-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-260076764-703697265-172786246-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-260076764-703697265-172786246-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: ttnfd
Description: ttnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ttnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2014 01:28:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/10/2014 01:18:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2014 05:59:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1290

Start Time: 01d00ef00dcd27bd

Termination Time: 60

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 05:52:35 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1052) SUS20ClientDataStore: The version store for this instance (0) has reached its maximum size of 32Mb. It is likely that a long-running transaction is preventing cleanup of the version store and causing it to build up in size. Updates will be rejected until the long-running transaction has been completely committed or rolled back.

Possible long-running transaction:

 SessionId: 0x00000000015004A0

 Session-context: 0x00000000

 Session-context ThreadId: 0x00000000000005F0

 Cleanup: 1

Error: (12/03/2014 05:50:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 06:48:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 06:36:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 05:33:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/02/2014 05:23:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 05:15:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

System errors:
=============
Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY51

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:27:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1259.0

 Update Source: %NT AUTHORITY59

 Update Stage: 3.0.8402.00

 Source Path: 3.0.8402.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/10/2014 01:19:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (12/10/2014 01:28:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/10/2014 01:18:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2014 05:59:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420129001d00ef00dcd27bd60C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 05:52:35 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1052SUS20ClientDataStore: 0320x00000000015004A00x000000000x00000000000005F01

Error: (12/03/2014 05:50:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 06:48:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 06:36:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 05:33:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (12/02/2014 05:23:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 05:15:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

==================== Memory info ===========================

Processor: Intel® Core i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 3990.14 MB
Available physical RAM: 1773.6 MB
Total Pagefile: 7978.47 MB
Available Pagefile: 5582.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:919.21 GB) (Free:861.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 868B7EFA)
Partition 1: (Active) - (Size=600 MB) - (Type=27)
Partition 2: (Not Active) - (Size=919.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=27)

==================== End Of Log ============================

 

 

Link to post
Share on other sites

Hello and Welcome to Malwarebytes

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.