Jump to content


Photo

Cannot use laptop


  • This topic is locked This topic is locked
21 replies to this topic

#1 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 17 February 2014 - 01:35 AM

I am not able to post a log using the laptop as it is so unstable.  It is loaded with Windows 7 and until windows is loaded it makes a continuous alarm noise.  The cursor seems to have a mind of it's own and when I try to open a programme it looks like it is continually buffering or it opens lots of pages - which are then difficult or impossible to close.  The same problems occur when I try to get online.

 

I have managed to get malware bytes to start but have not been able to get to the end of a scan - at one stage I was able to see there were 51 problems but haven't been able to remove them.

 

I have tried to use the safe mode without success.

 

Any advice would be appreciated.



#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 18 February 2014 - 07:21 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

It is loaded with Windows 7 and until windows is loaded it makes a continuous alarm noise


See if you can identify the cause of the Computer's POST and beep codes
http://www.computerhope.com/beep.htm

===

Using a good computer if you have access to one download this tool, copy it to the desktop of the problem computer and run it.
If you do not have access to an other computer try the one you have. Possibly using the Safe Mode with Internet Connectivity.

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 18 February 2014 - 10:29 AM

Hello Nasdaq - thank you for responding to my request for help.  I have managed to remove facebook and messenger from the start up on my Grand'daughters laptop and that seems to have helped.

 

I looked at the bleeps and it seems to point to No Power (but there is power) loose card or short.  It could be something to do with power as it closed down while I was scanning with malwarebytes and the next message was that the battery had run out even though I had been connected to the electric socket.  

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by kelcie at 2014-02-18 16:01:03
Running from C:\Users\kelcie\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions (x32 Version:  - )
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.63 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.3.124.0 - Microsoft Corporation)
blinkx beat (HKCU Version: 1.5.0 - blinkx)
Bonzuna (x32 Version: 1.0.0 - Search Core Systems)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (x32 Version: 2.5.0.15 - DivX, LLC)
DivX Web Player (x32 Version: 1.4.0 - DivX,Inc.)
Driving Test Success - All Tests 2012 Edition (x32 Version: 16.0 - Imagitech Ltd.)
Driving Theory Test Express v3.1.0.0 (x32 Version:  - Oasis Business Services Int. Ltd.)
Dynamo Toolbar (x32 Version: 1.0.2 - Dynamo Media) <==== ATTENTION
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
eMule (x32 Version:  - )
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (x32 Version: 1.0.0.500 - KSS)
Launch Manager (x32 Version: 4.0.14 - Packard Bell)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
Packard Bell Games (x32 Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (x32 Version: 2.0.0.63 - NewTech Infosystems)
Packard Bell Power Management (x32 Version: 5.00.3005 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (x32 Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.) Hidden
Packard Bell Updater (x32 Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premiumplay Codec-C (x32 Version:  - WebPicks) <==== ATTENTION
QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1304.46 - Trusteer) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
Trusteer Endpoint Protection (x32 Version: 3.5.1304.46 - Trusteer)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TweakNow RegCleaner 2012 (x32 Version: 7.2.0.1 - TweakNow.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veetle TV 0.9.18 (x32 Version: 0.9.18 - Veetle, Inc)
Video Web Camera (x32 Version: 2.0.5.4 - Liteon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3002 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.21 - WildTangent)
Windows iLivid Toolbar (x32 Version: 3.0.0.117286 - Bandoo Media, Inc) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 15.0 (x32 Version: 15.0.9411 - WinZip Computing, S.L. )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
08-02-2014 15:09:54 Restore Operation
08-02-2014 15:40:23 avast! antivirus system restore point
08-02-2014 15:45:03 Windows Update
08-02-2014 16:38:44 Removed Adobe Photoshop Elements 8.0.
08-02-2014 18:44:41 Installed Rapport
09-02-2014 12:24:14 avast! antivirus system restore point
10-02-2014 07:27:42 Removed Kaspersky Security Scan
10-02-2014 11:29:55 Installed TuneUp Utilities 2014
11-02-2014 10:43:55 Restore Operation
11-02-2014 10:51:48 avast! antivirus system restore point
11-02-2014 10:58:49 Windows Modules Installer
11-02-2014 11:00:06 Windows Modules Installer
11-02-2014 11:00:43 Windows Modules Installer
11-02-2014 11:01:30 Windows Modules Installer
11-02-2014 11:02:20 Windows Modules Installer
11-02-2014 11:29:16 Windows Modules Installer
11-02-2014 11:29:51 Windows Modules Installer
11-02-2014 11:30:37 Windows Modules Installer
11-02-2014 11:31:20 Windows Modules Installer
11-02-2014 11:32:06 Windows Modules Installer
11-02-2014 11:32:47 Windows Modules Installer
11-02-2014 11:33:32 Windows Modules Installer
11-02-2014 11:34:16 Windows Modules Installer
11-02-2014 11:34:59 Windows Modules Installer
11-02-2014 11:35:44 Windows Modules Installer
11-02-2014 11:36:29 Windows Modules Installer
11-02-2014 13:06:18 Windows Modules Installer
11-02-2014 13:06:57 Windows Modules Installer
11-02-2014 13:07:41 Windows Modules Installer
11-02-2014 13:08:25 Windows Modules Installer
11-02-2014 13:09:09 Windows Modules Installer
11-02-2014 13:09:54 Windows Modules Installer
11-02-2014 13:10:39 Windows Modules Installer
11-02-2014 13:11:23 Windows Modules Installer
11-02-2014 13:12:05 Windows Modules Installer
11-02-2014 13:12:48 Windows Modules Installer
11-02-2014 13:13:32 Windows Modules Installer
11-02-2014 13:14:17 Windows Modules Installer
16-02-2014 15:08:22 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {018F541D-488F-4E13-8F2D-D03AA95E173E} - System32\Tasks\{70D00926-556F-41AC-A160-01F2977BE500} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0BD14426-51DD-4DAA-B459-2C31C5ABC679} - System32\Tasks\{4E305417-8B68-46F3-8BB5-F692E0F513D2} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0DA0451B-9565-48F4-9F29-308D9839BE6B} - System32\Tasks\{2B3282A1-F166-43F5-B7AE-C7FC011AFC90} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {12225F5C-A51E-4614-8871-014C6BD06D6A} - System32\Tasks\{2D0FA32F-D308-4C1F-A3AF-A8DE3C14BB49} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1401811F-0CA6-4951-B5D9-F18EE50102AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25] (Google Inc.)
Task: {15046D27-D1E1-4558-8BEF-FA4CF4DCE4E6} - System32\Tasks\{B9634E50-D6AD-4C12-AD24-1B84D81CFC4F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {153506A8-1346-48D1-B9C1-79E7A01394BF} - System32\Tasks\{CA126C53-5C14-4203-95D9-5C60F514F432} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1A377C59-9C4C-42DB-BD8A-D28F6B130681} - System32\Tasks\{7D331AB2-3156-4EB8-ADFF-65DBEA51CCED} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {203FBD77-D99E-4A19-BFD0-DC8933EA4A74} - System32\Tasks\{1CEB3684-E7AA-4C1E-98EC-15279D5FD5A5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {263B871F-BDF9-4EBE-9888-D176341B0C4E} - System32\Tasks\{7F8F42BE-0509-4EC7-A588-3DDA757EBD10} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {2C730E29-0C81-4874-932F-96C50A6110A3} - System32\Tasks\{3F67E6DD-44BB-423E-9355-22764AF6441E} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {305F6CA4-B64E-46CA-AB7E-429099B76371} - System32\Tasks\{C5A29050-7AD3-4A5B-94BF-5C008489E40B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {41237E5F-B57C-4189-9EE6-F070FFB1A0B5} - System32\Tasks\{962F3EE5-EABF-4582-8B47-8EC569165E6F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {423C51AE-47B3-4FAA-97CE-A70433E0A5FC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {443F19B6-D0C5-4E01-9B9B-B39CEB708419} - System32\Tasks\{2C41B2D7-D585-4028-9A29-458CDE094394} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {4922B0DF-120E-4392-9BC5-D5140F64E334} - System32\Tasks\{68C2262B-6A5A-48C0-B985-D13474880543} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {5893C5B6-8566-4A95-AA35-34C04B37D736} - System32\Tasks\{331AA0B9-CBCF-4E50-A2C3-98E4F088F65E} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {6221C13A-35C4-401F-A31B-0E1CDA54FAD7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7032B645-777B-411C-AE3F-B0DD4163B27C} - System32\Tasks\{A0DB1B9E-4197-42FC-B3E3-282226906C81} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {71464BB9-0E88-4525-AD1D-4F6A3F767232} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {719011A3-BB51-496D-9F6F-80E5BAF0AC90} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSA.exe
Task: {74CE2B62-8487-4A01-856D-BF2865BACD45} - System32\Tasks\{11C85577-069C-4A45-9D84-73E8C46404D1} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {767824A7-4799-4D9A-B8F7-49D51FF803B6} - System32\Tasks\{8D13DB5B-15D7-49D8-8E75-40B854E2ABBA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {79E5FCA6-D811-4749-B870-BFC78270C98D} - System32\Tasks\{4B447BD3-BB60-4615-A6C5-9476A19E9AE1} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {7BC11717-A443-4183-BACB-AB286F3727F2} - System32\Tasks\{D6F4347A-32CA-49BF-8AC4-281D591654CB} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {7E1BE3DB-5888-4E92-897A-81B30A0D21AA} - System32\Tasks\{10765747-99A0-4044-9CBF-ED5025193141} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {80370285-D2D4-4017-A046-8ACE07FDD9C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {8BCF32A0-B822-4911-BFD2-60FE646DFBD9} - System32\Tasks\{F762BEEF-91DE-41E1-9AE7-3EE0DBAAE921} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {8E396EE8-EC36-4587-A1A5-FF5622528142} - System32\Tasks\{14042D2F-8D3F-48AD-90EA-C93E857BF3AB} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {914BC20A-E757-4535-8089-CA5B2E560840} - System32\Tasks\{C2328B0E-7C0C-467D-BFBE-4A053778345C} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {9466D8D6-AD95-4C9C-BD9A-D8EB0C08DE80} - System32\Tasks\{B556CB86-5184-4225-92EE-DF9BD6AE757A} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {996BD70C-5A2D-4599-99C4-F869859FE66D} - System32\Tasks\Dynamo Toolbar Helper => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dthelper.exe [2012-08-28] (Search Core Systems) <==== ATTENTION
Task: {9B1E51E7-9903-416E-8319-61BAECBB250C} - System32\Tasks\{08F73F5A-21D4-4BE3-A0BE-C2240DC7BDBA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AA3168B5-E9E0-40A3-B960-D4C0ADD3272A} - System32\Tasks\{91D2477A-4CD8-4291-A638-BDDDF17BBB19} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AAC101C9-B77A-45D5-8E6C-EC922EC86922} - System32\Tasks\{96D31244-F7D6-4BEF-84B4-CB96FB881083} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AC1DB637-BF51-45BB-8020-9F4B6F428658} - System32\Tasks\{4A4CC68D-6C5A-4932-9999-8BAD3B27B0AA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BA052C85-BCF5-4B9C-BE5A-0A98D28E02ED} - System32\Tasks\{84392FA2-AEB5-4E38-A612-F17AC6FA8AFC} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BA9AEAA3-3EC0-4D39-896E-0AB9D0706B3B} - System32\Tasks\{F80256F5-6CCB-4BB1-A041-A6E24D141BC0} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BBAB97E5-08C5-4212-A6E1-BE27C9B1B9CB} - System32\Tasks\{77A6A689-8B9B-4DC2-96FD-22F658053E9B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BC21ABD8-0265-4557-89B0-D158B93ED734} - System32\Tasks\{51D2CA94-F21A-4262-A9C2-B86EC44E2704} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {C5617C32-6359-4894-86FD-3798B414AC45} - System32\Tasks\{BFE6C273-C155-478B-A231-EEBCF8258CAC} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {C9E6D0D5-57F7-4C1D-917F-C8E51449AF13} - System32\Tasks\{B5215259-A853-476A-A56B-982CEEB57A8A} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {CD933F6F-571A-495D-9A0A-405D1615FAFF} - System32\Tasks\{54EE3F30-0496-4737-8382-A1F37F1EBFD5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {D15628A1-7EBD-4701-B42C-8EDC2174B653} - System32\Tasks\{909BAE42-E701-4169-9F9B-86BEA82654AF} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {D49C4B56-2F8D-4BCD-8DF5-2B6414446661} - System32\Tasks\Dynamo Toolbar Updater => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dtupdt.exe [2012-08-28] (Search Core System) <==== ATTENTION
Task: {DEFF3896-3960-43E0-AACC-80F0A7B5EA44} - System32\Tasks\{3159E7F1-3B32-4753-88CD-17BA554108E8} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {E51510D5-8BAC-4833-9D3E-4B1E831BFC66} - System32\Tasks\{9EEF534B-22F0-417B-8470-41EEB4683C95} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F478FCF2-71CC-4823-8CB9-9AA77BDD87C7} - System32\Tasks\{862D669B-8221-48A0-BAA9-F37AAE523368} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F5D7761F-1E14-4FED-B479-8923F6E09E99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25] (Google Inc.)
Task: {F8A1EF35-7208-4E58-BAD5-64A71D1580E7} - System32\Tasks\{DD830119-B81A-4D68-B626-767B0E8BF8E4} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F8BCEB55-BBEB-43C8-8DF8-BC133E611247} - System32\Tasks\{F37716E4-AC13-464C-B5DC-FC3EA40DB57B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {FA9F369F-73BB-41AA-B205-9DF808AF6CD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dynamo Toolbar Helper.job => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dthelper.exe
Task: C:\Windows\Tasks\Dynamo Toolbar Updater.job => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dtupdt.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core.job => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA.job => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-05 16:15 - 2014-02-01 23:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-05 16:15 - 2014-02-01 23:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-05 16:15 - 2014-02-01 23:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kaspersky Security Scan.lnk => C:\Windows\pss\Kaspersky Security Scan.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
 
==================== Faulty Device Manager Devices =============
 
Name: avast! Network Shield Support
Description: avast! Network Shield Support
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswTdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: RapportKE64
Description: RapportKE64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RapportKE64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 03:37:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 02:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/18/2014 02:34:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: BITS connection error Type: 150::InternetConnectionFailure.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/17/2014 08:47:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 03:37:47 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 02:37:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
 
Error: (02/18/2014 02:34:37 PM) (Source: CVHSVC)(User: )
Description: Error: BITS connection error Type: 150::InternetConnectionFailure.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide)(User: )
Description:
 
Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/17/2014 08:47:08 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 95%
Total physical RAM: 4025.97 MB
Available physical RAM: 169.4 MB
Total Pagefile: 8050.13 MB
Available Pagefile: 2870.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Packard Bell) (Fixed) (Total:219.79 GB) (Free:145.82 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 79E88B8F)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by kelcie at 2014-02-18 16:01:03
Running from C:\Users\kelcie\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions (x32 Version:  - )
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.63 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.3.124.0 - Microsoft Corporation)
blinkx beat (HKCU Version: 1.5.0 - blinkx)
Bonzuna (x32 Version: 1.0.0 - Search Core Systems)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (x32 Version: 2.5.0.15 - DivX, LLC)
DivX Web Player (x32 Version: 1.4.0 - DivX,Inc.)
Driving Test Success - All Tests 2012 Edition (x32 Version: 16.0 - Imagitech Ltd.)
Driving Theory Test Express v3.1.0.0 (x32 Version:  - Oasis Business Services Int. Ltd.)
Dynamo Toolbar (x32 Version: 1.0.2 - Dynamo Media) <==== ATTENTION
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
eMule (x32 Version:  - )
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (x32 Version: 1.0.0.500 - KSS)
Launch Manager (x32 Version: 4.0.14 - Packard Bell)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
Packard Bell Games (x32 Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (x32 Version: 2.0.0.63 - NewTech Infosystems)
Packard Bell Power Management (x32 Version: 5.00.3005 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (x32 Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.) Hidden
Packard Bell Updater (x32 Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premiumplay Codec-C (x32 Version:  - WebPicks) <==== ATTENTION
QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1304.46 - Trusteer) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
Trusteer Endpoint Protection (x32 Version: 3.5.1304.46 - Trusteer)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TweakNow RegCleaner 2012 (x32 Version: 7.2.0.1 - TweakNow.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veetle TV 0.9.18 (x32 Version: 0.9.18 - Veetle, Inc)
Video Web Camera (x32 Version: 2.0.5.4 - Liteon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3002 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.21 - WildTangent)
Windows iLivid Toolbar (x32 Version: 3.0.0.117286 - Bandoo Media, Inc) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 15.0 (x32 Version: 15.0.9411 - WinZip Computing, S.L. )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
08-02-2014 15:09:54 Restore Operation
08-02-2014 15:40:23 avast! antivirus system restore point
08-02-2014 15:45:03 Windows Update
08-02-2014 16:38:44 Removed Adobe Photoshop Elements 8.0.
08-02-2014 18:44:41 Installed Rapport
09-02-2014 12:24:14 avast! antivirus system restore point
10-02-2014 07:27:42 Removed Kaspersky Security Scan
10-02-2014 11:29:55 Installed TuneUp Utilities 2014
11-02-2014 10:43:55 Restore Operation
11-02-2014 10:51:48 avast! antivirus system restore point
11-02-2014 10:58:49 Windows Modules Installer
11-02-2014 11:00:06 Windows Modules Installer
11-02-2014 11:00:43 Windows Modules Installer
11-02-2014 11:01:30 Windows Modules Installer
11-02-2014 11:02:20 Windows Modules Installer
11-02-2014 11:29:16 Windows Modules Installer
11-02-2014 11:29:51 Windows Modules Installer
11-02-2014 11:30:37 Windows Modules Installer
11-02-2014 11:31:20 Windows Modules Installer
11-02-2014 11:32:06 Windows Modules Installer
11-02-2014 11:32:47 Windows Modules Installer
11-02-2014 11:33:32 Windows Modules Installer
11-02-2014 11:34:16 Windows Modules Installer
11-02-2014 11:34:59 Windows Modules Installer
11-02-2014 11:35:44 Windows Modules Installer
11-02-2014 11:36:29 Windows Modules Installer
11-02-2014 13:06:18 Windows Modules Installer
11-02-2014 13:06:57 Windows Modules Installer
11-02-2014 13:07:41 Windows Modules Installer
11-02-2014 13:08:25 Windows Modules Installer
11-02-2014 13:09:09 Windows Modules Installer
11-02-2014 13:09:54 Windows Modules Installer
11-02-2014 13:10:39 Windows Modules Installer
11-02-2014 13:11:23 Windows Modules Installer
11-02-2014 13:12:05 Windows Modules Installer
11-02-2014 13:12:48 Windows Modules Installer
11-02-2014 13:13:32 Windows Modules Installer
11-02-2014 13:14:17 Windows Modules Installer
16-02-2014 15:08:22 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {018F541D-488F-4E13-8F2D-D03AA95E173E} - System32\Tasks\{70D00926-556F-41AC-A160-01F2977BE500} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0BD14426-51DD-4DAA-B459-2C31C5ABC679} - System32\Tasks\{4E305417-8B68-46F3-8BB5-F692E0F513D2} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0DA0451B-9565-48F4-9F29-308D9839BE6B} - System32\Tasks\{2B3282A1-F166-43F5-B7AE-C7FC011AFC90} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {12225F5C-A51E-4614-8871-014C6BD06D6A} - System32\Tasks\{2D0FA32F-D308-4C1F-A3AF-A8DE3C14BB49} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1401811F-0CA6-4951-B5D9-F18EE50102AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25] (Google Inc.)
Task: {15046D27-D1E1-4558-8BEF-FA4CF4DCE4E6} - System32\Tasks\{B9634E50-D6AD-4C12-AD24-1B84D81CFC4F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {153506A8-1346-48D1-B9C1-79E7A01394BF} - System32\Tasks\{CA126C53-5C14-4203-95D9-5C60F514F432} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1A377C59-9C4C-42DB-BD8A-D28F6B130681} - System32\Tasks\{7D331AB2-3156-4EB8-ADFF-65DBEA51CCED} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {203FBD77-D99E-4A19-BFD0-DC8933EA4A74} - System32\Tasks\{1CEB3684-E7AA-4C1E-98EC-15279D5FD5A5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {263B871F-BDF9-4EBE-9888-D176341B0C4E} - System32\Tasks\{7F8F42BE-0509-4EC7-A588-3DDA757EBD10} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {2C730E29-0C81-4874-932F-96C50A6110A3} - System32\Tasks\{3F67E6DD-44BB-423E-9355-22764AF6441E} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {305F6CA4-B64E-46CA-AB7E-429099B76371} - System32\Tasks\{C5A29050-7AD3-4A5B-94BF-5C008489E40B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {41237E5F-B57C-4189-9EE6-F070FFB1A0B5} - System32\Tasks\{962F3EE5-EABF-4582-8B47-8EC569165E6F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {423C51AE-47B3-4FAA-97CE-A70433E0A5FC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {443F19B6-D0C5-4E01-9B9B-B39CEB708419} - System32\Tasks\{2C41B2D7-D585-4028-9A29-458CDE094394} =>

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 19 February 2014 - 07:23 AM

I looked at the bleeps and it seems to point to No Power (but there is power) loose card or short. It could be something to do with power as it closed down while I was scanning with malwarebytes and the next message was that the battery had run out even though I had been connected to the electric socket

You will have to replace the battery.

Try this for now remove the Battery from the Notebook.

Keep it connected to the power outlet. How is it now?
===

Using the Add/Remove Programs Remove these Adware programs.
Dynamo Toolbar (x32 Version: 1.0.2 - Dynamo Media) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
Premiumplay Codec-C (x32 Version: - WebPicks) <==== ATTENTION
Windows iLivid Toolbar (x32 Version: 3.0.0.117286 - Bandoo Media, Inc)


Restart the computer normally if you can.

Please run the Farbar Recovery Scan Tool one more time and post both logs as requested in post No. 2.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 19 February 2014 - 12:18 PM

Thank you Nasdaq.  I have removed the battery - the light on the laptop seems more stable but it still makes the continuous bleep as it starts up.  I managed to uninstall the Dynamo Toolbar; Premiumship Codec; and Windows iLivid Toolbar but could not manage to uninstall the other 2 iLivid items.  I also tried using RegCleaner to uninstall them but no success.

 

When I restarted in normal mode lots of programmes opened - notepad seemed the worst and seemed to open another page as soon as I managed to close one.  I eventually had to force windows to close and then started again in safe mode to run the scan.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by kelcie (administrator) on KELCIE-PC on 19-02-2014 17:56:59
Running from C:\Users\kelcie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [263936 2010-05-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-09] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2351789889-1854393074-3027101475-1001\...\MountPoints2: {68f4cf30-e47d-11e0-9517-88ae1d9b00a6} - E:\LaunchU3.exe -a
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwi...CF672}&serpv=22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...q={searchTerms}
SearchScopes: HKCU - 00D9C8D5E7B2466A8EB54FF5B33A381D URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...PW_enGB411GB412
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {B484E4FA-CBF4-4530-AB55-CA38503AC1E8} URL = http://search.yahoo....petb&type=10811
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: No Name - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - !{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.searchbrowsing.com
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX® Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\kelcie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (avast! Online Security) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-17]
CHR Extension: (Gmail) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
S2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-05-25] (NewTech Infosystems, Inc.)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-01-22] (Trusteer Ltd.)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
 
==================== Drivers (Whitelisted) ====================
 
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-12] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-12] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-09] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-09] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-09] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-12] ()
S1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-12-16] ()
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-01-22] (Trusteer Ltd.)
S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-01-22] (Trusteer Ltd.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-01-22] (Trusteer Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-19 17:56 - 2014-02-19 17:56 - 00000000 ____D () C:\Users\kelcie\Downloads\FRST-OlderVersion
2014-02-19 17:38 - 2014-02-19 17:39 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{44F57CB7-8C78-40B9-80B1-358B1D691428}
2014-02-19 17:15 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-19 17:15 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-19 17:13 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-19 17:13 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-19 17:13 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-19 17:13 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-19 17:13 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-19 17:13 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-19 17:13 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-19 17:13 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-19 17:13 - 2014-02-06 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-19 17:13 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-19 17:13 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-19 17:13 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-19 17:13 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-19 17:13 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-19 17:13 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-19 17:13 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-19 17:13 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-19 17:13 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-19 17:13 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-19 17:13 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-19 17:13 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-19 17:13 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-19 17:13 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-19 17:13 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-19 17:13 - 2014-02-06 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-19 17:13 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-19 17:13 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-19 17:13 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-19 17:13 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-19 17:13 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-19 17:13 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-19 17:13 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-19 17:13 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-19 17:13 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-19 17:13 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-19 17:13 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-19 17:13 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-19 17:13 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-19 17:13 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 18:11 - 2014-02-19 17:41 - 00061813 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 18:07 - 2014-02-19 17:32 - 00000168 _____ () C:\Windows\setupact.log
2014-02-18 18:07 - 2014-02-18 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 16:01 - 2014-02-18 16:01 - 00040126 _____ () C:\Users\kelcie\Downloads\Addition.txt
2014-02-18 15:58 - 2014-02-19 17:56 - 00000000 _____ () C:\Users\kelcie\Downloads\FRST.txt
2014-02-18 15:57 - 2014-02-19 17:56 - 00000000 ____D () C:\FRST
2014-02-18 15:55 - 2014-02-19 17:56 - 02153472 _____ (Farbar) C:\Users\kelcie\Downloads\FRST64.exe
2014-02-18 15:37 - 2014-02-19 17:32 - 00001386 _____ () C:\Windows\PFRO.log
2014-02-18 13:52 - 2014-02-18 13:52 - 00000000 ____D () C:\Windows\pss
2014-02-17 20:47 - 2014-02-17 20:47 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FE638D6C-DDC8-4BCF-8D3D-51FF580A7D9B}
2014-02-17 07:43 - 2014-02-17 07:43 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{466A62CF-2E14-44DF-8101-92A89A827EA8}
2014-02-16 15:12 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-16 15:12 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-16 15:12 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 15:12 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 15:12 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 15:12 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-16 15:12 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-16 15:12 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-16 15:12 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-16 15:12 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-16 15:12 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-16 15:11 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 15:11 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 15:11 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 15:11 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-16 14:56 - 2014-02-16 14:56 - 00001943 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 14:55 - 2014-02-16 15:01 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner 2012
2014-02-16 14:55 - 2014-02-16 14:55 - 00002019 _____ () C:\Users\Public\Desktop\TweakNow RegCleaner 2012.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 14:50 - 2014-02-16 14:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{45566ECE-6E54-4AA5-962C-72EB7650BB10}
2014-02-12 07:35 - 2014-02-12 07:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{D3BDA623-6D76-47A1-B48E-B271C0C7DF15}
2014-02-12 06:56 - 2014-02-12 06:56 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 06:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-11 18:40 - 2014-02-11 18:41 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{90956A9A-F190-4D45-BF1D-E6EDA2ADCE46}
2014-02-11 17:58 - 2014-02-11 17:58 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{E5D642E9-25A1-456B-B3B6-4E27E454C4DF}
2014-02-11 14:29 - 2014-02-11 14:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\WildTangent
2014-02-11 10:53 - 2014-02-11 10:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{F45856D9-6C0C-47A3-9137-E1A91A029832}
2014-02-11 09:40 - 2014-02-11 09:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{416788CB-9F86-4A72-8A91-D9373178DC91}
2014-02-11 07:40 - 2014-02-11 07:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{2C56B242-99C1-4CB6-8603-8C8CECEDEEC2}
2014-02-10 11:31 - 2014-02-10 11:31 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TuneUp Software
2014-02-10 11:30 - 2014-02-11 10:48 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-02-10 11:29 - 2014-02-11 10:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-10 11:29 - 2014-02-11 10:48 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-10 11:06 - 2014-02-10 11:08 - 55352744 _____ (TuneUp Software) C:\Users\kelcie\Downloads\TuneUpUtilities2014_en-US.exe
2014-02-10 10:09 - 2014-02-10 10:09 - 07072616 _____ (TweakNow.com ) C:\Users\kelcie\Desktop\RegCleaner7201.exe
2014-02-10 09:43 - 2014-02-10 09:43 - 00401752 _____ (Softonic ) C:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
2014-02-10 07:20 - 2014-02-10 07:21 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FCB6E0B9-4BB6-43B7-BC1B-13C60C4FF380}
2014-02-10 07:08 - 2014-02-10 07:08 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{24D22139-9AB1-4595-9B8E-B80228FF5B09}
2014-02-09 16:18 - 2014-02-09 16:19 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-09 12:48 - 2014-02-09 12:50 - 58080904 _____ (Microsoft Corporation) C:\Users\kelcie\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-02-09 12:29 - 2014-02-09 12:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\AVAST Software
2014-02-09 12:06 - 2014-02-09 12:10 - 90578216 _____ (AVAST Software) C:\Users\kelcie\Downloads\avast_free_antivirus_setup.exe
2014-02-09 07:37 - 2014-02-09 07:37 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{714A125A-F46F-4DA7-B8A7-D6F55504A606}
2014-02-08 20:28 - 2014-02-08 20:28 - 00001139 _____ () C:\Users\kelcie\Desktop\Pictures - Shortcut.lnk
2014-02-08 16:32 - 2014-02-08 16:32 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{7A68EDFA-BDFE-4565-950C-080F668DFF88}
2014-02-08 16:08 - 2014-01-12 18:41 - 03167112 _____ (AVAST Software) C:\Windows\system32\HTMLayout.dll
2014-02-08 15:45 - 2014-02-11 10:57 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-08 15:30 - 2014-02-08 15:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B70443D5-1D71-45B4-B280-4B5952EE462B}
2014-02-08 10:30 - 2014-02-08 10:31 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{15AAF3B3-EDA7-490E-8030-D4990D1C41E6}
2014-02-08 08:40 - 2014-02-08 08:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{EEC90C8C-936A-4AE8-BC1D-D515AB802727}
2014-02-07 14:44 - 2014-02-07 14:44 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{8F7E33C4-D826-4C77-8209-C2E5B85BE12D}
2014-02-06 18:52 - 2014-02-06 18:52 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B063FDFC-98A5-4AD6-A72A-46C67B2A2F82}
2014-02-06 17:13 - 2014-02-16 14:55 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner 2012
2014-02-06 17:12 - 2014-02-08 15:18 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner
2014-02-06 17:12 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner
2014-02-06 06:51 - 2014-02-06 06:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{784EF0D3-A54C-4E2A-96C4-73C3EBEC7BE8}
2014-02-05 16:02 - 2014-02-05 16:02 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{C7DE68EE-78D6-4E0E-BBF7-3B7D78004B77}
2014-02-05 12:41 - 2014-02-05 12:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 12:36 - 2014-02-05 12:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{5C2A31AB-1A61-4D30-9213-3529DA10E1B6}
2014-02-05 12:26 - 2014-02-05 12:26 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{1403AFC1-2EDD-4113-85E0-FB09A2C4BE47}
2014-02-05 10:55 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-05 10:55 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-05 10:55 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-05 10:48 - 2014-02-05 11:26 - 07678272 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-05 10:47 - 2014-02-05 10:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300.exe
 
==================== One Month Modified Files and Folders =======
 
2014-02-19 17:56 - 2014-02-19 17:56 - 00000000 ____D () C:\Users\kelcie\Downloads\FRST-OlderVersion
2014-02-19 17:56 - 2014-02-18 15:58 - 00000000 _____ () C:\Users\kelcie\Downloads\FRST.txt
2014-02-19 17:56 - 2014-02-18 15:57 - 00000000 ____D () C:\FRST
2014-02-19 17:56 - 2014-02-18 15:55 - 02153472 _____ (Farbar) C:\Users\kelcie\Downloads\FRST64.exe
2014-02-19 17:46 - 2011-01-26 14:23 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\SoftGrid Client
2014-02-19 17:41 - 2014-02-18 18:11 - 00061813 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 17:39 - 2014-02-19 17:38 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{44F57CB7-8C78-40B9-80B1-358B1D691428}
2014-02-19 17:38 - 2010-12-25 09:38 - 00000000 ____D () C:\Users\kelcie\Tracing
2014-02-19 17:38 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2014-02-19 17:38 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 17:34 - 2010-12-25 13:34 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 17:32 - 2014-02-18 18:07 - 00000168 _____ () C:\Windows\setupact.log
2014-02-19 17:32 - 2014-02-18 15:37 - 00001386 _____ () C:\Windows\PFRO.log
2014-02-19 17:32 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 17:30 - 2012-04-08 19:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 17:25 - 2013-08-08 10:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-19 17:24 - 2011-04-18 07:33 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-19 17:24 - 2010-12-25 13:34 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 17:19 - 2010-12-25 13:34 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:19 - 2010-12-25 13:34 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-19 17:09 - 2013-06-25 16:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-19 17:09 - 2011-01-02 22:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\CrashDumps
2014-02-18 18:07 - 2014-02-18 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 16:01 - 2014-02-18 16:01 - 00040126 _____ () C:\Users\kelcie\Downloads\Addition.txt
2014-02-18 13:52 - 2014-02-18 13:52 - 00000000 ____D () C:\Windows\pss
2014-02-17 20:47 - 2014-02-17 20:47 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FE638D6C-DDC8-4BCF-8D3D-51FF580A7D9B}
2014-02-17 07:43 - 2014-02-17 07:43 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{466A62CF-2E14-44DF-8101-92A89A827EA8}
2014-02-16 15:40 - 2011-09-19 20:36 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA.job
2014-02-16 15:40 - 2011-09-19 20:36 - 00000908 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core.job
2014-02-16 15:02 - 2011-07-22 08:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-16 15:01 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner 2012
2014-02-16 14:56 - 2014-02-16 14:56 - 00001943 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00002019 _____ () C:\Users\Public\Desktop\TweakNow RegCleaner 2012.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 14:55 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner 2012
2014-02-16 14:51 - 2014-02-16 14:50 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{45566ECE-6E54-4AA5-962C-72EB7650BB10}
2014-02-12 07:36 - 2014-02-12 07:35 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{D3BDA623-6D76-47A1-B48E-B271C0C7DF15}
2014-02-12 06:56 - 2014-02-12 06:56 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-11 18:41 - 2014-02-11 18:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{90956A9A-F190-4D45-BF1D-E6EDA2ADCE46}
2014-02-11 17:58 - 2014-02-11 17:58 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{E5D642E9-25A1-456B-B3B6-4E27E454C4DF}
2014-02-11 14:29 - 2014-02-11 14:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\WildTangent
2014-02-11 14:29 - 2011-05-08 16:33 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-02-11 10:57 - 2014-02-08 15:45 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-11 10:53 - 2014-02-11 10:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{F45856D9-6C0C-47A3-9137-E1A91A029832}
2014-02-11 10:50 - 2010-12-25 09:09 - 00000000 ____D () C:\Users\kelcie
2014-02-11 10:48 - 2014-02-10 11:30 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-02-11 10:48 - 2014-02-10 11:29 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-11 10:48 - 2014-02-10 11:29 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-11 10:48 - 2013-03-09 21:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-11 10:48 - 2011-11-03 19:49 - 00000000 __HDC () C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
2014-02-11 10:48 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2014-02-11 10:47 - 2012-02-08 19:29 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-11 10:47 - 2011-05-14 08:26 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 09:40 - 2014-02-11 09:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{416788CB-9F86-4A72-8A91-D9373178DC91}
2014-02-11 07:40 - 2014-02-11 07:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{2C56B242-99C1-4CB6-8603-8C8CECEDEEC2}
2014-02-10 11:31 - 2014-02-10 11:31 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TuneUp Software
2014-02-10 11:08 - 2014-02-10 11:06 - 55352744 _____ (TuneUp Software) C:\Users\kelcie\Downloads\TuneUpUtilities2014_en-US.exe
2014-02-10 10:09 - 2014-02-10 10:09 - 07072616 _____ (TweakNow.com ) C:\Users\kelcie\Desktop\RegCleaner7201.exe
2014-02-10 09:43 - 2014-02-10 09:43 - 00401752 _____ (Softonic ) C:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
2014-02-10 07:41 - 2010-07-14 06:23 - 00000000 ____D () C:\Program Files (x86)\Packard Bell
2014-02-10 07:21 - 2014-02-10 07:20 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FCB6E0B9-4BB6-43B7-BC1B-13C60C4FF380}
2014-02-10 07:08 - 2014-02-10 07:08 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{24D22139-9AB1-4595-9B8E-B80228FF5B09}
2014-02-09 16:20 - 2010-07-14 06:34 - 00000000 ____D () C:\Program Files\Google
2014-02-09 16:20 - 2010-07-14 06:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 16:19 - 2014-02-09 16:18 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-09 15:46 - 2010-12-25 09:27 - 00000000 ____D () C:\Users\kelcie\AppData\Local\Google
2014-02-09 15:46 - 2010-07-14 06:34 - 00000000 ____D () C:\ProgramData\Google
2014-02-09 12:50 - 2014-02-09 12:48 - 58080904 _____ (Microsoft Corporation) C:\Users\kelcie\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-02-09 12:29 - 2014-02-09 12:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\AVAST Software
2014-02-09 12:25 - 2014-01-12 18:48 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-09 12:25 - 2011-02-27 09:25 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-09 12:25 - 2011-02-27 09:24 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-09 12:10 - 2014-02-09 12:06 - 90578216 _____ (AVAST Software) C:\Users\kelcie\Downloads\avast_free_antivirus_setup.exe
2014-02-09 07:37 - 2014-02-09 07:37 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{714A125A-F46F-4DA7-B8A7-D6F55504A606}
2014-02-08 21:20 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 21:20 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU(9).TXT
2014-02-08 20:28 - 2014-02-08 20:28 - 00001139 _____ () C:\Users\kelcie\Desktop\Pictures - Shortcut.lnk
2014-02-08 18:11 - 2009-07-14 04:45 - 00271704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-08 16:53 - 2010-12-25 09:09 - 00059096 _____ () C:\Users\kelcie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-08 16:48 - 2010-07-14 06:39 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-08 16:48 - 2010-07-14 06:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-08 16:41 - 2010-12-25 09:28 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Adobe
2014-02-08 16:32 - 2014-02-08 16:32 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{7A68EDFA-BDFE-4565-950C-080F668DFF88}
2014-02-08 15:30 - 2014-02-08 15:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B70443D5-1D71-45B4-B280-4B5952EE462B}
2014-02-08 15:19 - 2012-02-08 19:25 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-08 15:19 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-08 15:18 - 2014-02-06 17:12 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner
2014-02-08 15:18 - 2009-07-14 07:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-08 10:31 - 2014-02-08 10:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{15AAF3B3-EDA7-490E-8030-D4990D1C41E6}
2014-02-08 08:40 - 2014-02-08 08:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{EEC90C8C-936A-4AE8-BC1D-D515AB802727}
2014-02-07 14:44 - 2014-02-07 14:44 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{8F7E33C4-D826-4C77-8209-C2E5B85BE12D}
2014-02-06 18:52 - 2014-02-06 18:52 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B063FDFC-98A5-4AD6-A72A-46C67B2A2F82}
2014-02-06 17:12 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner
2014-02-06 12:16 - 2014-02-19 17:13 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-19 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-19 17:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-19 17:13 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-19 17:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-19 17:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-19 17:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-19 17:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:52 - 2014-02-19 17:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:49 - 2014-02-19 17:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-19 17:13 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-19 17:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-19 17:13 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-19 17:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-19 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-19 17:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:11 - 2014-02-19 17:13 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-19 17:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-19 17:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-19 17:13 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-19 17:13 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-19 17:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-19 17:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-19 17:13 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 09:49 - 2014-02-19 17:13 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 09:47 - 2014-02-19 17:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-19 17:13 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-19 17:13 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-19 17:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-19 17:13 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:22 - 2014-02-19 17:13 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-19 17:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-19 17:13 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-19 17:13 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-19 17:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-19 17:13 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-19 17:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-19 17:13 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-19 17:13 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 06:51 - 2014-02-06 06:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{784EF0D3-A54C-4E2A-96C4-73C3EBEC7BE8}
2014-02-05 16:30 - 2012-04-08 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 16:30 - 2012-04-08 19:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 16:30 - 2011-08-07 12:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 16:15 - 2011-02-01 19:33 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-05 16:02 - 2014-02-05 16:02 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{C7DE68EE-78D6-4E0E-BBF7-3B7D78004B77}
2014-02-05 12:36 - 2014-02-05 12:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{5C2A31AB-1A61-4D30-9213-3529DA10E1B6}
2014-02-05 12:32 - 2014-02-05 12:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 12:26 - 2014-02-05 12:26 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{1403AFC1-2EDD-4113-85E0-FB09A2C4BE47}
2014-02-05 11:26 - 2014-02-05 10:48 - 07678272 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-05 10:48 - 2014-02-05 10:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-22 20:37 - 2011-04-15 18:29 - 00316312 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-16 10:54
 
==================== End Of Log ============================


#6 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 22 February 2014 - 01:38 AM

Hello Nasdaq - I must apologise for not posting the second log for you.  I realised yesterday what I had done and tried to post it but the laptop was so unstable I was unable to even get to the downloads.  I am using another computer to write this message.  I will try again today and, hopefully, will get both scans posted for you to look at.  Sorry again for this mistake.



#7 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 22 February 2014 - 05:59 AM

Hello again, I have finally managed to open in safe mode and scan using the Forbar tool.  There is not another Addition lo so I will try to paste the first one again and I hope this is what you wanted.Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01

Ran by kelcie (administrator) on KELCIE-PC on 22-02-2014 11:31:30
Running from C:\Users\kelcie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [263936 2010-05-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-09] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2351789889-1854393074-3027101475-1001\...\MountPoints2: {68f4cf30-e47d-11e0-9517-88ae1d9b00a6} - E:\LaunchU3.exe -a
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwi...CF672}&serpv=22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...q={searchTerms}
SearchScopes: HKCU - 00D9C8D5E7B2466A8EB54FF5B33A381D URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...PW_enGB411GB412
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {B484E4FA-CBF4-4530-AB55-CA38503AC1E8} URL = http://search.yahoo....petb&type=10811
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: No Name - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - !{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.searchbrowsing.com
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX® Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\kelcie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (avast! Online Security) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-17]
CHR Extension: (Gmail) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-09] (AVAST Software)
S2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-05-25] (NewTech Infosystems, Inc.)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-02-10] (Trusteer Ltd.)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
 
==================== Drivers (Whitelisted) ====================
 
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-12] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-12] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-09] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-09] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-09] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-12] ()
S1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-12-16] ()
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-02-10] (Trusteer Ltd.)
S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-02-10] (Trusteer Ltd.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-02-10] (Trusteer Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-22 11:29 - 2014-02-22 11:31 - 02154496 _____ (Farbar) C:\Users\kelcie\Downloads\FRST64.exe
2014-02-21 21:06 - 2014-02-21 21:06 - 516086556 _____ () C:\Windows\MEMORY.DMP
2014-02-21 21:06 - 2014-02-21 21:06 - 00277064 _____ () C:\Windows\Minidump\022114-26769-01.dmp
2014-02-19 17:56 - 2014-02-22 11:30 - 00000000 ____D () C:\Users\kelcie\Downloads\FRST-OlderVersion
2014-02-19 17:38 - 2014-02-19 17:39 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{44F57CB7-8C78-40B9-80B1-358B1D691428}
2014-02-19 17:15 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-19 17:15 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-19 17:13 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-19 17:13 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-19 17:13 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-19 17:13 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-19 17:13 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-19 17:13 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-19 17:13 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-19 17:13 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-19 17:13 - 2014-02-06 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-19 17:13 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-19 17:13 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-19 17:13 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-19 17:13 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-19 17:13 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-19 17:13 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-19 17:13 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-19 17:13 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-19 17:13 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-19 17:13 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-19 17:13 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-19 17:13 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-19 17:13 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-19 17:13 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-19 17:13 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-19 17:13 - 2014-02-06 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-19 17:13 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-19 17:13 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-19 17:13 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-19 17:13 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-19 17:13 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-19 17:13 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-19 17:13 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-19 17:13 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-19 17:13 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-19 17:13 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-19 17:13 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-19 17:13 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-19 17:13 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-19 17:13 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 18:11 - 2014-02-22 08:01 - 00110654 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 18:07 - 2014-02-22 07:56 - 00000504 _____ () C:\Windows\setupact.log
2014-02-18 18:07 - 2014-02-18 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 16:01 - 2014-02-18 16:01 - 00040126 _____ () C:\Users\kelcie\Downloads\Addition.txt
2014-02-18 15:58 - 2014-02-22 11:31 - 00000000 _____ () C:\Users\kelcie\Downloads\FRST.txt
2014-02-18 15:57 - 2014-02-22 11:31 - 00000000 ____D () C:\FRST
2014-02-18 15:37 - 2014-02-19 17:32 - 00001386 _____ () C:\Windows\PFRO.log
2014-02-18 13:52 - 2014-02-18 13:52 - 00000000 ____D () C:\Windows\pss
2014-02-17 20:47 - 2014-02-17 20:47 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FE638D6C-DDC8-4BCF-8D3D-51FF580A7D9B}
2014-02-17 07:43 - 2014-02-17 07:43 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{466A62CF-2E14-44DF-8101-92A89A827EA8}
2014-02-16 15:12 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-16 15:12 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-16 15:12 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 15:12 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 15:12 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 15:12 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-16 15:12 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-16 15:12 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-16 15:12 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-16 15:12 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-16 15:12 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-16 15:12 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-16 15:12 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-16 15:12 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-16 15:12 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-16 15:11 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 15:11 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 15:11 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 15:11 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-16 14:56 - 2014-02-16 14:56 - 00001943 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 14:55 - 2014-02-16 15:01 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner 2012
2014-02-16 14:55 - 2014-02-16 14:55 - 00002019 _____ () C:\Users\Public\Desktop\TweakNow RegCleaner 2012.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 14:50 - 2014-02-16 14:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{45566ECE-6E54-4AA5-962C-72EB7650BB10}
2014-02-12 07:35 - 2014-02-12 07:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{D3BDA623-6D76-47A1-B48E-B271C0C7DF15}
2014-02-12 06:56 - 2014-02-12 06:56 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 06:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-11 18:40 - 2014-02-11 18:41 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{90956A9A-F190-4D45-BF1D-E6EDA2ADCE46}
2014-02-11 17:58 - 2014-02-11 17:58 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{E5D642E9-25A1-456B-B3B6-4E27E454C4DF}
2014-02-11 14:29 - 2014-02-11 14:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\WildTangent
2014-02-11 10:53 - 2014-02-11 10:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{F45856D9-6C0C-47A3-9137-E1A91A029832}
2014-02-11 09:40 - 2014-02-11 09:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{416788CB-9F86-4A72-8A91-D9373178DC91}
2014-02-11 07:40 - 2014-02-11 07:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{2C56B242-99C1-4CB6-8603-8C8CECEDEEC2}
2014-02-10 11:31 - 2014-02-10 11:31 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TuneUp Software
2014-02-10 11:30 - 2014-02-11 10:48 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-02-10 11:29 - 2014-02-11 10:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-10 11:29 - 2014-02-11 10:48 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-10 11:06 - 2014-02-10 11:08 - 55352744 _____ (TuneUp Software) C:\Users\kelcie\Downloads\TuneUpUtilities2014_en-US.exe
2014-02-10 10:09 - 2014-02-10 10:09 - 07072616 _____ (TweakNow.com ) C:\Users\kelcie\Desktop\RegCleaner7201.exe
2014-02-10 09:43 - 2014-02-10 09:43 - 00401752 _____ (Softonic ) C:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
2014-02-10 07:20 - 2014-02-10 07:21 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FCB6E0B9-4BB6-43B7-BC1B-13C60C4FF380}
2014-02-10 07:08 - 2014-02-10 07:08 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{24D22139-9AB1-4595-9B8E-B80228FF5B09}
2014-02-09 16:18 - 2014-02-09 16:19 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-09 12:48 - 2014-02-09 12:50 - 58080904 _____ (Microsoft Corporation) C:\Users\kelcie\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-02-09 12:29 - 2014-02-09 12:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\AVAST Software
2014-02-09 12:06 - 2014-02-09 12:10 - 90578216 _____ (AVAST Software) C:\Users\kelcie\Downloads\avast_free_antivirus_setup.exe
2014-02-09 07:37 - 2014-02-09 07:37 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{714A125A-F46F-4DA7-B8A7-D6F55504A606}
2014-02-08 20:28 - 2014-02-08 20:28 - 00001139 _____ () C:\Users\kelcie\Desktop\Pictures - Shortcut.lnk
2014-02-08 16:32 - 2014-02-08 16:32 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{7A68EDFA-BDFE-4565-950C-080F668DFF88}
2014-02-08 16:08 - 2014-01-12 18:41 - 03167112 _____ (AVAST Software) C:\Windows\system32\HTMLayout.dll
2014-02-08 15:45 - 2014-02-11 10:57 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-08 15:30 - 2014-02-08 15:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B70443D5-1D71-45B4-B280-4B5952EE462B}
2014-02-08 10:30 - 2014-02-08 10:31 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{15AAF3B3-EDA7-490E-8030-D4990D1C41E6}
2014-02-08 08:40 - 2014-02-08 08:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{EEC90C8C-936A-4AE8-BC1D-D515AB802727}
2014-02-07 14:44 - 2014-02-07 14:44 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{8F7E33C4-D826-4C77-8209-C2E5B85BE12D}
2014-02-06 18:52 - 2014-02-06 18:52 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B063FDFC-98A5-4AD6-A72A-46C67B2A2F82}
2014-02-06 17:13 - 2014-02-16 14:55 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner 2012
2014-02-06 17:12 - 2014-02-08 15:18 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner
2014-02-06 17:12 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner
2014-02-06 06:51 - 2014-02-06 06:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{784EF0D3-A54C-4E2A-96C4-73C3EBEC7BE8}
2014-02-05 16:02 - 2014-02-05 16:02 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{C7DE68EE-78D6-4E0E-BBF7-3B7D78004B77}
2014-02-05 12:41 - 2014-02-05 12:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 12:36 - 2014-02-05 12:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{5C2A31AB-1A61-4D30-9213-3529DA10E1B6}
2014-02-05 12:26 - 2014-02-05 12:26 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{1403AFC1-2EDD-4113-85E0-FB09A2C4BE47}
2014-02-05 10:55 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-05 10:55 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-02-05 10:55 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-05 10:55 - 2013-11-26 10:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-05 10:48 - 2014-02-05 11:26 - 07678272 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-05 10:47 - 2014-02-05 10:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300.exe
 
==================== One Month Modified Files and Folders =======
 
2014-02-22 11:31 - 2014-02-22 11:29 - 02154496 _____ (Farbar) C:\Users\kelcie\Downloads\FRST64.exe
2014-02-22 11:31 - 2014-02-18 15:58 - 00000000 _____ () C:\Users\kelcie\Downloads\FRST.txt
2014-02-22 11:31 - 2014-02-18 15:57 - 00000000 ____D () C:\FRST
2014-02-22 11:30 - 2014-02-19 17:56 - 00000000 ____D () C:\Users\kelcie\Downloads\FRST-OlderVersion
2014-02-22 08:05 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 08:05 - 2009-07-14 04:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 08:01 - 2014-02-18 18:11 - 00110654 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 07:58 - 2011-01-02 22:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\CrashDumps
2014-02-22 07:56 - 2014-02-18 18:07 - 00000504 _____ () C:\Windows\setupact.log
2014-02-22 07:56 - 2010-12-25 13:34 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-22 07:56 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 07:49 - 2012-04-08 19:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 07:49 - 2012-04-08 19:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-21 21:32 - 2012-04-08 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 21:32 - 2011-08-07 12:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 21:06 - 2014-02-21 21:06 - 516086556 _____ () C:\Windows\MEMORY.DMP
2014-02-21 21:06 - 2014-02-21 21:06 - 00277064 _____ () C:\Windows\Minidump\022114-26769-01.dmp
2014-02-21 21:06 - 2011-07-22 08:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-21 20:47 - 2013-06-25 16:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-19 17:46 - 2011-01-26 14:23 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\SoftGrid Client
2014-02-19 17:39 - 2014-02-19 17:38 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{44F57CB7-8C78-40B9-80B1-358B1D691428}
2014-02-19 17:38 - 2010-12-25 09:38 - 00000000 ____D () C:\Users\kelcie\Tracing
2014-02-19 17:32 - 2014-02-18 15:37 - 00001386 _____ () C:\Windows\PFRO.log
2014-02-19 17:27 - 2013-08-08 10:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-19 17:24 - 2011-04-18 07:33 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-19 17:24 - 2010-12-25 13:34 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 17:19 - 2010-12-25 13:34 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:19 - 2010-12-25 13:34 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-18 18:07 - 2014-02-18 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-18 16:01 - 2014-02-18 16:01 - 00040126 _____ () C:\Users\kelcie\Downloads\Addition.txt
2014-02-18 13:52 - 2014-02-18 13:52 - 00000000 ____D () C:\Windows\pss
2014-02-17 20:47 - 2014-02-17 20:47 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FE638D6C-DDC8-4BCF-8D3D-51FF580A7D9B}
2014-02-17 07:43 - 2014-02-17 07:43 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{466A62CF-2E14-44DF-8101-92A89A827EA8}
2014-02-16 15:40 - 2011-09-19 20:36 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA.job
2014-02-16 15:40 - 2011-09-19 20:36 - 00000908 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core.job
2014-02-16 15:01 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner 2012
2014-02-16 14:56 - 2014-02-16 14:56 - 00001943 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00002019 _____ () C:\Users\Public\Desktop\TweakNow RegCleaner 2012.lnk
2014-02-16 14:55 - 2014-02-16 14:55 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 14:55 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner 2012
2014-02-16 14:51 - 2014-02-16 14:50 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{45566ECE-6E54-4AA5-962C-72EB7650BB10}
2014-02-12 07:36 - 2014-02-12 07:35 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{D3BDA623-6D76-47A1-B48E-B271C0C7DF15}
2014-02-12 06:56 - 2014-02-12 06:56 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 06:55 - 2014-02-12 06:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-11 18:41 - 2014-02-11 18:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{90956A9A-F190-4D45-BF1D-E6EDA2ADCE46}
2014-02-11 17:58 - 2014-02-11 17:58 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{E5D642E9-25A1-456B-B3B6-4E27E454C4DF}
2014-02-11 14:29 - 2014-02-11 14:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\WildTangent
2014-02-11 14:29 - 2011-05-08 16:33 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-02-11 10:57 - 2014-02-08 15:45 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-11 10:53 - 2014-02-11 10:53 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{F45856D9-6C0C-47A3-9137-E1A91A029832}
2014-02-11 10:50 - 2010-12-25 09:09 - 00000000 ____D () C:\Users\kelcie
2014-02-11 10:48 - 2014-02-10 11:30 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-02-11 10:48 - 2014-02-10 11:29 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-11 10:48 - 2014-02-10 11:29 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-11 10:48 - 2013-03-09 21:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-11 10:48 - 2011-11-03 19:49 - 00000000 __HDC () C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
2014-02-11 10:48 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2014-02-11 10:47 - 2012-02-08 19:29 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-11 10:47 - 2011-05-14 08:26 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 09:40 - 2014-02-11 09:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{416788CB-9F86-4A72-8A91-D9373178DC91}
2014-02-11 07:40 - 2014-02-11 07:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{2C56B242-99C1-4CB6-8603-8C8CECEDEEC2}
2014-02-10 11:35 - 2011-04-15 18:29 - 00316312 _____ (Trusteer Ltd.) C:\Windows\system32\Drivers\RapportKE64.sys
2014-02-10 11:31 - 2014-02-10 11:31 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TuneUp Software
2014-02-10 11:08 - 2014-02-10 11:06 - 55352744 _____ (TuneUp Software) C:\Users\kelcie\Downloads\TuneUpUtilities2014_en-US.exe
2014-02-10 10:09 - 2014-02-10 10:09 - 07072616 _____ (TweakNow.com ) C:\Users\kelcie\Desktop\RegCleaner7201.exe
2014-02-10 09:43 - 2014-02-10 09:43 - 00401752 _____ (Softonic ) C:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
2014-02-10 07:41 - 2010-07-14 06:23 - 00000000 ____D () C:\Program Files (x86)\Packard Bell
2014-02-10 07:21 - 2014-02-10 07:20 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{FCB6E0B9-4BB6-43B7-BC1B-13C60C4FF380}
2014-02-10 07:08 - 2014-02-10 07:08 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{24D22139-9AB1-4595-9B8E-B80228FF5B09}
2014-02-09 16:20 - 2010-07-14 06:34 - 00000000 ____D () C:\Program Files\Google
2014-02-09 16:20 - 2010-07-14 06:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-09 16:19 - 2014-02-09 16:18 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-09 15:46 - 2010-12-25 09:27 - 00000000 ____D () C:\Users\kelcie\AppData\Local\Google
2014-02-09 15:46 - 2010-07-14 06:34 - 00000000 ____D () C:\ProgramData\Google
2014-02-09 12:50 - 2014-02-09 12:48 - 58080904 _____ (Microsoft Corporation) C:\Users\kelcie\Downloads\EIE11_EN-US_WOL_WIN764.EXE
2014-02-09 12:29 - 2014-02-09 12:29 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\AVAST Software
2014-02-09 12:25 - 2014-01-12 18:48 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-09 12:25 - 2011-02-27 09:25 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-09 12:25 - 2011-02-27 09:24 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-09 12:25 - 2011-02-27 09:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-09 12:10 - 2014-02-09 12:06 - 90578216 _____ (AVAST Software) C:\Users\kelcie\Downloads\avast_free_antivirus_setup.exe
2014-02-09 07:37 - 2014-02-09 07:37 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{714A125A-F46F-4DA7-B8A7-D6F55504A606}
2014-02-08 21:20 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-08 21:20 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU(9).TXT
2014-02-08 20:28 - 2014-02-08 20:28 - 00001139 _____ () C:\Users\kelcie\Desktop\Pictures - Shortcut.lnk
2014-02-08 18:11 - 2009-07-14 04:45 - 00271704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-08 16:53 - 2010-12-25 09:09 - 00059096 _____ () C:\Users\kelcie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-08 16:48 - 2010-07-14 06:39 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-08 16:48 - 2010-07-14 06:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-08 16:41 - 2010-12-25 09:28 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\Adobe
2014-02-08 16:32 - 2014-02-08 16:32 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{7A68EDFA-BDFE-4565-950C-080F668DFF88}
2014-02-08 15:30 - 2014-02-08 15:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B70443D5-1D71-45B4-B280-4B5952EE462B}
2014-02-08 15:19 - 2012-02-08 19:25 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-08 15:19 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-08 15:18 - 2014-02-06 17:12 - 00000000 ____D () C:\Program Files (x86)\TweakNow RegCleaner
2014-02-08 15:18 - 2009-07-14 07:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-08 10:31 - 2014-02-08 10:30 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{15AAF3B3-EDA7-490E-8030-D4990D1C41E6}
2014-02-08 08:40 - 2014-02-08 08:40 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{EEC90C8C-936A-4AE8-BC1D-D515AB802727}
2014-02-07 14:44 - 2014-02-07 14:44 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{8F7E33C4-D826-4C77-8209-C2E5B85BE12D}
2014-02-06 18:52 - 2014-02-06 18:52 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{B063FDFC-98A5-4AD6-A72A-46C67B2A2F82}
2014-02-06 17:12 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner
2014-02-06 12:16 - 2014-02-19 17:13 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-19 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-19 17:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-19 17:13 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-19 17:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-19 17:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-19 17:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-19 17:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:52 - 2014-02-19 17:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:49 - 2014-02-19 17:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-19 17:13 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-19 17:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-19 17:13 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-19 17:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-19 17:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-19 17:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:11 - 2014-02-19 17:13 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-19 17:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-19 17:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-19 17:13 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-19 17:13 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-19 17:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-19 17:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-19 17:13 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 09:49 - 2014-02-19 17:13 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 09:47 - 2014-02-19 17:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-19 17:13 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-19 17:13 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-19 17:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-19 17:13 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:22 - 2014-02-19 17:13 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-19 17:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-19 17:13 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-19 17:13 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-19 17:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-19 17:13 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-19 17:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-19 17:13 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-19 17:13 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 06:51 - 2014-02-06 06:51 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{784EF0D3-A54C-4E2A-96C4-73C3EBEC7BE8}
2014-02-05 16:15 - 2011-02-01 19:33 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-05 16:02 - 2014-02-05 16:02 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{C7DE68EE-78D6-4E0E-BBF7-3B7D78004B77}
2014-02-05 12:36 - 2014-02-05 12:36 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{5C2A31AB-1A61-4D30-9213-3529DA10E1B6}
2014-02-05 12:32 - 2014-02-05 12:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 12:26 - 2014-02-05 12:26 - 00000000 ____D () C:\Users\kelcie\AppData\Local\{1403AFC1-2EDD-4113-85E0-FB09A2C4BE47}
2014-02-05 11:26 - 2014-02-05 10:48 - 07678272 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-05 10:48 - 2014-02-05 10:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kelcie\Downloads\mbam-setup-1.75.0.1300.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-16 10:54
 
==================== End Of Log ============================


#8 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 22 February 2014 - 06:25 AM

Sorry buy I am struggling to get anywhere with this laptop.  I am not sure that you actually want this log again - it is the Addition log:

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
itional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by kelcie at 2014-02-18 16:01:03
Running from C:\Users\kelcie\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions (x32 Version:  - )
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.63 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.3.124.0 - Microsoft Corporation)
blinkx beat (HKCU Version: 1.5.0 - blinkx)
Bonzuna (x32 Version: 1.0.0 - Search Core Systems)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (x32 Version: 2.5.0.15 - DivX, LLC)
DivX Web Player (x32 Version: 1.4.0 - DivX,Inc.)
Driving Test Success - All Tests 2012 Edition (x32 Version: 16.0 - Imagitech Ltd.)
Driving Theory Test Express v3.1.0.0 (x32 Version:  - Oasis Business Services Int. Ltd.)
Dynamo Toolbar (x32 Version: 1.0.2 - Dynamo Media) <==== ATTENTION
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
eMule (x32 Version:  - )
ETDWare PS/2-x64 7.0.6.5_WHQL (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (x32 Version: 1.0.0.500 - KSS)
Launch Manager (x32 Version: 4.0.14 - Packard Bell)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
Packard Bell Games (x32 Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (x32 Version: 2.0.0.63 - NewTech Infosystems)
Packard Bell Power Management (x32 Version: 5.00.3005 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (x32 Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 1.0.1721 - CyberLink Corp.) Hidden
Packard Bell Updater (x32 Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premiumplay Codec-C (x32 Version:  - WebPicks) <==== ATTENTION
QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1304.46 - Trusteer) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
Trusteer Endpoint Protection (x32 Version: 3.5.1304.46 - Trusteer)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TweakNow RegCleaner 2012 (x32 Version: 7.2.0.1 - TweakNow.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veetle TV 0.9.18 (x32 Version: 0.9.18 - Veetle, Inc)
Video Web Camera (x32 Version: 2.0.5.4 - Liteon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3002 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.21 - WildTangent)
Windows iLivid Toolbar (x32 Version: 3.0.0.117286 - Bandoo Media, Inc) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 15.0 (x32 Version: 15.0.9411 - WinZip Computing, S.L. )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
08-02-2014 15:09:54 Restore Operation
08-02-2014 15:40:23 avast! antivirus system restore point
08-02-2014 15:45:03 Windows Update
08-02-2014 16:38:44 Removed Adobe Photoshop Elements 8.0.
08-02-2014 18:44:41 Installed Rapport
09-02-2014 12:24:14 avast! antivirus system restore point
10-02-2014 07:27:42 Removed Kaspersky Security Scan
10-02-2014 11:29:55 Installed TuneUp Utilities 2014
11-02-2014 10:43:55 Restore Operation
11-02-2014 10:51:48 avast! antivirus system restore point
11-02-2014 10:58:49 Windows Modules Installer
11-02-2014 11:00:06 Windows Modules Installer
11-02-2014 11:00:43 Windows Modules Installer
11-02-2014 11:01:30 Windows Modules Installer
11-02-2014 11:02:20 Windows Modules Installer
11-02-2014 11:29:16 Windows Modules Installer
11-02-2014 11:29:51 Windows Modules Installer
11-02-2014 11:30:37 Windows Modules Installer
11-02-2014 11:31:20 Windows Modules Installer
11-02-2014 11:32:06 Windows Modules Installer
11-02-2014 11:32:47 Windows Modules Installer
11-02-2014 11:33:32 Windows Modules Installer
11-02-2014 11:34:16 Windows Modules Installer
11-02-2014 11:34:59 Windows Modules Installer
11-02-2014 11:35:44 Windows Modules Installer
11-02-2014 11:36:29 Windows Modules Installer
11-02-2014 13:06:18 Windows Modules Installer
11-02-2014 13:06:57 Windows Modules Installer
11-02-2014 13:07:41 Windows Modules Installer
11-02-2014 13:08:25 Windows Modules Installer
11-02-2014 13:09:09 Windows Modules Installer
11-02-2014 13:09:54 Windows Modules Installer
11-02-2014 13:10:39 Windows Modules Installer
11-02-2014 13:11:23 Windows Modules Installer
11-02-2014 13:12:05 Windows Modules Installer
11-02-2014 13:12:48 Windows Modules Installer
11-02-2014 13:13:32 Windows Modules Installer
11-02-2014 13:14:17 Windows Modules Installer
16-02-2014 15:08:22 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {018F541D-488F-4E13-8F2D-D03AA95E173E} - System32\Tasks\{70D00926-556F-41AC-A160-01F2977BE500} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0BD14426-51DD-4DAA-B459-2C31C5ABC679} - System32\Tasks\{4E305417-8B68-46F3-8BB5-F692E0F513D2} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {0DA0451B-9565-48F4-9F29-308D9839BE6B} - System32\Tasks\{2B3282A1-F166-43F5-B7AE-C7FC011AFC90} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {12225F5C-A51E-4614-8871-014C6BD06D6A} - System32\Tasks\{2D0FA32F-D308-4C1F-A3AF-A8DE3C14BB49} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1401811F-0CA6-4951-B5D9-F18EE50102AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25] (Google Inc.)
Task: {15046D27-D1E1-4558-8BEF-FA4CF4DCE4E6} - System32\Tasks\{B9634E50-D6AD-4C12-AD24-1B84D81CFC4F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {153506A8-1346-48D1-B9C1-79E7A01394BF} - System32\Tasks\{CA126C53-5C14-4203-95D9-5C60F514F432} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {1A377C59-9C4C-42DB-BD8A-D28F6B130681} - System32\Tasks\{7D331AB2-3156-4EB8-ADFF-65DBEA51CCED} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {203FBD77-D99E-4A19-BFD0-DC8933EA4A74} - System32\Tasks\{1CEB3684-E7AA-4C1E-98EC-15279D5FD5A5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {263B871F-BDF9-4EBE-9888-D176341B0C4E} - System32\Tasks\{7F8F42BE-0509-4EC7-A588-3DDA757EBD10} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {2C730E29-0C81-4874-932F-96C50A6110A3} - System32\Tasks\{3F67E6DD-44BB-423E-9355-22764AF6441E} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {305F6CA4-B64E-46CA-AB7E-429099B76371} - System32\Tasks\{C5A29050-7AD3-4A5B-94BF-5C008489E40B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {41237E5F-B57C-4189-9EE6-F070FFB1A0B5} - System32\Tasks\{962F3EE5-EABF-4582-8B47-8EC569165E6F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {423C51AE-47B3-4FAA-97CE-A70433E0A5FC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-09] (AVAST Software)
Task: {443F19B6-D0C5-4E01-9B9B-B39CEB708419} - System32\Tasks\{2C41B2D7-D585-4028-9A29-458CDE094394} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {4922B0DF-120E-4392-9BC5-D5140F64E334} - System32\Tasks\{68C2262B-6A5A-48C0-B985-D13474880543} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {5893C5B6-8566-4A95-AA35-34C04B37D736} - System32\Tasks\{331AA0B9-CBCF-4E50-A2C3-98E4F088F65E} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {6221C13A-35C4-401F-A31B-0E1CDA54FAD7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7032B645-777B-411C-AE3F-B0DD4163B27C} - System32\Tasks\{A0DB1B9E-4197-42FC-B3E3-282226906C81} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {71464BB9-0E88-4525-AD1D-4F6A3F767232} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {719011A3-BB51-496D-9F6F-80E5BAF0AC90} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSA.exe
Task: {74CE2B62-8487-4A01-856D-BF2865BACD45} - System32\Tasks\{11C85577-069C-4A45-9D84-73E8C46404D1} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {767824A7-4799-4D9A-B8F7-49D51FF803B6} - System32\Tasks\{8D13DB5B-15D7-49D8-8E75-40B854E2ABBA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {79E5FCA6-D811-4749-B870-BFC78270C98D} - System32\Tasks\{4B447BD3-BB60-4615-A6C5-9476A19E9AE1} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {7BC11717-A443-4183-BACB-AB286F3727F2} - System32\Tasks\{D6F4347A-32CA-49BF-8AC4-281D591654CB} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {7E1BE3DB-5888-4E92-897A-81B30A0D21AA} - System32\Tasks\{10765747-99A0-4044-9CBF-ED5025193141} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {80370285-D2D4-4017-A046-8ACE07FDD9C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {8BCF32A0-B822-4911-BFD2-60FE646DFBD9} - System32\Tasks\{F762BEEF-91DE-41E1-9AE7-3EE0DBAAE921} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {8E396EE8-EC36-4587-A1A5-FF5622528142} - System32\Tasks\{14042D2F-8D3F-48AD-90EA-C93E857BF3AB} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {914BC20A-E757-4535-8089-CA5B2E560840} - System32\Tasks\{C2328B0E-7C0C-467D-BFBE-4A053778345C} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {9466D8D6-AD95-4C9C-BD9A-D8EB0C08DE80} - System32\Tasks\{B556CB86-5184-4225-92EE-DF9BD6AE757A} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {996BD70C-5A2D-4599-99C4-F869859FE66D} - System32\Tasks\Dynamo Toolbar Helper => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dthelper.exe [2012-08-28] (Search Core Systems) <==== ATTENTION
Task: {9B1E51E7-9903-416E-8319-61BAECBB250C} - System32\Tasks\{08F73F5A-21D4-4BE3-A0BE-C2240DC7BDBA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AA3168B5-E9E0-40A3-B960-D4C0ADD3272A} - System32\Tasks\{91D2477A-4CD8-4291-A638-BDDDF17BBB19} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AAC101C9-B77A-45D5-8E6C-EC922EC86922} - System32\Tasks\{96D31244-F7D6-4BEF-84B4-CB96FB881083} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {AC1DB637-BF51-45BB-8020-9F4B6F428658} - System32\Tasks\{4A4CC68D-6C5A-4932-9999-8BAD3B27B0AA} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BA052C85-BCF5-4B9C-BE5A-0A98D28E02ED} - System32\Tasks\{84392FA2-AEB5-4E38-A612-F17AC6FA8AFC} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BA9AEAA3-3EC0-4D39-896E-0AB9D0706B3B} - System32\Tasks\{F80256F5-6CCB-4BB1-A041-A6E24D141BC0} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BBAB97E5-08C5-4212-A6E1-BE27C9B1B9CB} - System32\Tasks\{77A6A689-8B9B-4DC2-96FD-22F658053E9B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {BC21ABD8-0265-4557-89B0-D158B93ED734} - System32\Tasks\{51D2CA94-F21A-4262-A9C2-B86EC44E2704} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {C5617C32-6359-4894-86FD-3798B414AC45} - System32\Tasks\{BFE6C273-C155-478B-A231-EEBCF8258CAC} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {C9E6D0D5-57F7-4C1D-917F-C8E51449AF13} - System32\Tasks\{B5215259-A853-476A-A56B-982CEEB57A8A} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {CD933F6F-571A-495D-9A0A-405D1615FAFF} - System32\Tasks\{54EE3F30-0496-4737-8382-A1F37F1EBFD5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {D15628A1-7EBD-4701-B42C-8EDC2174B653} - System32\Tasks\{909BAE42-E701-4169-9F9B-86BEA82654AF} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {D49C4B56-2F8D-4BCD-8DF5-2B6414446661} - System32\Tasks\Dynamo Toolbar Updater => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dtupdt.exe [2012-08-28] (Search Core System) <==== ATTENTION
Task: {DEFF3896-3960-43E0-AACC-80F0A7B5EA44} - System32\Tasks\{3159E7F1-3B32-4753-88CD-17BA554108E8} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {E51510D5-8BAC-4833-9D3E-4B1E831BFC66} - System32\Tasks\{9EEF534B-22F0-417B-8470-41EEB4683C95} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F478FCF2-71CC-4823-8CB9-9AA77BDD87C7} - System32\Tasks\{862D669B-8221-48A0-BAA9-F37AAE523368} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F5D7761F-1E14-4FED-B479-8923F6E09E99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-25] (Google Inc.)
Task: {F8A1EF35-7208-4E58-BAD5-64A71D1580E7} - System32\Tasks\{DD830119-B81A-4D68-B626-767B0E8BF8E4} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {F8BCEB55-BBEB-43C8-8DF8-BC133E611247} - System32\Tasks\{F37716E4-AC13-464C-B5DC-FC3EA40DB57B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-09] (AVAST Software)
Task: {FA9F369F-73BB-41AA-B205-9DF808AF6CD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dynamo Toolbar Helper.job => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dthelper.exe
Task: C:\Windows\Tasks\Dynamo Toolbar Updater.job => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dtupdt.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core.job => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA.job => C:\Users\kelcie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-05 16:15 - 2014-02-01 23:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-05 16:15 - 2014-02-01 23:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-05 16:15 - 2014-02-01 23:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kaspersky Security Scan.lnk => C:\Windows\pss\Kaspersky Security Scan.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
 
==================== Faulty Device Manager Devices =============
 
Name: avast! Network Shield Support
Description: avast! Network Shield Support
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswTdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: RapportKE64
Description: RapportKE64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RapportKE64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 03:37:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 02:37:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (02/18/2014 02:34:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: BITS connection error Type: 150::InternetConnectionFailure.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/17/2014 08:47:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 04:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:59:10 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/18/2014 03:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 03:37:48 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 03:37:47 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 02:37:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\kelcie\Downloads\SoftonicDownloader_for_tweaknow-regcleaner.exe
 
Error: (02/18/2014 02:34:37 PM) (Source: CVHSVC)(User: )
Description: Error: BITS connection error Type: 150::InternetConnectionFailure.
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 02:24:38 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/18/2014 01:47:30 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
Error: (02/17/2014 08:47:08 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe.Manifest
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 95%
Total physical RAM: 4025.97 MB
Available physical RAM: 169.4 MB
Total Pagefile: 8050.13 MB
Available Pagefile: 2870.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Packard Bell) (Fixed) (Total:219.79 GB) (Free:145.82 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 79E88B8F)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 22 February 2014 - 07:12 AM

Look in your Add/Remove programs list. If these programs are listed please remove them.

Windows Core Tool Bar
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
Windows iLivid Toolbar (x32 Version: 3.0.0.117286 - Bandoo Media, Inc) <==== ATTENTION


Remove Dynamo Toolbar Updater in your System32\Tasks folder (not the folder)

Task: {D49C4B56-2F8D-4BCD-8DF5-2B6414446661} - System32\Tasks\Dynamo Toolbar Updater => C:\Program Files (x86)\Dynamo Media\Dynamo Toolbar\dtupdt.exe [2012-08-28] (Search Core System) <==== ATTENTION
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
[b]
startHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwi...CF672}&serpv=22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...q={searchTerms}
SearchScopes: HKCU - 00D9C8D5E7B2466A8EB54FF5B33A381D URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...PW_enGB411GB412
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {B484E4FA-CBF4-4530-AB55-CA38503AC1E8} URL = http://search.yahoo....petb&type=10811
BHO-x32: No Name - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} -  No File
Toolbar: HKLM - No Name - !{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
CHR HomePage: hxxp://www.searchbrowsing.com
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
AlternateDataStreams: C:\ProgramData\Temp:373E1720
C:\Program Files (x86)\Dynamo Media
end

[/b]
Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

Restart the computer in normal mode if you can.
===

Try to run this tool.

Download OTL to your desktop.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.

OTL_Main_Tutorial.gif
  • Select All Users.
  • Under the Custom Scan box paste this text in bold in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs DO NOT ATTACH THEM.
===

Keep me posted on the pending issues.


p.s.
Your logs do not show any running processes.
Did you disable them?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 22 February 2014 - 01:57 PM

Thank you Nasdaq - I managed to load Windows at the 2nd attempt this time and,so far,have not had lots of windows opening.  There is still the beeping (alarm type) noise during start up.

 

There was only 1 of those items in Add/Remove programmes  - that was iLive (x32 Version: 1.92.0.117387) but I wasn't able to uninstall this programme.  I kept getting the message 'to wait until current programme is finished uninstalling - I hadn't tried to remove another programme but it then talled Launch Manager.

 

Dynamo Toolbar Updater was not in that folder but there was a Browser Data file.

 

This laptop seems to be running much better than it was at first.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-02-2014 01
Ran by kelcie at 2014-02-22 15:42:20 Run:1
Running from C:\Users\kelcie\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
startHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwi...CF672}&serpv=22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweeti...q={searchTerms}
SearchScopes: HKCU - 00D9C8D5E7B2466A8EB54FF5B33A381D URL = http://www.searchbro...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...PW_enGB411GB412
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {B484E4FA-CBF4-4530-AB55-CA38503AC1E8} URL = http://search.yahoo....petb&type=10811
BHO-x32: No Name - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} -  No File
Toolbar: HKLM - No Name - !{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
CHR HomePage: hxxp://www.searchbrowsing.com
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
AlternateDataStreams: C:\ProgramData\Temp:373E1720
C:\Program Files (x86)\Dynamo Media
end
 
*****************
 
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\00D9C8D5E7B2466A8EB54FF5B33A381D => Key deleted successfully.
HKCR\CLSID\00D9C8D5E7B2466A8EB54FF5B33A381D => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B484E4FA-CBF4-4530-AB55-CA38503AC1E8} => Key deleted successfully.
HKCR\CLSID\{B484E4FA-CBF4-4530-AB55-CA38503AC1E8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} => Value deleted successfully.
HKCR\CLSID\!{3A6BE320-DC9B-4D24-A6E8-621B81544F4B} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{8dcb7100-df86-4384-8842-8fa844297b3f} => Value deleted successfully.
HKCR\CLSID\!{8dcb7100-df86-4384-8842-8fa844297b3f} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Value deleted successfully.
HKCR\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
CHR HomePage: hxxp://www.searchbrowsing.com ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx => Moved successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\Program Files (x86)\Dynamo Media => Moved successfully.
 
==== End of Fixlog ====
 

OTL logfile created on: 22/02/2014 16:10:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\kelcie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.93 Gb Total Physical Memory | 2.73 Gb Available Physical Memory | 69.42% Memory free
7.86 Gb Paging File | 6.53 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.79 Gb Total Space | 145.59 Gb Free Space | 66.24% Space Free | Partition Type: NTFS
 
Computer Name: KELCIE-PC | User Name: kelcie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/02/22 15:55:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kelcie\Downloads\OTL.exe
PRC - [2014/02/10 11:35:22 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2014/02/10 11:35:20 | 002,484,504 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2014/02/09 12:25:40 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/09 12:25:40 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
PRC - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/03/21 18:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/25 00:22:08 | 000,263,936 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2010/05/25 00:21:50 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010/04/13 16:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 16:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010/01/08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/02/22 07:53:11 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/22 07:53:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/21 20:50:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/21 20:50:48 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/21 20:50:38 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/21 20:50:30 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/21 20:49:06 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/19 17:47:10 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/19 17:47:03 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/08 18:50:27 | 001,125,592 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2014/01/12 18:47:49 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2012/06/27 14:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/03/21 18:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 18:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/05/25 00:16:18 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/02/09 12:25:40 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/11 13:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 23:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2014/02/22 15:30:54 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/10 11:35:22 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2014/01/28 01:15:18 | 000,227,904 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/10/12 17:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/17 22:23:15 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/01 22:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/25 00:21:50 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/04/13 16:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/01/15 21:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 13:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/02/10 11:35:40 | 000,316,312 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2014/02/09 12:25:46 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/02/09 12:25:46 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/02/09 12:25:46 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/02/09 12:25:46 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/12 18:47:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/12 18:47:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/12 18:47:56 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/12/19 13:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/09 08:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/03 19:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/24 07:46:36 | 000,246,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/15 12:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/05/11 10:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/13 16:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/13 10:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/09/02 03:54:18 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 22:45:10 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 23:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 23:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2014/02/10 11:35:42 | 000,282,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2014/02/10 11:35:40 | 000,397,848 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2013/12/16 11:20:21 | 000,606,672 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys -- (RapportCerberus_59849)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan...s={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan...s={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2351789889-1854393074-3027101475-1001\..\SearchScopes,DefaultScope = {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}
IE - HKU\S-1-5-21-2351789889-1854393074-3027101475-1001\..\SearchScopes\{0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2351789889-1854393074-3027101475-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\kelcie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/17 17:15:47 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX® Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\kelcie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: McAfee Security Scan+ = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: Google Search = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Google Wallet = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\kelcie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F17FCF5C-2AE4-4D7E-A305-F41702BF6BD0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{68f4cf30-e47d-11e0-9517-88ae1d9b00a6}\Shell - "" = AutoRun
O33 - MountPoints2\{68f4cf30-e47d-11e0-9517-88ae1d9b00a6}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/02/22 15:49:22 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{249D3529-28AC-4368-AFE5-5841669E1832}
[2014/02/19 17:38:57 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{44F57CB7-8C78-40B9-80B1-358B1D691428}
[2014/02/19 17:15:13 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/19 17:13:46 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/19 17:13:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/19 17:13:44 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/19 17:13:44 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/19 17:13:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/19 17:13:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/19 17:13:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/19 17:13:24 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/19 17:13:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/19 17:13:23 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/19 17:13:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/19 17:13:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/19 17:13:22 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/19 17:13:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/19 17:13:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/19 17:13:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/19 17:13:20 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/19 17:13:20 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/19 17:13:20 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/19 17:13:19 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/19 17:13:13 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/19 17:13:13 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/19 17:13:04 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/18 15:57:52 | 000,000,000 | ---D | C] -- C:\FRST
[2014/02/18 13:52:00 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/02/17 20:47:34 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{FE638D6C-DDC8-4BCF-8D3D-51FF580A7D9B}
[2014/02/17 07:43:08 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{466A62CF-2E14-44DF-8101-92A89A827EA8}
[2014/02/16 15:12:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/16 15:12:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/16 15:12:22 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/16 15:12:22 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/16 15:12:21 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/16 15:12:21 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/16 15:12:21 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/16 15:12:20 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/16 15:12:20 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/16 15:12:20 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/16 15:12:19 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/16 15:12:19 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/16 15:12:18 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/16 15:12:18 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/16 15:12:18 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/16 15:12:17 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/16 15:12:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/16 15:12:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/16 15:12:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/16 15:11:43 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/16 15:11:42 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/16 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/02/16 14:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow RegCleaner 2012
[2014/02/16 14:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/02/16 14:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner 2012
[2014/02/16 14:50:52 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{45566ECE-6E54-4AA5-962C-72EB7650BB10}
[2014/02/12 07:35:59 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{D3BDA623-6D76-47A1-B48E-B271C0C7DF15}
[2014/02/12 06:56:15 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\Malwarebytes
[2014/02/12 06:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/12 06:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/12 06:55:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/02/12 06:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/11 18:40:51 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{90956A9A-F190-4D45-BF1D-E6EDA2ADCE46}
[2014/02/11 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{E5D642E9-25A1-456B-B3B6-4E27E454C4DF}
[2014/02/11 14:29:56 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\WildTangent
[2014/02/11 10:53:26 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{F45856D9-6C0C-47A3-9137-E1A91A029832}
[2014/02/11 09:40:28 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{416788CB-9F86-4A72-8A91-D9373178DC91}
[2014/02/11 07:40:36 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{2C56B242-99C1-4CB6-8603-8C8CECEDEEC2}
[2014/02/10 11:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2014/02/10 11:31:07 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\TuneUp Software
[2014/02/10 11:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2014
[2014/02/10 11:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014/02/10 11:29:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/02/10 11:29:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/02/10 10:09:03 | 007,072,616 | ---- | C] (TweakNow.com                                                ) -- C:\Users\kelcie\Desktop\RegCleaner7201.exe
[2014/02/10 07:20:35 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{FCB6E0B9-4BB6-43B7-BC1B-13C60C4FF380}
[2014/02/10 07:08:08 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{24D22139-9AB1-4595-9B8E-B80228FF5B09}
[2014/02/09 12:29:35 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\AVAST Software
[2014/02/09 07:37:23 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{714A125A-F46F-4DA7-B8A7-D6F55504A606}
[2014/02/08 16:32:09 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{7A68EDFA-BDFE-4565-950C-080F668DFF88}
[2014/02/08 16:08:23 | 003,167,112 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\HTMLayout.dll
[2014/02/08 15:30:09 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{B70443D5-1D71-45B4-B280-4B5952EE462B}
[2014/02/08 10:30:52 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{15AAF3B3-EDA7-490E-8030-D4990D1C41E6}
[2014/02/08 08:40:07 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{EEC90C8C-936A-4AE8-BC1D-D515AB802727}
[2014/02/07 14:44:26 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{8F7E33C4-D826-4C77-8209-C2E5B85BE12D}
[2014/02/06 18:52:03 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{B063FDFC-98A5-4AD6-A72A-46C67B2A2F82}
[2014/02/06 17:13:11 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner 2012
[2014/02/06 17:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow RegCleaner
[2014/02/06 17:12:54 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Roaming\TweakNow RegCleaner
[2014/02/06 17:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner
[2014/02/06 06:51:32 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{784EF0D3-A54C-4E2A-96C4-73C3EBEC7BE8}
[2014/02/05 16:02:13 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{C7DE68EE-78D6-4E0E-BBF7-3B7D78004B77}
[2014/02/05 12:41:34 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\kelcie\Desktop\mbam-setup-1.75.0.1300.exe
[2014/02/05 12:36:49 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{5C2A31AB-1A61-4D30-9213-3529DA10E1B6}
[2014/02/05 12:26:05 | 000,000,000 | ---D | C] -- C:\Users\kelcie\AppData\Local\{1403AFC1-2EDD-4113-85E0-FB09A2C4BE47}
[2014/02/05 10:55:19 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/02/05 10:55:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/02/05 10:55:11 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[5 C:\Users\kelcie\Documents\*.tmp files -> C:\Users\kelcie\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/02/22 15:57:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/22 15:57:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/22 15:56:59 | 000,001,115 | ---- | M] () -- C:\Users\kelcie\Desktop\OTL - Shortcut.lnk
[2014/02/22 15:46:24 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/22 15:46:07 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/22 15:45:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/22 15:45:47 | 3166,150,656 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/22 15:40:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001UA.job
[2014/02/22 15:40:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2351789889-1854393074-3027101475-1001Core.job
[2014/02/22 15:30:54 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/22 15:30:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/22 15:29:02 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/22 15:29:00 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/21 21:06:19 | 516,086,556 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/16 14:56:43 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/02/16 14:55:39 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\TweakNow RegCleaner 2012.lnk
[2014/02/12 06:55:59 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/11 10:57:53 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/10 11:35:40 | 000,316,312 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2014/02/10 10:09:22 | 007,072,616 | ---- | M] (TweakNow.com                                                ) -- C:\Users\kelcie\Desktop\RegCleaner7201.exe
[2014/02/09 12:25:46 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/09 12:25:46 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/09 12:25:46 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/09 12:25:46 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/02/09 12:25:46 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/09 12:25:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/08 20:28:11 | 000,001,139 | ---- | M] () -- C:\Users\kelcie\Desktop\Pictures - Shortcut.lnk
[2014/02/08 18:11:26 | 000,271,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/06 11:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 11:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 11:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 10:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonc

#11 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 22 February 2014 - 02:07 PM

Nasadq this is the 2nd time I have posted these details - I don't know what happened the first time but they didn't appear when I checked your site.  This time it seems OK but I did add a message at the end to let you know that I could only find one text log for the OTL programme.  Also I did close all open windows last time but didn't stop the running processes.  I don't know how this got left off but thank you again for all your help.



#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 23 February 2014 - 07:25 AM

This time it seems OK but I did add a message at the end to let you know that I could only find one text log for the OTL programme.

The log was probably truncated because if was too long.

===

Ther is no malware found in the log.

Just remove this Chrome search item in your Settings. Look at the Set page on the Start up section.

CHR - homepage: http://www.searchbrowsing.com
===

As for the Starting Beeps if they are the same then It's some Hardware issue.
When we are finished here you can open a new topic in the Internal hardware forum
http://www.bleepingc...ums/forum7.html
This is not may domain of expertise.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 23 February 2014 - 12:26 PM

Thank you again Nasdaq.  I have not been able to find the Chrome homepage setting to be able to remove it.  I opened google chrome and looked in Settings and set pages also looked in Extensions but couldn't find it.  I hope I've been looking in the right places.  I also looked at the startup using msconfig to see if it was there.
 
This laptop is definitely running very much better already, thank you.
 
 
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities 2014 (en-US)  
 TweakNow RegCleaner 2012   
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 32.0.1700.107  
 Google Chrome 33.0.1750.117  
````````Process Check: objlist.exe by Laurent````````  
 Symantec Norton Online Backup NOBuAgent.exe  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log`````````````````````` 


#14 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 23 February 2014 - 12:50 PM

Nasdaq I have managed to find www.searchbrowsing.com - it was in Settings/Manage Search Engines/Other Search Engines.  It has now been removed, thank you.



#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 24 February 2014 - 06:41 AM

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Summary: Adobe has released security updates for Adobe Flash Player 11.9.900.152 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.327 and earlier versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Flash test site:
http://www.adobe.com...re/flash/about/
If you have the latest version close the windows.

Flash Player Help / Find version
http://helpx.adobe.c...on_your_machine

===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>



If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
Ignore if ComboFix was not used.
===


Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#16 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 24 February 2014 - 09:40 AM

Thank you Nasdaq - Adobe Flash was up to date and I have downloaded the latest version of Adobe Reader.  

 

I followed your instructions for ComboFix but it did not run.  I will follow your suggestions re. firewall and anti-virus programmes etc. and have already downloaded SpywareBlaster - MalwareBytes already installed.

 

This laptop now seems to be working perfectly and I can't thank you enough for all your help.    :thumbup: 



#17 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 25 February 2014 - 03:45 AM

Since my last message things have gone backwards.  I tried to use Internet Explorer and had lots of pages opening again. The next time I had a box saying not enough free memory to open prog but no applications were shpwing in Windows Taskbar but lots of iexplore items were  showing in Processes.  I also got another message saying windows explorer wasn't able to open/close properly.  I had been using Chrome while I was following your instructions.  



#18 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 25 February 2014 - 06:29 AM

In Internet Explorer > Tool > Internet Options> Advanced tab.
In the bottom reset the Internet Explorer settings.

Click the apply button.

Close the browser.

Restart the computer normally.

How is IE now?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#19 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 25 February 2014 - 10:05 AM

Thank you again Nasdaq - I managed to do that in Safe Mode but when I restarted it hasn't made any difference and Google also opened lots of pages - which had not been happening.  

 

I get message boxes saying not enough free memory to run Internet Explorer - lots of ie processes seem to be running.  Message also that Task Manager has stopped responding and Windows Explorer has stopped working.

 

I was able to close the extra google chrome pages so that I could post this reply.



#20 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 25 February 2014 - 10:15 AM

An update to the last reply. After posting the last reply I tried Internet Explorer again and it opened and said Welcome to your new Internet Explorer 10 - I'm sure I had been using version 11 - anyway, so far it seems to be working OK. I will continue to use it and let you know how it goes.

#21 optimist

optimist

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 25 February 2014 - 11:00 AM

Hello again Nasdaq - well everything seems to be working well again and I am actually using Internet Explorer to post this reply.  I have updated Spyware Blaster and MalwareBytes and have run a quick scan for malware.  It did find 19 items but none were selected for removal so they were quarantined.  I opened windows explorer and that worked normally as well.

 

Everything seems to be back on track - thank you.



#22 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,242 posts

Posted 26 February 2014 - 06:29 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button