Here is the FRST.TXT,
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-07-2014 01
Ran by Scott (administrator) on SCOTT-PC on 23-07-2014 15:55:13
Running from C:\Users\Scott\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(AWS Convergence Technologies, Inc.) C:\Program Files\AWS\WeatherBug\Weather.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(SupportSoft, Inc.) C:\Program Files\CenturyLink\QuickCare\bin\sprtsvc.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(SupportSoft, Inc.) C:\Program Files\CenturyLink\QuickCare\bin\tgsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\Run: [Weather] => C:\Program Files\AWS\WeatherBug\Weather.exe [1652736 2011-10-05] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-08-06] (Google Inc.)
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\MountPoints2: {40e7b625-0979-11df-8ce8-00219bdf33cc} - G:\LaunchU3.exe -a
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\MountPoints2: {78450202-0cfe-11e1-92ce-00219bdf33cc} - G:\UEZLink.exe
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\MountPoints2: {b1c7986b-fba8-11e0-a9e9-00219bdf33cc} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\MountPoints2: {f805ddd8-65b5-11df-a786-00219bdf33cc} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4285762069-3129431747-2670039461-1000\...\MountPoints2: {f8eb5cb0-66e8-11df-88d1-00219bdf33cc} - F:\setupSNK.exe
==================== Internet (Whitelisted) ====================
ProxyServer: :0
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: CenturyLink -> {A317CB83-299C-4FC8-9ED7-2D64117D98EE} -> C:\Program Files\qwesttoolbar\qwesttoolbarDx.dll ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> C:\PROGRA~1\INBOXA~2\bar\1.bin\1gbar.dll No File
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - CenturyLink - {A317CB83-299C-4FC8-9ED7-2D64117D98EE} - C:\Program Files\qwesttoolbar\qwesttoolbarDx.dll ()
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-15]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\plugins/avgnpss.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (AdBlock) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-21]
========================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2008-09-24] (Adobe Systems) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 sprtsvc_quickcare; C:\Program Files\CenturyLink\QuickCare\bin\sprtsvc.exe [206120 2011-06-07] (SupportSoft, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe [382320 2011-06-07] (SupportSoft, Inc.)
R2 tgsrvc_quickcare; C:\Program Files\CenturyLink\QuickCare\bin\tgsrvc.exe [185640 2011-06-07] (SupportSoft, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2008-05-19] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-23] (AVG Technologies)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-23 15:55 - 2014-07-23 15:56 - 00016942 _____ () C:\Users\Scott\Downloads\FRST.txt
2014-07-23 15:54 - 2014-07-23 15:55 - 00000000 ____D () C:\FRST
2014-07-23 15:53 - 2014-07-23 15:54 - 01082368 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-07-23 15:52 - 2014-07-23 15:52 - 02091520 _____ (Farbar) C:\Users\Scott\Downloads\FRST64.exe
2014-07-22 22:56 - 2014-07-22 22:56 - 00004041 _____ () C:\Users\Scott\Desktop\aswMBR.txt2.txt
2014-07-22 21:41 - 2014-07-22 22:56 - 00000512 _____ () C:\Users\Scott\Desktop\MBR.dat
2014-07-22 21:41 - 2014-07-22 21:41 - 00002138 _____ () C:\Users\Scott\Desktop\aswMBR.txt1.txt
2014-07-22 21:19 - 2014-07-22 21:19 - 00143728 _____ () C:\Windows\Minidump\Mini072214-01.dmp
2014-07-22 21:09 - 2014-07-22 21:09 - 05185536 _____ (AVAST Software) C:\Users\Scott\Downloads\aswMBR.exe
2014-07-21 22:54 - 2014-07-21 22:54 - 00000901 _____ () C:\Users\Scott\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 14:28 - 2014-07-21 22:55 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 14:25 - 2014-07-21 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 14:25 - 2014-07-21 22:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-20 14:25 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 14:25 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-20 14:23 - 2014-07-20 14:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 14:21 - 2014-07-20 14:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-20 14:20 - 2014-07-20 14:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-20 13:56 - 2014-07-20 13:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 13:53 - 2014-07-20 13:53 - 00001886 _____ () C:\Users\Scott\Desktop\JRT.txt
2014-07-20 13:49 - 2014-07-20 13:49 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 13:48 - 2014-07-20 13:48 - 01016261 _____ (Thisisu) C:\Users\Scott\Downloads\JRT (1).exe
2014-07-20 13:46 - 2014-07-20 13:46 - 01016261 _____ (Thisisu) C:\Users\Scott\Downloads\JRT.exe
2014-07-20 13:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-20 13:30 - 2014-07-20 13:33 - 00000000 ____D () C:\AdwCleaner
2014-07-20 13:29 - 2014-07-20 13:29 - 01354223 _____ () C:\Users\Scott\Downloads\AdwCleaner (1).exe
2014-07-20 13:20 - 2014-07-20 13:20 - 00028573 _____ () C:\Users\Scott\Desktop\download.htm
2014-07-20 13:18 - 2014-07-20 13:18 - 01354223 _____ () C:\Users\Scott\Downloads\AdwCleaner.exe
2014-07-19 20:36 - 2014-07-19 20:36 - 00000579 _____ () C:\Users\Scott\Desktop\aswMBR.txt
2014-07-19 20:30 - 2014-07-19 20:30 - 05185536 _____ (AVAST Software) C:\Users\Scott\Desktop\aswMBR.exe
2014-07-19 20:18 - 2014-07-19 20:18 - 00002623 _____ () C:\Users\Scott\Desktop\attach.zip
2014-07-19 20:11 - 2014-07-19 20:11 - 00005881 _____ () C:\Users\Scott\Desktop\attach.txt
2014-07-19 20:11 - 2014-07-19 20:10 - 00016668 _____ () C:\Users\Scott\Desktop\dds.txt
2014-07-19 20:09 - 2014-07-19 20:09 - 00688992 ____R (Swearware) C:\Users\Scott\Downloads\dds.scr
2014-07-18 20:11 - 2014-07-19 20:15 - 00000000 ____D () C:\Users\Scott\Desktop\OTL
2014-07-18 20:06 - 2014-07-18 20:11 - 00071882 _____ () C:\Users\Scott\Downloads\Extras.Txt
2014-07-18 20:03 - 2014-07-18 20:12 - 00160172 _____ () C:\Users\Scott\Downloads\OTL.Txt
2014-07-18 19:41 - 2014-07-18 19:41 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-07-16 20:35 - 2014-07-16 20:35 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-16 20:35 - 2014-07-16 20:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 20:34 - 2014-07-16 20:34 - 04748896 _____ (Piriform Ltd) C:\Users\Scott\Downloads\ccsetup414.exe
2014-07-09 13:29 - 2014-06-06 19:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:29 - 2014-06-06 03:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:29 - 2014-05-30 01:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 13:28 - 2014-05-28 02:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:28 - 2014-05-28 02:08 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:28 - 2014-05-28 02:08 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 13:28 - 2014-05-28 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-09 13:28 - 2014-05-28 02:04 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-07-09 13:28 - 2014-05-28 02:03 - 06023168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:28 - 2014-05-28 02:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:28 - 2014-05-28 02:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:28 - 2014-05-28 02:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 13:28 - 2014-05-28 02:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 11082752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:28 - 2014-05-28 02:02 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:28 - 2014-05-28 02:02 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:28 - 2014-05-28 02:00 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-07-09 13:28 - 2014-05-28 00:26 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-09 13:28 - 2014-05-27 22:44 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:28 - 2014-05-27 22:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 13:28 - 2014-05-27 22:42 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:28 - 2014-05-27 22:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-01 11:10 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Scott\Documents\Ann's & Ehsan's Wedding
==================== One Month Modified Files and Folders =======
2014-07-23 15:56 - 2014-07-23 15:55 - 00016942 _____ () C:\Users\Scott\Downloads\FRST.txt
2014-07-23 15:55 - 2014-07-23 15:54 - 00000000 ____D () C:\FRST
2014-07-23 15:54 - 2014-07-23 15:53 - 01082368 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-07-23 15:54 - 2008-08-06 05:14 - 01563519 _____ () C:\Windows\WindowsUpdate.log
2014-07-23 15:52 - 2014-07-23 15:52 - 02091520 _____ (Farbar) C:\Users\Scott\Downloads\FRST64.exe
2014-07-23 15:51 - 2006-11-02 05:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-23 15:50 - 2011-05-01 23:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-23 15:47 - 2011-12-11 20:42 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-23 15:45 - 2011-01-07 20:34 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-23 15:45 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-23 15:45 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-23 15:45 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 23:00 - 2006-11-02 08:01 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-22 22:56 - 2014-07-22 22:56 - 00004041 _____ () C:\Users\Scott\Desktop\aswMBR.txt2.txt
2014-07-22 22:56 - 2014-07-22 21:41 - 00000512 _____ () C:\Users\Scott\Desktop\MBR.dat
2014-07-22 22:45 - 2014-02-21 11:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 22:12 - 2011-01-07 20:34 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 21:41 - 2014-07-22 21:41 - 00002138 _____ () C:\Users\Scott\Desktop\aswMBR.txt1.txt
2014-07-22 21:19 - 2014-07-22 21:19 - 00143728 _____ () C:\Windows\Minidump\Mini072214-01.dmp
2014-07-22 21:19 - 2014-05-26 12:19 - 280050446 _____ () C:\Windows\MEMORY.DMP
2014-07-22 21:19 - 2011-10-22 10:42 - 00000000 ____D () C:\Windows\Minidump
2014-07-22 21:09 - 2014-07-22 21:09 - 05185536 _____ (AVAST Software) C:\Users\Scott\Downloads\aswMBR.exe
2014-07-21 22:55 - 2014-07-20 14:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 22:55 - 2014-07-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-21 22:55 - 2014-07-20 14:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-21 22:55 - 2012-06-22 20:21 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-21 22:54 - 2014-07-21 22:54 - 00000901 _____ () C:\Users\Scott\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 22:38 - 2008-01-20 21:47 - 00550652 _____ () C:\Windows\PFRO.log
2014-07-20 14:26 - 2010-03-02 20:21 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Malwarebytes
2014-07-20 14:26 - 2010-03-02 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 14:23 - 2014-07-20 14:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 14:21 - 2014-07-20 14:21 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-20 14:21 - 2014-07-20 14:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-20 13:56 - 2014-07-20 13:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 13:53 - 2014-07-20 13:53 - 00001886 _____ () C:\Users\Scott\Desktop\JRT.txt
2014-07-20 13:49 - 2014-07-20 13:49 - 00000000 ____D () C:\Windows\ERUNT
2014-07-20 13:48 - 2014-07-20 13:48 - 01016261 _____ (Thisisu) C:\Users\Scott\Downloads\JRT (1).exe
2014-07-20 13:46 - 2014-07-20 13:46 - 01016261 _____ (Thisisu) C:\Users\Scott\Downloads\JRT.exe
2014-07-20 13:33 - 2014-07-20 13:30 - 00000000 ____D () C:\AdwCleaner
2014-07-20 13:29 - 2014-07-20 13:29 - 01354223 _____ () C:\Users\Scott\Downloads\AdwCleaner (1).exe
2014-07-20 13:20 - 2014-07-20 13:20 - 00028573 _____ () C:\Users\Scott\Desktop\download.htm
2014-07-20 13:18 - 2014-07-20 13:18 - 01354223 _____ () C:\Users\Scott\Downloads\AdwCleaner.exe
2014-07-19 20:36 - 2014-07-19 20:36 - 00000579 _____ () C:\Users\Scott\Desktop\aswMBR.txt
2014-07-19 20:30 - 2014-07-19 20:30 - 05185536 _____ (AVAST Software) C:\Users\Scott\Desktop\aswMBR.exe
2014-07-19 20:19 - 2014-02-21 08:17 - 00005881 _____ () C:\Users\Scott\Desktop\New Text Document.txt
2014-07-19 20:18 - 2014-07-19 20:18 - 00002623 _____ () C:\Users\Scott\Desktop\attach.zip
2014-07-19 20:15 - 2014-07-18 20:11 - 00000000 ____D () C:\Users\Scott\Desktop\OTL
2014-07-19 20:11 - 2014-07-19 20:11 - 00005881 _____ () C:\Users\Scott\Desktop\attach.txt
2014-07-19 20:10 - 2014-07-19 20:11 - 00016668 _____ () C:\Users\Scott\Desktop\dds.txt
2014-07-19 20:09 - 2014-07-19 20:09 - 00688992 ____R (Swearware) C:\Users\Scott\Downloads\dds.scr
2014-07-18 20:12 - 2014-07-18 20:03 - 00160172 _____ () C:\Users\Scott\Downloads\OTL.Txt
2014-07-18 20:11 - 2014-07-18 20:06 - 00071882 _____ () C:\Users\Scott\Downloads\Extras.Txt
2014-07-18 19:41 - 2014-07-18 19:41 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-07-18 14:30 - 2012-07-06 15:31 - 00000000 ____D () C:\Users\Scott\AppData\Local\WeatherBug
2014-07-16 22:06 - 2012-09-11 11:44 - 00000000 ____D () C:\Users\Scott\Desktop\RetroSeal
2014-07-16 22:06 - 2012-07-06 15:31 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
2014-07-16 22:06 - 2011-11-10 22:20 - 00000000 ____D () C:\Windows\system32\cache
2014-07-16 22:06 - 2011-08-23 21:05 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\PCHC
2014-07-16 22:06 - 2011-01-21 19:48 - 00000000 ____D () C:\Users\Scott\Desktop\Cassie Rock carp**
2014-07-16 22:06 - 2011-01-21 18:47 - 00000000 ____D () C:\Users\Scott\Desktop\Cassie Cd
2014-07-16 22:06 - 2011-01-14 01:11 - 00000000 ____D () C:\Users\Scott\Documents\Word Docs
2014-07-16 22:06 - 2010-10-30 12:40 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Riverpoint Writer
2014-07-16 22:06 - 2010-10-30 12:40 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riverpoint Writer
2014-07-16 22:06 - 2010-04-14 20:47 - 00000000 ____D () C:\Users\Scott\Desktop\2010 PICS
2014-07-16 22:06 - 2010-03-03 22:13 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Skype
2014-07-16 22:06 - 2010-02-27 13:43 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\W Photo Studio Viewer
2014-07-16 22:06 - 2010-02-24 17:56 - 00000000 ____D () C:\Users\Scott\Desktop\show pics
2014-07-16 22:06 - 2008-09-24 12:39 - 00000000 ___RD () C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-16 22:06 - 2008-09-24 12:39 - 00000000 ___RD () C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-16 22:06 - 2008-09-24 12:39 - 00000000 ____D () C:\Users\Scott
2014-07-16 22:06 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\ShellNew
2014-07-16 22:06 - 2006-11-02 06:18 - 00000000 __RSD () C:\Windows\Media
2014-07-16 22:06 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool
2014-07-16 22:05 - 2013-12-10 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-16 22:05 - 2011-01-07 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-16 22:05 - 2008-09-24 12:40 - 00000000 ____D () C:\Users\Scott\AppData\Local\MediaDirect
2014-07-16 22:05 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-16 22:05 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
2014-07-16 20:35 - 2014-07-16 20:35 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-16 20:35 - 2014-07-16 20:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 20:34 - 2014-07-16 20:34 - 04748896 _____ (Piriform Ltd) C:\Users\Scott\Downloads\ccsetup414.exe
2014-07-11 08:22 - 2006-11-02 07:47 - 00380904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:13 - 2013-12-13 21:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 08:10 - 2006-11-02 05:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 13:45 - 2014-02-21 11:38 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 13:45 - 2011-08-23 20:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-03 12:22 - 2014-07-01 11:10 - 00000000 ____D () C:\Users\Scott\Documents\Ann's & Ehsan's Wedding
2014-07-03 11:15 - 2010-11-04 17:58 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2014-07-03 11:13 - 2014-05-20 00:32 - 00000800 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-03 11:08 - 2011-10-12 23:36 - 00000000 ___HD () C:\$AVG
2014-06-23 08:22 - 2013-01-04 15:36 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
Some content of TEMP:
====================
C:\Users\Scott\AppData\Local\Temp\AMPing.exe
C:\Users\Scott\AppData\Local\Temp\ApnIC.dll
C:\Users\Scott\AppData\Local\Temp\ApnStub.exe
C:\Users\Scott\AppData\Local\Temp\InstallManager_BAB_BAB.exe
C:\Users\Scott\AppData\Local\Temp\Quarantine.exe
C:\Users\Scott\AppData\Local\Temp\_is1A42.exe
C:\Users\Scott\AppData\Local\Temp\_is3F7E.exe
C:\Users\Scott\AppData\Local\Temp\_isC945.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-23 15:53
==================== End Of Log ============================
Here is the Addition.txt.
Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-07-2014 01
Ran by Scott at 2014-07-23 15:56:46
Running from C:\Users\Scott\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Adobe Acrobat 7.0 Professional (Version: 7.0.0 - Adobe Systems) Hidden
Adobe Bridge 1.0 (HKLM\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Common File Installer (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe Flash Player 10 Plugin (HKLM\...\{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}) (Version: 10.0.45.2 - Adobe Systems, Inc.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Reader 9.5.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Aleks 3.8 (HKLM\...\Aleks 3.8) (Version: - )
Apple Application Support (HKLM\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}) (Version: 3.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Bing Bar (HKLM\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{8A253629-0511-4854-8B4E-46E57E66005C}) (Version: 2.0.1.2 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CenturyLink Installer (HKLM\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
CenturyLink Personal Digital Vault™ (HKLM\...\{B97FD5DD-1226-49AD-AE6C-BF9DE1468F05}) (Version: 1.0.0004 - CenturyLink)
CenturyLink QuickCare 2.7 (HKLM\...\CenturyLinkQuickCare_is1) (Version: 2.7.1106.1010 - CenturyLink)
Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
D1500 (Version: 100.0.206.000 - Hewlett-Packard) Hidden
D1500_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DJ_SF_03_D1500_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
DJ_SF_03_D1500_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
dj6980 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Driver Whiz (HKLM\...\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}) (Version: 8.0.1 - Driver Whiz)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
EPSON Attach To Email (HKLM\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
EPSON Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 1.80.00 - )
EPSON Perfection V200 Photo Scanner Driver Update (HKLM\...\{1C278B97-9D25-48B0-9A4E-F4F2BB992043}) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.11.00 - )
Free NaturalReader (HKLM\...\{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}) (Version: 9.0 - NaturalSoft Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (HKLM\...\{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}) (Version: 10.0 - HP)
HP Deskjet Printer Driver Software. 8.0.B (HKLM\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
InboxAce Internet Explorer Toolbar (HKLM\...\InboxAce_1gbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
iTunes (HKLM\...\{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}) (Version: 9.1.1.12 - Apple Inc.)
Java 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)
Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)
LP6980_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
LP6980Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
MathGV 4 (HKLM\...\{5EF2B896-B1C1-46E8-83AD-4F940B7A5982}) (Version: 4.0.0 - MathGV)
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MGTEK dopisp (HKLM\...\{C25D2594-3136-4B33-9D32-8F0F5E81F349}) (Version: 5.1.2594 - MGTEK)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)
MyCenturyLink Toolbar (HKLM\...\qwesttoolbar) (Version: - CenturyLink)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
Office Depot PC Support Agent (HKLM\...\Office Depot PC Support Agent) (Version: 12.0.212.3 - Support.com, Inc.)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Respondus LockDown Browser (HKLM\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Riverpoint Writer (HKCU\...\FF389026-F961-42C5-BACD-B4A3AA73E0F3) (Version: 1.0 - Apollo Group, Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SF_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
SF_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
ShopAtHome.com Toolbar (HKLM\...\SelectRebatesUninstall) (Version: - )
Skype Toolbars (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Suite Specific (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WeatherBug (HKLM\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )
==================== Custom CLSID entries: ==========================
CustomCLSID: HKU\S-1-5-21-4285762069-3129431747-2670039461-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4285762069-3129431747-2670039461-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4285762069-3129431747-2670039461-1000_Classes\CLSID\{5fdb0cd8-5760-44d1-8d13-a78bf558c3c7}\InprocServer32 -> C:\Program Files\InboxAce_1g\bar\1.bin\1gSrcAs.dll No File
CustomCLSID: HKU\S-1-5-21-4285762069-3129431747-2670039461-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
==================== Restore Points =========================
15-06-2014 05:00:01 Scheduled Checkpoint
16-06-2014 11:17:47 Scheduled Checkpoint
17-06-2014 06:00:55 Scheduled Checkpoint
18-06-2014 23:08:59 Scheduled Checkpoint
19-06-2014 23:28:28 Scheduled Checkpoint
23-06-2014 14:53:10 Scheduled Checkpoint
24-06-2014 05:00:01 Scheduled Checkpoint
25-06-2014 01:40:56 Scheduled Checkpoint
01-07-2014 18:46:31 Scheduled Checkpoint
09-07-2014 20:58:10 Scheduled Checkpoint
11-07-2014 13:09:51 Windows Update
17-07-2014 02:02:42 Scheduled Checkpoint
17-07-2014 02:24:30 Restore Operation
17-07-2014 02:52:33 Restore Operation
18-07-2014 19:44:21 Restore Operation
19-07-2014 00:48:10 OTL Restore Point - 7/18/2014 7:48:10 PM
20-07-2014 03:15:26 Scheduled Checkpoint
21-07-2014 04:24:38 Scheduled Checkpoint
22-07-2014 05:16:32 Scheduled Checkpoint
==================== Hosts content: ==========================
2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3388939A-D930-4859-8896-D3C52F758AF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {5698D810-CDAA-4265-A86A-8E94E997AC23} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-07] (Google Inc.)
Task: {94BAC943-A000-47A0-8B98-D6E9F17BBBBA} - System32\Tasks\{71747592-822A-4F68-9B3C-3DB3B6BB1AE7} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {A540D80F-4C5C-4132-8707-A5B9B4C4170C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-07] (Google Inc.)
Task: {AFB40540-DE88-4AB4-8FAE-B86E39B51BB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {B6D45A37-630A-419A-8703-32D8678078E3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {CBD71D60-1E13-4E90-A4E0-8FBD0A6F601E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{C5FFA201-7D4E-478A-ACA0-BE1EAD823C05}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2008-08-06 10:33 - 2008-05-19 01:26 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-08-06 10:33 - 2008-05-19 01:25 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll
2014-07-19 20:22 - 2014-07-15 04:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-19 20:22 - 2014-07-15 04:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-19 20:22 - 2014-07-15 04:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Office Depot PC Support Agent => ""="Office Depot PC Support Agent"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Office Depot PC Support Agent => ""="Office Depot PC Support Agent"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe
MSCONFIG\startupreg: CenturyLinkTouchPointAgent => "C:\Program Files\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe" /autostart
MSCONFIG\startupreg: DELL Webcam Manager => "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe
MSCONFIG\startupreg: EEventManager => C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAAnotif => "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: OEM02Mon.exe => C:\Windows\OEM02Mon.exe
MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickCare => C:\Program Files\CenturyLink\QuickCare\bin\sprtcmd.exe /P QuickCare
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Qwest Personal Digital Vault => "C:\Program Files\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: SelectRebates => C:\Program Files\SelectRebates\SelectRebates.exe
MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: Weather => C:\Program Files\AWS\WeatherBug\Weather.exe 1
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2014 03:47:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bcmwltry.exe, version 4.170.25.12, time stamp 0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x01d29362,
process id 0x770, application start time 0xbcmwltry.exe0.
Error: (07/23/2014 03:46:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 09:20:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 08:43:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bcmwltry.exe, version 4.170.25.12, time stamp 0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x04729a02,
process id 0x764, application start time 0xbcmwltry.exe0.
Error: (07/22/2014 08:43:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2014 10:34:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2014 02:12:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bcmwltry.exe, version 4.170.25.12, time stamp 0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x01b29a02,
process id 0x770, application start time 0xbcmwltry.exe0.
Error: (07/21/2014 02:11:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/20/2014 10:48:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/20/2014 10:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bcmwltry.exe, version 4.170.25.12, time stamp 0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x01b79752,
process id 0x74c, application start time 0xbcmwltry.exe0.
System errors:
=============
Error: (07/23/2014 03:47:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/23/2014 03:47:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/23/2014 03:47:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/23/2014 03:47:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/23/2014 03:47:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service
Error: (07/23/2014 03:46:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (07/22/2014 09:21:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/22/2014 09:21:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/22/2014 09:21:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Error: (07/22/2014 09:21:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BCM42RLY%%2
Microsoft Office Sessions:
=========================
Error: (07/23/2014 03:47:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe4.170.25.1246f3437aunknown0.0.0.000000000c000000501d2936277001cfa6b70321ce7d
Error: (07/23/2014 03:46:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 09:20:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 08:43:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe4.170.25.1246f3437aunknown0.0.0.000000000c000000504729a0276401cfa6174a5ae3de
Error: (07/22/2014 08:43:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2014 10:34:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/21/2014 02:12:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe4.170.25.1246f3437aunknown0.0.0.000000000c000000501b29a0277001cfa51772b12edf
Error: (07/21/2014 02:11:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/20/2014 10:48:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/20/2014 10:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bcmwltry.exe4.170.25.1246f3437aunknown0.0.0.000000000c000000501b7975274c01cfa4953b7cafd3
CodeIntegrity Errors:
===================================
Date: 2014-07-23 15:56:38.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:37.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:37.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:37.224
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:36.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:36.409
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:36.062
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:35.704
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:05.884
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-23 15:56:05.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 3061.31 MB
Available physical RAM: 1287.53 MB
Total Pagefile: 6328.88 MB
Available Pagefile: 4381.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.58 GB) (Free:127.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:5.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=221 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=OF Extended)
==================== End Of Log ============================
I didn;t click on fix.