Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

very slow on startup and I see www.v9.com in browser when super slow [

v9.com super slow

  • This topic is locked This topic is locked
37 replies to this topic

#16 ronlewjr

ronlewjr

    Authentic Member

  • Authentic Member
  • PipPip
  • 42 posts

Posted 23 September 2014 - 11:28 AM

oh oh,  wow does not sound good.


    Advertisements

Register to Remove


#17 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 23 September 2014 - 11:28 AM

Sorry, forgot we had not run FRST yet

 

 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties
 
 
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #18 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 11:28 AM

    No thats good, Malwarebytes removed a ton of garbage



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #19 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 11:36 AM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2014
    Ran by g (administrator) on RONS-ALIENWARE on 23-09-2014 10:34:37
    Running from C:\Users\g\Desktop
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 10
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
    () C:\Users\g\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [] => [X]
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-4093186601-1063034090-4258288859-1002\...\Run: [Artisan 720(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYA.EXE [224768 2010-01-11] (SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-4093186601-1063034090-4258288859-1002\...\MountPoints2: {70a2b40b-6044-11e3-908d-d4bed9fc8f7b} - D:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-4093186601-1063034090-4258288859-1002\...\MountPoints2: {70a2b5f1-6044-11e3-908d-d4bed9fc8f7b} - D:\LiteAuto.exe
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-26] (NVIDIA Corporation)
    AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-26] (NVIDIA Corporation)
    ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
    ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
    ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
    HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,es-GT;q=0.5
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\q0x8jozo.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @spoon.net/Spoon Plugin 3.33 -> C:\Program Files (x86)\Spoon\3.33.6.270\npMozillaSpoonPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-23]
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-25]
    FF Extension: No Name - C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\q0x8jozo.default\extensions\faststartff@gmail.com [Not Found]
     
    Chrome: 
    =======
    CHR Profile: C:\Users\g\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-03]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
    CHR Extension: (Motive Extension) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-04-11]
    CHR Extension: (Google Wallet) - C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
    CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2013-08-26]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S2 ACT! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [81920 2008-07-31] (Sage Software, Inc.) [File not signed]
    R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [13168 2012-06-18] (Alienware)
    R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 MSI_ODD_Service; c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe [76800 2011-10-04] (Micro-Star Int'l Co., Ltd.) [File not signed]
    R2 MSSQL$ACT7; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [361472 2012-03-13] (Alcatel-Lucent) [File not signed]
    R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [441344 2012-03-13] (Alcatel-Lucent) [File not signed]
    R2 pcServiceHost; C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe [342528 2013-04-01] (Alcatel-Lucent) [File not signed]
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
    R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140922.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2012-03-13] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2012-03-13] (Printing Communications Assoc., Inc. (PCAUSA))
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2012-03-13] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    R3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2012-03-13] (Printing Communications Assoc., Inc. (PCAUSA))
    R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140922.033\ENG64.SYS [129752 2014-08-20] (Symantec Corporation)
    R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140922.033\EX64.SYS [2137304 2014-08-20] (Symantec Corporation)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
    R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
    R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [100352 2011-09-15] (Renesas Electronics Corporation)
    R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [216064 2011-09-15] (Renesas Electronics Corporation)
    R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
    S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-08-26] (Samsung Electronics)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-24] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
    S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S4 NvStUSB; \SystemRoot\system32\drivers\nvstusb.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-09-23 10:34 - 2014-09-23 10:34 - 00020747 _____ () C:\Users\g\Desktop\FRST.txt
    2014-09-23 10:33 - 2014-09-23 10:34 - 00000000 ____D () C:\FRST
    2014-09-23 10:31 - 2014-09-23 10:30 - 02106368 _____ (Farbar) C:\Users\g\Desktop\FRST64.exe
    2014-09-23 10:30 - 2014-09-23 10:30 - 02106368 _____ (Farbar) C:\Users\g\Downloads\FRST64.exe
    2014-09-23 09:37 - 2014-09-23 09:37 - 00000876 _____ () C:\Users\g\Desktop\JRT.txt
    2014-09-23 09:33 - 2014-09-23 09:33 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-23 09:32 - 2014-09-23 09:31 - 01024790 _____ (Thisisu) C:\Users\g\Desktop\JRT.exe
    2014-09-23 09:30 - 2014-09-23 09:31 - 01024790 _____ (Thisisu) C:\Users\g\Downloads\JRT.exe
    2014-09-23 09:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-09-23 09:24 - 2014-09-23 09:26 - 00000000 ____D () C:\AdwCleaner
    2014-09-23 09:23 - 2014-09-23 09:22 - 01373475 _____ () C:\Users\g\Desktop\adwcleaner_3.310.exe
    2014-09-23 09:22 - 2014-09-23 09:22 - 01373475 _____ () C:\Users\g\Downloads\adwcleaner_3.310.exe
    2014-09-21 20:07 - 2014-09-23 09:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-21 20:06 - 2014-09-21 20:06 - 00001126 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-21 20:06 - 2014-09-21 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-21 20:06 - 2014-09-21 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-21 20:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-21 20:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-20 08:57 - 2014-09-20 08:57 - 00014981 _____ () C:\Users\g\Desktop\hijackthis.log
    2014-09-20 08:57 - 2014-09-20 08:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\g\Desktop\HiJackThis.exe
    2014-09-20 08:54 - 2014-09-20 08:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\g\Downloads\HiJackThis.exe
    2014-09-20 08:54 - 2014-09-20 08:54 - 00014861 _____ () C:\Users\g\Downloads\hijackthis.log
    2014-09-18 13:38 - 2014-09-18 13:38 - 112332800 _____ () C:\Users\g\Desktop\linda current-2014-09-18.QDF-backup
    2014-09-16 23:09 - 2014-09-16 23:09 - 00000210 _____ () C:\Users\g\Downloads\Close_Reading.ics
    2014-09-14 13:01 - 2014-09-14 13:01 - 12835784 _____ (Macrovision Corporation) C:\Users\g\Downloads\MovieTracer_1004a.exe
    2014-09-13 01:17 - 2014-09-13 13:27 - 00000000 ____D () C:\Users\g\Documents\Sony PMB
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001838 _____ () C:\Users\Public\Desktop\PMB Help.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001129 _____ () C:\Users\Public\Desktop\PMB.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001056 _____ () C:\Users\Public\Desktop\PMB Launcher.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
    2014-09-13 01:12 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2014-09-13 01:12 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2014-09-12 23:48 - 2014-09-12 23:49 - 04191321 _____ () C:\Users\g\Downloads\IMG_0033.MOV
    2014-09-12 15:27 - 2014-09-12 15:27 - 00061995 _____ () C:\Users\g\Downloads\Apr2014_City_Rates.xlsx
    2014-09-12 15:15 - 2014-09-12 15:15 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a (2).exe
    2014-09-11 22:43 - 2014-09-11 22:44 - 36999144 _____ (Narrative) C:\Users\g\Downloads\NarrativeUploader.exe
    2014-09-09 16:56 - 2014-09-09 16:56 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a (1).exe
    2014-09-09 16:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2014-09-09 16:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2014-09-09 16:20 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2014-09-09 16:20 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2014-09-09 16:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2014-09-09 16:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2014-09-09 16:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2014-09-09 16:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2014-09-09 16:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2014-09-09 16:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2014-09-09 16:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2014-09-09 16:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2014-09-09 16:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2014-09-09 16:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2014-09-09 16:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2014-09-09 16:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2014-09-09 16:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2014-09-09 16:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2014-09-09 16:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2014-09-09 16:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2014-09-09 16:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2014-09-09 16:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2014-09-09 16:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2014-09-09 16:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2014-09-09 16:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2014-09-09 16:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2014-09-09 16:19 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2014-09-09 16:19 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2014-09-09 16:19 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2014-09-09 16:19 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2014-09-09 16:19 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2014-09-09 16:19 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2014-09-09 16:19 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2014-09-09 16:19 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2014-09-09 16:19 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2014-09-09 16:19 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2014-09-09 16:19 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2014-09-09 16:19 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2014-09-09 16:19 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2014-09-09 16:19 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2014-09-09 16:19 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2014-09-09 16:19 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2014-09-09 16:19 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2014-09-09 16:19 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2014-09-09 16:14 - 2014-09-14 15:29 - 00000000 ____D () C:\Program Files (x86)\Sony
    2014-09-09 16:13 - 2014-09-13 01:11 - 00000000 ____D () C:\ProgramData\Sony Corporation
    2014-09-09 16:03 - 2014-09-09 16:03 - 00003028 _____ () C:\Windows\System32\Tasks\{96D74858-05F7-4B2A-8C2A-689DAC89985E}
    2014-09-09 16:00 - 2014-09-09 16:00 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a.exe
    2014-09-09 15:55 - 2014-09-09 15:55 - 06892672 _____ () C:\Users\g\Downloads\PMBP_WIN57_Upgrade1208a.exe
    2014-09-09 15:54 - 2014-09-13 01:17 - 00000000 ____D () C:\Users\g\AppData\Roaming\Sony Corporation
    2014-09-09 13:05 - 2014-09-09 13:05 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2014-09-09 13:02 - 2014-09-09 13:02 - 00000000 ____D () C:\Users\g\.MCTranscodingSDK
    2014-09-09 12:57 - 2014-09-09 13:06 - 00000000 ____D () C:\Users\Public\Documents\Lightworks
    2014-09-09 12:57 - 2014-09-09 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
    2014-09-09 12:57 - 2014-09-09 12:57 - 00000000 ____D () C:\ProgramData\Geevs
    2014-09-09 12:56 - 2014-09-18 15:49 - 00000000 ____D () C:\Program Files (x86)\Lightworks
    2014-09-09 12:45 - 2014-09-09 12:46 - 79044088 _____ (Lightworks) C:\Users\g\Downloads\lwks.download.32.exe
    2014-09-09 12:43 - 2014-09-09 12:43 - 00655896 _____ () C:\Users\g\Downloads\lightworks-setup.exe
    2014-09-09 11:16 - 2014-09-09 11:16 - 00001421 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\Program Files (x86)\Seagate
    2014-09-09 11:13 - 2014-09-09 11:13 - 26771088 _____ () C:\Users\g\Downloads\SeaToolsforWindowsSetup.exe
    2014-09-09 10:01 - 2014-09-09 10:01 - 02297856 _____ () C:\Users\g\Desktop\Ron Quicken-2014-09-09.QDF-backup
    2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 ____D () C:\Users\g\AppData\Local\Skype
    2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2014-09-04 12:08 - 2014-09-04 12:08 - 00019066 _____ () C:\Users\g\Documents\My Movie.wlmp
    2014-09-04 10:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2014-09-04 10:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2014-09-04 10:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2014-09-04 10:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2014-09-04 10:20 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2014-09-04 10:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2014-09-04 10:20 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2014-09-04 10:20 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2014-09-04 10:19 - 2014-09-13 01:12 - 00160292 _____ () C:\Windows\DirectX.log
    2014-09-04 10:19 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2014-09-04 10:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
    2014-09-04 10:19 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2014-09-04 10:19 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2014-09-04 10:18 - 2014-09-18 16:38 - 00000000 ____D () C:\Users\g\AppData\Local\Windows Live
    2014-09-04 10:17 - 2014-09-04 10:17 - 01239752 _____ (Microsoft Corporation) C:\Users\g\Downloads\wlsetup-web.exe
    2014-09-01 21:04 - 2014-09-04 12:38 - 00000000 ____D () C:\Users\g\Documents\Wondershare Video Editor
    2014-09-01 21:04 - 2014-09-01 21:04 - 00000000 ____D () C:\Users\g\AppData\Local\Wondershare
    2014-09-01 21:03 - 2014-09-01 21:03 - 00745248 _____ (Wondershare) C:\Users\g\Downloads\video-editor_setup_full846.exe
    2014-09-01 21:03 - 2014-09-01 21:03 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
    2014-09-01 14:57 - 2014-09-01 14:57 - 00449633 _____ () C:\Users\g\Downloads\what your classmates sound like.wma
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-09-23 10:34 - 2014-09-23 10:34 - 00020747 _____ () C:\Users\g\Desktop\FRST.txt
    2014-09-23 10:34 - 2014-09-23 10:33 - 00000000 ____D () C:\FRST
    2014-09-23 10:31 - 2014-05-16 15:15 - 00000000 ____D () C:\Users\g\Documents\Divorce backup
    2014-09-23 10:30 - 2014-09-23 10:31 - 02106368 _____ (Farbar) C:\Users\g\Desktop\FRST64.exe
    2014-09-23 10:30 - 2014-09-23 10:30 - 02106368 _____ (Farbar) C:\Users\g\Downloads\FRST64.exe
    2014-09-23 10:21 - 2012-10-26 22:27 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-23 10:18 - 2013-07-20 00:31 - 00000099 _____ () C:\Users\Public\LMDebug.log
    2014-09-23 10:05 - 2012-09-14 18:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-23 09:38 - 2009-07-13 21:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-23 09:38 - 2009-07-13 21:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-23 09:37 - 2014-09-23 09:37 - 00000876 _____ () C:\Users\g\Desktop\JRT.txt
    2014-09-23 09:34 - 2012-09-14 20:09 - 01171512 _____ () C:\Windows\WindowsUpdate.log
    2014-09-23 09:33 - 2014-09-23 09:33 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-23 09:31 - 2014-09-23 09:32 - 01024790 _____ (Thisisu) C:\Users\g\Desktop\JRT.exe
    2014-09-23 09:31 - 2014-09-23 09:30 - 01024790 _____ (Thisisu) C:\Users\g\Downloads\JRT.exe
    2014-09-23 09:29 - 2014-09-21 20:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-23 09:28 - 2014-06-01 01:00 - 00020614 _____ () C:\Windows\setupact.log
    2014-09-23 09:28 - 2014-01-16 09:18 - 00000000 ____D () C:\Users\g\AppData\Local\HTC MediaHub
    2014-09-23 09:28 - 2012-12-26 21:52 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-09-23 09:28 - 2012-10-26 22:27 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-23 09:28 - 2012-09-14 18:40 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
    2014-09-23 09:28 - 2012-09-14 18:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
    2014-09-23 09:28 - 2012-09-14 18:34 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
    2014-09-23 09:28 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-23 09:27 - 2014-04-08 06:32 - 00332576 _____ () C:\Windows\PFRO.log
    2014-09-23 09:26 - 2014-09-23 09:24 - 00000000 ____D () C:\AdwCleaner
    2014-09-23 09:22 - 2014-09-23 09:23 - 01373475 _____ () C:\Users\g\Desktop\adwcleaner_3.310.exe
    2014-09-23 09:22 - 2014-09-23 09:22 - 01373475 _____ () C:\Users\g\Downloads\adwcleaner_3.310.exe
    2014-09-23 07:27 - 2012-12-08 23:54 - 00000000 ____D () C:\Users\g\AppData\Local\Adobe
    2014-09-22 16:27 - 2013-07-21 00:12 - 00000000 ____D () C:\Users\g\AppData\Roaming\Skype
    2014-09-22 15:00 - 2013-07-19 03:25 - 00000000 ____D () C:\Users\g\Documents\Outlook Files
    2014-09-22 13:37 - 2013-07-25 17:10 - 00000000 ____D () C:\Program Files (x86)\Quicken
    2014-09-22 12:29 - 2013-07-18 10:54 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
    2014-09-21 20:06 - 2014-09-21 20:06 - 00001126 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-21 20:06 - 2014-09-21 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-21 20:06 - 2014-09-21 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-21 20:06 - 2013-12-02 12:06 - 00000000 ____D () C:\Users\g\AppData\Roaming\Malwarebytes
    2014-09-21 20:06 - 2013-12-02 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-21 20:06 - 2013-12-02 12:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-09-21 19:53 - 2014-07-06 12:28 - 00000000 ____D () C:\Program Files (x86)\Opera
    2014-09-21 19:52 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-09-21 19:51 - 2014-08-16 16:55 - 00000000 ____D () C:\ProgramData\eLicenser
    2014-09-20 18:04 - 2014-08-16 16:49 - 00000000 ____D () C:\Users\g\Desktop\Flower Drum Song
    2014-09-20 16:04 - 2009-07-13 22:13 - 00849626 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-20 08:57 - 2014-09-20 08:57 - 00014981 _____ () C:\Users\g\Desktop\hijackthis.log
    2014-09-20 08:54 - 2014-09-20 08:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\g\Desktop\HiJackThis.exe
    2014-09-20 08:54 - 2014-09-20 08:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\g\Downloads\HiJackThis.exe
    2014-09-20 08:54 - 2014-09-20 08:54 - 00014861 _____ () C:\Users\g\Downloads\hijackthis.log
    2014-09-19 17:46 - 2013-07-18 11:11 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA4E74E7-2854-4B97-9CC1-5FC574421287}
    2014-09-18 16:38 - 2014-09-04 10:18 - 00000000 ____D () C:\Users\g\AppData\Local\Windows Live
    2014-09-18 16:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-09-18 15:49 - 2014-09-09 12:56 - 00000000 ____D () C:\Program Files (x86)\Lightworks
    2014-09-18 13:38 - 2014-09-18 13:38 - 112332800 _____ () C:\Users\g\Desktop\linda current-2014-09-18.QDF-backup
    2014-09-18 13:36 - 2014-06-03 15:18 - 02338816 _____ () C:\Users\g\Documents\Ron Quicken.QDF
    2014-09-17 14:44 - 2014-06-03 15:19 - 01572576 _____ () C:\Users\g\Documents\Ron QuickenOFXLOG.DAT
    2014-09-16 23:09 - 2014-09-16 23:09 - 00000210 _____ () C:\Users\g\Downloads\Close_Reading.ics
    2014-09-16 14:01 - 2013-07-31 16:11 - 00000000 ____D () C:\Users\g\AppData\Local\Amazon Cloud Player
    2014-09-14 15:29 - 2014-09-09 16:14 - 00000000 ____D () C:\Program Files (x86)\Sony
    2014-09-14 15:29 - 2012-09-14 18:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-09-14 13:01 - 2014-09-14 13:01 - 12835784 _____ (Macrovision Corporation) C:\Users\g\Downloads\MovieTracer_1004a.exe
    2014-09-13 13:27 - 2014-09-13 01:17 - 00000000 ____D () C:\Users\g\Documents\Sony PMB
    2014-09-13 01:17 - 2014-09-09 15:54 - 00000000 ____D () C:\Users\g\AppData\Roaming\Sony Corporation
    2014-09-13 01:14 - 2013-07-26 06:05 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001838 _____ () C:\Users\Public\Desktop\PMB Help.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001129 _____ () C:\Users\Public\Desktop\PMB.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00001056 _____ () C:\Users\Public\Desktop\PMB Launcher.lnk
    2014-09-13 01:12 - 2014-09-13 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
    2014-09-13 01:12 - 2014-09-04 10:19 - 00160292 _____ () C:\Windows\DirectX.log
    2014-09-13 01:11 - 2014-09-09 16:13 - 00000000 ____D () C:\ProgramData\Sony Corporation
    2014-09-12 23:49 - 2014-09-12 23:48 - 04191321 _____ () C:\Users\g\Downloads\IMG_0033.MOV
    2014-09-12 23:31 - 2014-06-03 15:33 - 00000000 ____D () C:\Users\g\Documents\BACKUP
    2014-09-12 15:27 - 2014-09-12 15:27 - 00061995 _____ () C:\Users\g\Downloads\Apr2014_City_Rates.xlsx
    2014-09-12 15:15 - 2014-09-12 15:15 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a (2).exe
    2014-09-11 22:44 - 2014-09-11 22:43 - 36999144 _____ (Narrative) C:\Users\g\Downloads\NarrativeUploader.exe
    2014-09-10 21:24 - 2014-08-21 10:23 - 00000000 ____D () C:\Users\g\Desktop\Tee pics king and i
    2014-09-10 21:04 - 2013-07-31 16:11 - 00000000 ____D () C:\Users\g\AppData\Local\CrashDumps
    2014-09-10 17:13 - 2012-12-08 23:53 - 00000000 ____D () C:\Users\g
    2014-09-10 10:08 - 2013-07-26 21:05 - 00000000 ____D () C:\Users\g\Documents\Quicken
    2014-09-09 16:56 - 2014-09-09 16:56 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a (1).exe
    2014-09-09 16:03 - 2014-09-09 16:03 - 00003028 _____ () C:\Windows\System32\Tasks\{96D74858-05F7-4B2A-8C2A-689DAC89985E}
    2014-09-09 16:00 - 2014-09-09 16:00 - 03687352 _____ (Sony Corporation) C:\Users\g\Downloads\PMB56_Updater1105a.exe
    2014-09-09 15:55 - 2014-09-09 15:55 - 06892672 _____ () C:\Users\g\Downloads\PMBP_WIN57_Upgrade1208a.exe
    2014-09-09 13:06 - 2014-09-09 12:57 - 00000000 ____D () C:\Users\Public\Documents\Lightworks
    2014-09-09 13:05 - 2014-09-09 13:05 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2014-09-09 13:05 - 2012-09-14 18:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-09 13:05 - 2012-09-14 18:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-09 13:05 - 2012-09-14 18:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-09-09 13:02 - 2014-09-09 13:02 - 00000000 ____D () C:\Users\g\.MCTranscodingSDK
    2014-09-09 12:57 - 2014-09-09 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
    2014-09-09 12:57 - 2014-09-09 12:57 - 00000000 ____D () C:\ProgramData\Geevs
    2014-09-09 12:46 - 2014-09-09 12:45 - 79044088 _____ (Lightworks) C:\Users\g\Downloads\lwks.download.32.exe
    2014-09-09 12:44 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources
    2014-09-09 12:43 - 2014-09-09 12:43 - 00655896 _____ () C:\Users\g\Downloads\lightworks-setup.exe
    2014-09-09 11:16 - 2014-09-09 11:16 - 00001421 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
    2014-09-09 11:16 - 2014-09-09 11:16 - 00000000 ____D () C:\Program Files (x86)\Seagate
    2014-09-09 11:13 - 2014-09-09 11:13 - 26771088 _____ () C:\Users\g\Downloads\SeaToolsforWindowsSetup.exe
    2014-09-09 10:01 - 2014-09-09 10:01 - 02297856 _____ () C:\Users\g\Desktop\Ron Quicken-2014-09-09.QDF-backup
    2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 ____D () C:\Users\g\AppData\Local\Skype
    2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2014-09-09 09:06 - 2013-07-21 00:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-09-09 09:06 - 2013-07-21 00:12 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-08 15:59 - 2014-04-22 17:18 - 00011594 _____ () C:\Windows\RPSETUP.EXE.LOG
    2014-09-08 08:15 - 2014-08-16 16:55 - 00000000 ____D () C:\Program Files (x86)\Steinberg
    2014-09-08 08:15 - 2014-07-12 17:08 - 00000000 ____D () C:\Program Files (x86)\Spoon
    2014-09-05 10:32 - 2014-08-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Direct WAV MP3 Splitter
    2014-09-04 12:38 - 2014-09-01 21:04 - 00000000 ____D () C:\Users\g\Documents\Wondershare Video Editor
    2014-09-04 12:08 - 2014-09-04 12:08 - 00019066 _____ () C:\Users\g\Documents\My Movie.wlmp
    2014-09-04 10:17 - 2014-09-04 10:17 - 01239752 _____ (Microsoft Corporation) C:\Users\g\Downloads\wlsetup-web.exe
    2014-09-03 14:37 - 2009-07-13 21:45 - 05071016 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-09-01 21:05 - 2012-12-08 23:54 - 00114552 _____ () C:\Users\g\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-09-01 21:04 - 2014-09-01 21:04 - 00000000 ____D () C:\Users\g\AppData\Local\Wondershare
    2014-09-01 21:03 - 2014-09-01 21:03 - 00745248 _____ (Wondershare) C:\Users\g\Downloads\video-editor_setup_full846.exe
    2014-09-01 21:03 - 2014-09-01 21:03 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
    2014-09-01 14:57 - 2014-09-01 14:57 - 00449633 _____ () C:\Users\g\Downloads\what your classmates sound like.wma
     
    Some content of TEMP:
    ====================
    C:\Users\g\AppData\Local\Temp\Quarantine.exe
    C:\Users\g\AppData\Local\Temp\_is2607.exe
    C:\Users\g\AppData\Local\Temp\_is3504.exe
    C:\Users\g\AppData\Local\Temp\_is415.exe
    C:\Users\g\AppData\Local\Temp\_isBBA1.exe
    C:\Users\g\AppData\Local\Temp\_isCCD.exe
    C:\Users\g\AppData\Local\Temp\_isE3AA.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-09-16 08:57
     
    ==================== End Of Log ============================


    #20 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 11:37 AM

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2014
    Ran by g at 2014-09-23 10:35:07
    Running from C:\Users\g\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    ACT! by Sage 2009 (11.0) (HKLM-x32\...\InstallShield_{1A4FE289-8B58-4FC5-8CE8-109A542CE0A7}) (Version: 11.0.0.0 - Sage Software, Inc.)
    ACT! by Sage 2009 (11.0) (x32 Version: 11.0.0.0 - Sage Software, Inc.) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
    Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
    Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
    Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
    Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
    Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
    Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
    Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
    AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.)
    AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
    AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
    Alienware Command Center (HKLM-x32\...\InstallShield_{ACBE8264-9018-49B8-9041-3A74E2596BF3}) (Version: 2.8.9.0 - Alienware Corp.)
    Alienware Command Center (Version: 2.8.9.0 - Alienware Corp.) Hidden
    Alienware Customer Surveys (HKLM-x32\...\{9AAA35D1-B21D-4610-BBAE-18FE2D00C3E0}) (Version: 1.0.5 - Dell Inc.)
    Alienware Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
    Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.2.0.399 - Amazon Services LLC)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AT&T Portal (HKLM\...\ATT-SST-UversePortal) (Version:  - )
    bl (x32 Version: 1.0.0 - Your Company Name) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
    CoffeeCup Free FTP (HKLM-x32\...\{66F43DBE-6D46-4BCE-831D-0D4C13639BE8}) (Version: 4.5.20 - CoffeeCup Software Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9F82B2FB-F969-41A0-B7D6-E54F4BAF8572}) (Version:  - Microsoft)
    Direct WAV MP3 Splitter version 3.0.0.0 (HKLM-x32\...\Direct WAV MP3 Splitter_is1) (Version: 3.0.0.0 - Piston Software)
    EPSON Artisan 720 Series Printer Uninstall (HKLM\...\EPSON Artisan 720 Series) (Version:  - SEIKO EPSON Corporation)
    Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
    Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
    EPSON Perfection V600 Photo Scanner Driver Update (HKLM-x32\...\{EBBE3D90-9344-43A7-A548-91BA02B3B7CD}) (Version:  - )
    Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
    EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
    FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
    Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
    Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
    Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
    Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
    Maintenance Samsung ML-2525W Series (HKLM-x32\...\Samsung ML-2525W Series) (Version:  - Samsung Electronics CO.,LTD)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2005 Express Edition (ACT7) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
    Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
    Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
    MovieTracer (HKLM-x32\...\{A4879FAF-1A81-4189-91FB-9D2109EB49B4}) (Version: 1.3.00.14020 - Sony Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.)
    MSI ODD Monitor (x32 Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    Norton 360 (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
    NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
    NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 - Your Company Name) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
    PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.5.18 - Razer USA Ltd.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6494 - Realtek Semiconductor Corp.)
    Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version:  - )
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
    SIGMA Photo Pro 5 (HKLM-x32\...\{B99C3D18-BA4B-4D65-A500-D364E3D2A8A3}) (Version: 5.5.3 - SIGMA)
    SiteSpinner Pro V2 (HKLM-x32\...\{DEB1AE2C-AFE6-480F-B3A6-A20FF10941F9}) (Version: 2.92.15 - Virtual Mechanics)
    Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
    TurboTax 2012 wcaiper (x32 Version: 012.000.1508 - Intuit Inc.) Hidden
    TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
    TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
    TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
    TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
    TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
    TurboTax 2013 wcaiper (x32 Version: 013.000.1484 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.2166 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0492 - Intuit Inc.) Hidden
    TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0169 - Intuit Inc.) Hidden
    TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
    Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A784BEFA-1BAB-4285-9F90-7D1A40A72DF8}) (Version:  - Microsoft)
    Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C5241E8F-37A5-40EC-90DD-FF1400818C4B}) (Version:  - Microsoft)
    Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{388C807E-766E-47FB-A671-53B8387FCA78}) (Version:  - Microsoft)
    Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2F2717FB-5567-491F-B493-B6556DB4FFCB}) (Version:  - Microsoft)
    Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2F2717FB-5567-491F-B493-B6556DB4FFCB}) (Version:  - Microsoft)
    Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{CA571833-CF9C-4B1E-B6E2-07211664180E}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34F41F42-15EC-4FB5-A6C7-464F4BB5D798}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34F41F42-15EC-4FB5-A6C7-464F4BB5D798}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C74BC9C1-46D0-4406-A003-119C5F2BC240}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{068372FB-7EAF-463F-8074-77AB35BB13E6}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E911A320-7B4A-4383-82D2-007375B27EC2}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8449754F-577E-4EC3-B9D4-108395B1680E}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{47FF2CD3-B7C1-49B8-A026-E6260B785512}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{47FF2CD3-B7C1-49B8-A026-E6260B785512}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A98FE317-A670-47B8-9510-C115D933282A}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0C0A2F4A-757C-4F10-935F-508E1A2D4719}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{377DC0D5-A062-496A-ADE2-6D204B498DD8}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{CA55F6DA-492F-434B-9B65-9A42C35F3FDC}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{CC676278-5E9E-432E-9BB5-DDF0FFE04549}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4389523F-DE1F-474A-995D-480F66809567}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3856855C-A9CE-433A-BBA8-62D3290B063F}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7E0144AD-1CF3-41B9-A6E5-98FF7EA97F2F}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7E0144AD-1CF3-41B9-A6E5-98FF7EA97F2F}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C74677D5-FA4D-47D5-B769-1866C6D81214}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A30942E-AFEC-4DC5-8A23-AD50E971CC37}) (Version:  - Microsoft)
    Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A30942E-AFEC-4DC5-8A23-AD50E971CC37}) (Version:  - Microsoft)
    Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED00DC05-D24B-4847-B49B-7EF42A01D4D5}) (Version:  - Microsoft)
    Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED00DC05-D24B-4847-B49B-7EF42A01D4D5}) (Version:  - Microsoft)
    Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8557CF2E-CD50-418A-A533-751E6C8B8C28}) (Version:  - Microsoft)
    Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6562E5D7-895A-4FC0-B907-72E42D79703A}) (Version:  - Microsoft)
    Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E158EB9F-E6CC-49E2-A098-2C6DF0D6B42B}) (Version:  - Microsoft)
    Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CFC7B54A-AB18-487B-A035-7094E2F24AF1}) (Version:  - Microsoft)
    Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D4E8E649-C12B-4170-8A32-2D387CD5CED1}) (Version:  - Microsoft)
    Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5A59CF80-AA55-492B-900E-86793BCF013A}) (Version:  - Microsoft)
    Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D4E8E649-C12B-4170-8A32-2D387CD5CED1}) (Version:  - Microsoft)
    Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5A59CF80-AA55-492B-900E-86793BCF013A}) (Version:  - Microsoft)
    Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{54960E56-266C-417A-85F5-4769614C2694}) (Version:  - Microsoft)
    Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
    Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7850D7D4-FC6A-4847-A646-9A64CCF713EA}) (Version:  - Microsoft)
    Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC29488E-A7BD-4C8D-A364-713206BCEC92}) (Version:  - Microsoft)
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
     
    ==================== Restore Points  =========================
     
    11-09-2014 07:00:01 Scheduled Checkpoint
    13-09-2014 08:11:15 インストール PMB
    13-09-2014 08:12:29 Installed DirectX
    18-09-2014 22:33:19 Norton 360 Registry Clean
    18-09-2014 23:23:41 Windows Live Essentials
    18-09-2014 23:23:59 WLSetup
    22-09-2014 02:51:47 Removed BlueStacks Notification Center
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {070698C1-A4AE-4327-A3C5-04B43C749951} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {079B7480-085F-49EA-BCB5-7055D672702B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {0DBEAA6E-5D63-4DBD-BFDD-F97FA67A64B1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
    Task: {3551A5FD-70C3-480B-B0FA-ACE5C47CA3B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
    Task: {4BBC8363-B8C6-4A55-A0C2-BE1378E871EE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {620C9CEA-FAF2-4FF2-96B1-5B11D5D5DE0D} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {6A7F009B-D50B-4925-94D8-F983D8161FD3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
    Task: {7D66FD2A-FD2F-4E14-AF21-3783E0F76D00} - System32\Tasks\AdobeAAMUpdater-1.0-Titus-PC-g => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {8A2494F1-E33E-42C4-975D-7C84AE4A564D} - System32\Tasks\PCDEventLauncher => C:\Program Files\AlienAutopsy\sessionchecker.exe [2012-11-29] (PC-Doctor, Inc.)
    Task: {97BADDE7-BA51-49DC-8A62-82F0BCA241A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {A363660F-B6AC-495E-A6B3-87048594D56D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {AC42FE3B-8049-457C-A1D6-9CA85BCAFC52} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2012-11-29] (PC-Doctor, Inc.)
    Task: {B076589C-F3AF-460B-8F26-BC61B619DB83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
    Task: {C33C0C9D-77E2-4797-B937-C5DFB58A6306} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
    Task: {DD2F1EBF-3B04-486B-856A-43579301EA79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
    Task: {E6F841AA-C51D-42A8-AA68-86CB8528FD0F} - System32\Tasks\Amazon Music Helper => C:\Users\g\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
    Task: {F59C3498-BDA0-424B-93CC-4BF764F4C2D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {FA5B9E6C-F138-4548-B63A-71AA20C04147} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2012-12-26 21:52 - 2013-01-18 08:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2013-07-23 22:40 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
    2011-06-22 09:48 - 2011-06-22 09:48 - 00034304 _____ () C:\Windows\System32\ssp6ml6.dll
    2013-07-31 16:11 - 2013-12-12 12:56 - 03145536 _____ () C:\Users\g\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    2014-03-21 15:07 - 2014-03-21 15:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2012-09-14 18:34 - 2012-01-26 19:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
    2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-03-21 15:05 - 2014-03-21 15:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
    2014-03-21 15:06 - 2014-03-21 15:06 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
    2014-03-21 15:06 - 2014-03-21 15:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
    2014-03-21 15:06 - 2014-03-21 15:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
    2014-03-21 15:06 - 2014-03-21 15:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
    2014-03-21 15:08 - 2014-03-21 15:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
    2014-03-21 15:09 - 2014-03-21 15:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
    2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2012-09-14 18:28 - 2012-03-06 12:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
    2014-09-12 13:36 - 2014-09-03 20:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
    2014-09-12 13:36 - 2014-09-03 20:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
    2014-09-12 13:36 - 2014-09-03 20:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
    2014-09-12 13:36 - 2014-09-03 20:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
    2014-09-12 13:36 - 2014-09-03 20:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\Program Files\Common Files\System:6qB2V6wRzQ7nbRv51sLM1xz
    AlternateDataStreams: C:\Program Files\Common Files\System:HIOCjsyAtFjNnwleU7chCQ
    AlternateDataStreams: C:\ProgramData\Microsoft:PQiZWSefGLhqiycDJOM
    AlternateDataStreams: C:\ProgramData\Microsoft:XH4bPOKnlGlJjJ7ZRmluxFr8AW
    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    AlternateDataStreams: C:\ProgramData\TEMP:AD768A7E
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
    Error: (09/23/2014 10:18:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
    Error: (09/23/2014 10:18:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
    Error: (09/23/2014 10:18:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
    Error: (09/23/2014 10:18:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
    Error: (09/23/2014 10:18:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
    Error: (09/23/2014 10:18:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SSPORT service failed to start due to the following error: 
    %%2
     
     
    Microsoft Office Sessions:
    =========================
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i5-3450 CPU @ 3.10GHz
    Percentage of memory in use: 29%
    Total physical RAM: 8090.25 MB
    Available physical RAM: 5694.5 MB
    Total Pagefile: 16178.69 MB
    Available Pagefile: 13263.93 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB
     
    ==================== Drives ================================
     
    Drive c: (C Drive on Alienware) (Fixed) (Total:921.83 GB) (Free:55.34 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 038156C0)
     
    Partition: GPT Partition Type.
     
    ==================== End Of Log ============================


    #21 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 12:50 PM

    Logs look fine but wondering what this is and if you use it

    C:\Users\g\Downloads\NarrativeUploader.exe



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #22 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 01:19 PM

    Hi, i have not used it yet.  i have a narrative camera (life logger camera that takes a shot every 30 seconds)  I have not yet hooked it up, waiting for a trip.  do you think that may be a problem file?

    Thanks.



    #23 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 01:51 PM

    No, its fine , I just was not familiar with it

     

    Hows everything running now ?



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #24 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 02:15 PM

    Still slow starting up and starting up to google chrome...yahoo.com...lagging another 30 seconds to show anything.

    Eons quicker than before using the malwarebytes though.

    All looks okay from your end though?

     

    should i just do the same process in my other computer to try to get it working?   or can i go through you again on that one?

     

    Thank you very much for your time and efforts.

     

    ron



    #25 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 03:19 PM

    Lets run another program or two and see if it finds anything that may be hidden

     

    As far as your other computer, I would start a new topic here for it but wait until we are done with this one

     

     

     

    Please download Malwarebytes Anti-Rootkit from Here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

      Advertisements

    Register to Remove


    #26 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 03:25 PM

    Hi, this popped up...Registry value "AppInit_dlls" has been found, which may be caused by rootkit activity.  Note:  Press no button if youre not sure.  if the toold crashes or terminate unexpectily during a system scan, restart the tool and press yes should this message appear again.  do you want to remove this value and restart the tool?

     

    please let me know if i should choose yes or no.  thanks.



    #27 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 03:54 PM

    Select NO

     

     

    Open up FRST and copy and paste this in

     

    AppInit_DLLs

     

    Then click on Search Registry and copy and paste the report back here for me to see



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #28 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 04:03 PM

    Farbar Recovery Scan Tool (x64) Version: 23-09-2014
    Ran by g at 2014-09-23 15:00:32
    Running from C:\Users\g\Desktop
    Boot Mode: Normal
     
    ================== Search Registry: "AppInit_DLLs" ===========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
    "APPINIT_DLLS"="SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"="1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
    "APPINIT_DLLS"="SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="c:\windows\syswow64\nvinit.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"="1"
     
    ====== End Of Search ======


    #29 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 23 September 2014 - 04:08 PM

    That entry is legit has to do with your NVIDIA D3D shim drivers

     
    --RogueKiller--
     
    •  
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    •  For Vista or Windows 7,  right-click and select "Run as  Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
     


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #30 ronlewjr

    ronlewjr

      Authentic Member

    • Authentic Member
    • PipPip
    • 42 posts

    Posted 23 September 2014 - 04:36 PM

    RogueKiller V9.2.12.0 [Sep 23 2014] by Adlice Software
     
    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : g [Admin rights]
    Mode : Scan -- Date : 09/23/2014  15:19:50
     
    ¤¤¤ Bad processes : 0 ¤¤¤
     
    ¤¤¤ Registry Entries : 8 ¤¤¤
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
     
    ¤¤¤ Scheduled tasks : 0 ¤¤¤
     
    ¤¤¤ Files : 0 ¤¤¤
     
    ¤¤¤ HOSTS File : 0 ¤¤¤
     
    ¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤
     
    ¤¤¤ Web browsers : 0 ¤¤¤
     
    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0:  +++++
    --- User ---
    [MBR] f693edb2e20ab6f9e5ec157b95f5b29f
    [BSP] 22a5862d27ae295be9e1198da8504324 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
    User = LL1 ... OK
    User = LL2 ... OK

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users