Here are the logs you requested. Still running very well!
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2015
CHR HKU\S-1-5-21-1271087293-465154865-2948633367-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {644CD833-9DCE-42EC-9DCA-A4DBAEBFE5E7} - \boosterpop No Task File <==== ATTENTION
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1271087293-465154865-2948633367-1002\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{644CD833-9DCE-42EC-9DCA-A4DBAEBFE5E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{644CD833-9DCE-42EC-9DCA-A4DBAEBFE5E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\boosterpop" => Key deleted successfully.
Successfully flushed the DNS Resolver Cache.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by jimmy (administrator) on OURPC on 05-01-2015 19:38:26
Running from C:\Users\jimmy\Desktop
Loaded Profile: jimmy (Available profiles: jimmy & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Torch)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe
(SMART Technologies ULC.) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\ResponseSoftwareService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1t\AmazonForWindowsWebview.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe [10132336 2012-03-09] (SMART Technologies ULC)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)
HKLM-x32\...\Run: [Response Desktop Menu] => C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe [1990040 2012-10-17] (SMART Technologies ULC)
HKLM-x32\...\Run: [SMARTClassroomCoordinator.exe] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe [485232 2011-06-22] (SMART Technologies ULC.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-04] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\Run: [Spotify Web Helper] => C:\Users\jimmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\Run: [DelayShred] => c:\Program Files\McAfee\MQS\ShrCL.exe [101272 2014-09-30] (McAfee, Inc.)
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\MountPoints2: {70a1e263-92fe-11e4-bf94-eca86baeef58} - "D:\setup.exe" -a
Startup: C:\Users\jimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\Software\Microsoft\Internet Explorer\Main,DisableRequiresActiveXPrompt = web.roblox.com
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1271087293-465154865-2948633367-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files (x86)\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-1271087293-465154865-2948633367-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\jimmy\AppData\Roaming\Mozilla\Firefox\Profiles\l8b5k1dm.default
FF SearchEngineOrder.1: Secure Search
FF DefaultSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1271087293-465154865-2948633367-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jimmy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-07]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (EnterDigital) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdilgmfebioicioimhbfoaclhgnbahl [2014-11-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-06]
CHR Extension: (Google Wallet) - C:\Users\jimmy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-04] (AVAST Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-29] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 Response Hardware; C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe [19352 2012-10-17] (SMART Technologies ULC)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-04] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-16] (Advanced Micro Devices)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 cricut; C:\Windows\system32\DRIVERS\cricut_x64.sys [72248 2014-12-30] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-09-11] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)
R3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 16:57 - 2015-01-04 16:57 - 03579246 _____ () C:\Users\jimmy\Downloads\2970275_7725991.mp4
2015-01-04 15:11 - 2015-01-04 15:11 - 00001835 _____ () C:\Users\jimmy\Desktop\malwarebytes2.txt
2015-01-04 15:11 - 2015-01-04 15:11 - 00000419 _____ () C:\Users\jimmy\Downloads\Fixlist.txt
2015-01-04 13:38 - 2015-01-04 13:38 - 00002636 _____ () C:\Users\jimmy\Documents\test movie.wlmp
2015-01-03 12:35 - 2015-01-03 12:35 - 00001423 _____ () C:\Users\jimmy\Desktop\malwarebytes1.txt
2015-01-03 12:35 - 2015-01-03 12:35 - 00001422 _____ () C:\Users\jimmy\Desktop\malwarebytes.txt
2015-01-03 10:53 - 2015-01-03 10:54 - 67183278 _____ () C:\Users\jimmy\Downloads\ITB v23.zip
2015-01-03 09:02 - 2015-01-05 19:18 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 09:00 - 2015-01-03 09:00 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-03 09:00 - 2015-01-03 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-03 08:59 - 2015-01-03 09:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-03 08:59 - 2015-01-03 08:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-03 08:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-03 08:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-03 08:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-03 08:58 - 2015-01-03 08:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.4.1028 (4).exe
2015-01-03 08:45 - 2015-01-03 08:45 - 00321848 _____ (Malwarebytes Corporation) C:\Users\jimmy\Downloads\mbam-clean-2.1.1.1001 (1).exe
2015-01-03 08:35 - 2015-01-03 08:35 - 00321848 _____ (Malwarebytes Corporation) C:\Users\jimmy\Downloads\mbam-clean-2.1.1.1001.exe
2015-01-02 23:21 - 2015-01-02 23:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.4.1028 (3).exe
2015-01-02 21:45 - 2015-01-02 21:45 - 00018917 _____ () C:\Users\jimmy\Documents\My Movie.wlmp
2015-01-02 21:45 - 2015-01-02 21:45 - 00000000 ____D () C:\Users\jimmy\Tracing
2015-01-02 19:56 - 2015-01-02 19:56 - 00000000 ____D () C:\WINDOWS\en
2015-01-02 19:55 - 2015-01-02 19:55 - 00001481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-01-02 19:55 - 2015-01-02 19:55 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-01-02 19:55 - 2015-01-02 19:55 - 00001328 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-01-02 19:55 - 2015-01-02 19:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-01-02 19:55 - 2015-01-02 19:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-02 19:54 - 2015-01-02 19:54 - 00002509 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-01-02 19:53 - 2015-01-02 19:55 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-02 19:53 - 2015-01-02 19:53 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-01-02 19:53 - 2015-01-02 19:53 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-02 19:51 - 2015-01-02 19:51 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-02 19:49 - 2015-01-02 20:03 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Windows Live
2015-01-02 19:47 - 2015-01-02 19:47 - 01239752 _____ (Microsoft Corporation) C:\Users\jimmy\Downloads\wlsetup-web.exe
2015-01-02 08:19 - 2015-01-02 08:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.4.1028 (2).exe
2015-01-02 08:12 - 2015-01-02 08:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-01-01 12:38 - 2015-01-01 12:39 - 00004252 _____ () C:\Users\jimmy\Documents\The_Lord_Never_Closes_His_Eyes.mscz
2015-01-01 09:57 - 2015-01-01 09:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\jimmy\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-01 09:55 - 2015-01-01 09:55 - 00001742 _____ () C:\Users\jimmy\Desktop\JRT.txt
2015-01-01 09:28 - 2015-01-01 09:28 - 01707939 _____ (Thisisu) C:\Users\jimmy\Downloads\JRT (2).exe
2015-01-01 09:26 - 2015-01-01 09:26 - 01707939 _____ (Thisisu) C:\Users\jimmy\Downloads\JRT (1).exe
2015-01-01 09:23 - 2015-01-01 09:23 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-01 09:16 - 2015-01-01 09:16 - 00007161 _____ () C:\Users\jimmy\Desktop\AdwCleaner[S1].txt
2015-01-01 09:01 - 2015-01-01 09:01 - 02173952 _____ () C:\Users\jimmy\Downloads\AdwCleaner.exe
2014-12-31 16:26 - 2015-01-04 15:23 - 00035843 _____ () C:\Users\jimmy\Desktop\Addition.txt
2014-12-31 14:22 - 2014-12-31 14:22 - 05198336 _____ (AVAST Software) C:\Users\jimmy\Downloads\aswMBR (3).exe
2014-12-31 14:01 - 2014-12-31 14:01 - 05198336 _____ (AVAST Software) C:\Users\jimmy\Downloads\aswMBR (2).exe
2014-12-30 12:30 - 2014-12-30 12:30 - 00000000 ____D () C:\Program Files\Provocraft
2014-12-30 12:30 - 2014-12-30 12:25 - 00072248 _____ () C:\WINDOWS\system32\Drivers\cricut_x64.sys
2014-12-30 12:28 - 2014-12-30 12:28 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\com.cricut.Cricut-CraftRoom
2014-12-30 12:27 - 2014-12-30 12:27 - 00000992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cricut-Craft Room.lnk
2014-12-30 12:27 - 2014-12-30 12:27 - 00000980 _____ () C:\Users\Public\Desktop\Cricut-Craft Room.lnk
2014-12-30 12:27 - 2014-12-30 12:27 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-12-30 12:27 - 2014-12-30 12:27 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-12-30 12:27 - 2014-12-30 12:27 - 00000000 ____D () C:\Program Files (x86)\Cricut-Craft Room
2014-12-30 12:24 - 2014-12-30 12:24 - 13202592 _____ () C:\Users\jimmy\Downloads\cricut-craftroom.exe
2014-12-30 12:24 - 2014-12-30 12:24 - 13202592 _____ () C:\Users\jimmy\Downloads\cricut-craftroom (1).exe
2014-12-21 14:04 - 2014-12-21 14:04 - 169599096 _____ () C:\Users\jimmy\Downloads\SUNP0105 (2).AVI
2014-12-21 14:01 - 2014-12-21 14:01 - 169599096 _____ () C:\Users\jimmy\Downloads\SUNP0105 (1).AVI
2014-12-21 14:00 - 2014-12-21 14:00 - 169599096 _____ () C:\Users\jimmy\Downloads\SUNP0105.AVI
2014-12-20 23:37 - 2014-12-20 23:37 - 00014925 ____H () C:\Users\jimmy\Documents\~WRL1169.tmp
2014-12-18 22:00 - 2014-12-18 22:01 - 248306803 _____ () C:\Users\jimmy\Downloads\KSP_demo_win.zip
2014-12-18 05:53 - 2014-09-11 14:33 - 00076064 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys
2014-12-18 05:52 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-12-17 20:45 - 2015-01-04 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-15 18:49 - 2014-10-30 17:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-15 18:49 - 2014-10-30 17:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-14 13:43 - 2014-12-18 22:02 - 00000000 ____D () C:\Users\jimmy\Desktop\mods
2014-12-13 09:55 - 2014-12-13 09:55 - 01660981 _____ () C:\Users\jimmy\Downloads\Channel Art Template (Photoshop)
2014-12-12 21:33 - 2014-11-26 16:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 21:33 - 2014-11-26 16:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 21:28 - 2014-12-12 21:28 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-09 18:52 - 2014-11-09 21:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-09 18:52 - 2014-11-09 20:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-09 18:52 - 2014-10-30 18:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-09 18:51 - 2014-10-30 18:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-09 18:31 - 2014-12-03 18:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-09 18:31 - 2014-12-03 18:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-09 18:31 - 2014-12-02 18:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-09 18:31 - 2014-12-02 18:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-09 18:31 - 2014-12-02 18:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-09 18:31 - 2014-12-02 18:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-09 18:31 - 2014-12-02 18:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-09 18:31 - 2014-11-06 23:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-09 18:31 - 2014-11-06 22:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-09 18:31 - 2014-10-31 18:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-09 18:31 - 2014-10-31 18:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-09 18:31 - 2014-10-12 21:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-09 18:31 - 2014-10-12 21:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-09 18:31 - 2014-10-12 21:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-09 18:30 - 2014-10-12 21:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-09 18:03 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-09 18:03 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-09 18:03 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-09 18:03 - 2014-11-21 21:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-09 18:03 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-09 18:03 - 2014-11-21 21:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-09 18:03 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-09 18:03 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-09 18:03 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-09 18:03 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-09 18:03 - 2014-11-21 21:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-09 18:03 - 2014-11-21 21:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-09 18:03 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-09 18:03 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-09 18:03 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-09 18:03 - 2014-11-21 20:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-09 18:03 - 2014-11-21 20:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-09 18:03 - 2014-11-21 20:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-09 18:03 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-09 18:03 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-09 18:03 - 2014-11-21 20:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-09 18:03 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-09 18:03 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-09 18:03 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-09 18:03 - 2014-11-21 20:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-09 18:03 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-09 18:03 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-09 18:03 - 2014-11-21 20:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-09 18:03 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-09 18:03 - 2014-11-21 20:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-09 18:03 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-09 18:03 - 2014-11-21 20:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-09 18:03 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-09 18:03 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-09 18:03 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-09 18:03 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-09 18:03 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-09 18:03 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-09 18:03 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-08 05:33 - 2014-12-08 05:33 - 14289721 _____ () C:\Users\jimmy\Documents\the nutcracker.notebook
2014-12-08 05:10 - 2014-12-08 05:11 - 07407866 _____ () C:\Users\jimmy\Downloads\Mariisnky - The Nutcracker - Tea (Chinese Dance) - Ovation.flv
2014-12-08 05:00 - 2014-12-08 05:01 - 07548025 _____ () C:\Users\jimmy\Downloads\The Nutcracker - Dance of the Reed Pipes (1).flv
2014-12-08 04:54 - 2014-12-08 04:55 - 07548025 _____ () C:\Users\jimmy\Downloads\The Nutcracker - Dance of the Reed Pipes.flv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-05 19:40 - 2014-11-25 21:22 - 00023975 _____ () C:\Users\jimmy\Desktop\FRST.txt
2015-01-05 19:38 - 2014-10-24 20:58 - 00000000 ____D () C:\FRST
2015-01-05 19:12 - 2014-05-07 13:45 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job
2015-01-05 19:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-05 18:45 - 2013-03-16 08:30 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-05 17:14 - 2014-10-20 17:16 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9791AE5-E39C-4E49-8217-4386C0483A75}
2015-01-05 16:45 - 2014-10-19 21:05 - 01544356 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-05 12:12 - 2013-12-15 20:16 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 11:41 - 2014-10-21 20:40 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Deployment
2015-01-04 21:56 - 2013-02-22 17:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1271087293-465154865-2948633367-1002
2015-01-04 20:04 - 2013-11-21 20:01 - 00000000 ____D () C:\Users\jimmy\Desktop\YouTube
2015-01-04 16:57 - 2014-10-24 20:13 - 00392192 ___SH () C:\Users\jimmy\Downloads\Thumbs.db
2015-01-04 15:42 - 2013-12-07 15:51 - 00000000 __RSD () C:\Users\jimmy\Documents\McAfee Vaults
2015-01-04 15:40 - 2013-12-30 12:55 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-04 15:39 - 2014-10-24 21:28 - 00234496 ___SH () C:\Users\jimmy\Desktop\Thumbs.db
2015-01-04 15:37 - 2014-11-21 22:00 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-04 15:37 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-04 15:36 - 2014-09-24 02:03 - 00145814 _____ () C:\WINDOWS\PFRO.log
2015-01-04 15:36 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-04 15:36 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-04 15:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-01-04 15:13 - 2014-10-28 17:13 - 00000000 ____D () C:\Users\jimmy\Desktop\FRST-OlderVersion
2015-01-04 15:13 - 2014-10-24 20:58 - 02123776 _____ (Farbar) C:\Users\jimmy\Desktop\FRST64.exe
2015-01-03 11:28 - 2013-08-22 09:45 - 00000000 ____D () C:\WINDOWS\Setup
2015-01-03 10:31 - 2014-09-24 02:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-03 08:37 - 2014-10-19 21:14 - 00000000 ____D () C:\Users\jimmy
2015-01-03 04:43 - 2013-01-28 17:05 - 00000000 ____D () C:\Users\jimmy\Documents\Christians Work
2015-01-02 23:14 - 2013-08-22 09:46 - 00332428 _____ () C:\WINDOWS\setupact.log
2015-01-02 23:11 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-02 21:47 - 2013-03-24 12:33 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Audacity
2015-01-02 19:53 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-02 19:52 - 2013-11-23 07:49 - 00031301 _____ () C:\WINDOWS\DirectX.log
2015-01-02 09:31 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Vss
2015-01-02 06:20 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-01 13:35 - 2014-08-26 20:27 - 00000000 ____D () C:\Users\jimmy\Documents\Wondershare Video Editor
2015-01-01 09:14 - 2013-02-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-01 09:11 - 2014-10-26 16:12 - 00000000 ____D () C:\AdwCleaner
2014-12-31 20:39 - 2014-10-24 20:13 - 00152576 ___SH () C:\Users\jimmy\Documents\Thumbs.db
2014-12-31 19:59 - 2014-06-27 16:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-31 16:15 - 2014-11-25 21:21 - 00003479 _____ () C:\Users\jimmy\Desktop\aswMBR.txt
2014-12-31 16:15 - 2014-10-24 20:57 - 00000512 _____ () C:\Users\jimmy\Desktop\MBR.dat
2014-12-31 13:59 - 2013-03-11 00:06 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Spotify
2014-12-31 13:59 - 2013-03-11 00:06 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Spotify
2014-12-30 12:28 - 2013-03-27 13:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-30 12:27 - 2013-03-27 13:10 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-30 12:26 - 2013-02-21 21:21 - 00000000 ____D () C:\Users\jimmy\AppData\Roaming\Adobe
2014-12-30 12:25 - 2013-03-27 13:17 - 00000000 ____D () C:\Users\jimmy\AppData\Local\Adobe
2014-12-26 07:15 - 2013-02-25 21:31 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-26 07:15 - 2013-02-25 21:31 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-26 07:14 - 2013-03-01 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-26 07:13 - 2014-07-15 11:57 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-18 06:04 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 05:51 - 2013-12-07 15:39 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-12-18 05:50 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-12-18 05:48 - 2013-12-07 15:39 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-13 22:02 - 2014-09-08 05:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 22:02 - 2014-09-08 05:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 14:02 - 2013-08-07 12:57 - 00000000 ____D () C:\Users\jimmy\Desktop\StaffWars22XP
2014-12-13 14:01 - 2013-11-21 20:01 - 00000000 ____D () C:\Users\jimmy\Desktop\pb
2014-12-13 08:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-13 08:11 - 2014-09-08 05:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-12 21:57 - 2013-03-27 13:10 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 21:28 - 2014-09-24 04:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 21:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 21:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 21:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 21:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 11:30 - 2013-12-15 20:17 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-09 20:10 - 2013-02-21 21:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 19:59 - 2013-08-24 19:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-09 19:42 - 2013-02-22 23:11 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 17:45 - 2013-03-16 08:30 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 19:40
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by jimmy at 2015-01-05 19:42:29
Running from C:\Users\jimmy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ableton Live 9 Trial (HKLM-x32\...\{A29BB48D-59ED-411C-AB20-3FA488D08161}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{19CB64EB-ACFE-681D-B571-A8A3398F1943}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cricut Driver v2.01 (HKLM-x32\...\Cricut Driver v2.01) (Version: 2.01 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (HKLM-x32\...\com.cricut.Cricut-CraftRoom) (Version: v1.0 build-187 - Provo Craft & Novelty, Inc.)
Cricut Craft Room® (x32 Version: 1.0.187 - Provo Craft & Novelty, Inc.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube Downloader 3.5.181 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Game Channels (x32 Version: 7.1.0.17 - WildTangent, Inc.) Hidden
Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Gateway Incorporated)
Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Gateway Incorporated)
Hunting Unlimited 2010 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hunting Unlimited 2011 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Gateway Incorporated)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Gateway Incorporated)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Packages (HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\Minecraft Packages) (Version: - ) <==== ATTENTION
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
PCBooster (HKLM-x32\...\{AF0EAAE6-B2E2-48E7-8A74-0A0F909CE382}) (Version: 1.0.0 - Portable Booster) <==== ATTENTION
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Sculptris Alpha 6 (x32 Version: 0.6 - Pixologic) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)
SMART Response Software (HKLM-x32\...\{02885557-ACA5-4B6F-85D2-3F1A9B8580F5}) (Version: 4.0.450.1 - SMART Technologies ULC)
SMART Sync Teacher (HKLM-x32\...\{9D81615E-B150-488B-90CA-1159E2113BE3}) (Version: 10.0.576.0 - SMART Technologies ULC)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1271087293-465154865-2948633367-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wondershare Video Editor(Build 4.5.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1271087293-465154865-2948633367-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\jimmy\AppData\Local\Roblox\Versions\version-c2a7e6748ad54a86\RobloxProxy64.dll No File
==================== Restore Points =========================
18-12-2014 06:02:20 Windows Update
25-12-2014 13:26:05 Scheduled Checkpoint
01-01-2015 18:14:13 Scheduled Checkpoint
02-01-2015 19:49:04 Windows Live Essentials
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2015-01-04 15:24 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {066D7012-D626-4B3A-88A4-2EFF2BE832ED} - System32\Tasks\{1B5A351E-6456-4DCD-9137-9C2476C8113D} => pcalua.exe -a "C:\Users\jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2C8RVGXX\cda-to-mp3-converter.exe" -d C:\Users\jimmy\Desktop
Task: {360A0CDF-FE35-4A24-8D14-560A1196F977} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {408DBE6A-D817-4107-8EAD-08D1427CBDDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {55FB2DED-03A4-4D80-9060-C7F5BB981BEE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {685EEE2E-11AB-4A3D-815B-E212B4E01118} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-09] (Microsoft Corporation)
Task: {691C5007-EADB-411E-A1C3-D155647E5129} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {69A79124-8170-4D64-B9F3-3F8F85126E0A} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {6C486CAD-5C9D-410A-80E5-5BA22409EA21} - System32\Tasks\{AB7133B4-07D0-495A-A9A6-C71305016BB2} => pcalua.exe -a C:\Users\jimmy\Downloads\kremove.exe -d C:\Users\jimmy\Downloads
Task: {83D19DC0-FBCD-4324-B710-A40A48E9C9F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-04] (AVAST Software)
Task: {8BBB856F-24E0-41A8-8297-EEB1825C9FC1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {8EA43C2D-1C36-4648-8A81-D6A27EB6A0F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {90FA3452-9D0D-4E28-AB4F-438CDD128B8D} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)
Task: {A0772BF0-15D3-43E1-833D-676DD0FA37AD} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {AA4C659F-5A11-4E0A-A27A-0A7D56D5491E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BE2827F4-3520-468C-A8D8-7AEAA7BA5985} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C75750FE-9491-4958-B769-0FE29B4F5BED} - System32\Tasks\{89CD0DFD-7378-404D-BAED-78521FB39DF9} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online\Uninstaller.exe"
Task: {D61D7859-723F-44DC-AC2C-7413E2995BD0} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2012-08-24] ()
Task: {D8FF2921-9A51-42DB-BA52-C2C4DDAA65E4} - System32\Tasks\{590EA461-2B48-470E-A64E-A8F7E95B5972} => pcalua.exe -a C:\Users\jimmy\AppData\Roaming\IMVUClient\Uninstall.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6a24736f14b2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-27 16:50 - 2012-03-27 22:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-04-13 20:11 - 2010-04-13 20:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll
2014-10-21 18:48 - 2014-10-21 18:48 - 00072192 _____ () C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1t\AmazonForWindowsWebview.exe
2014-08-04 17:03 - 2014-08-04 17:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-04 13:02 - 2015-01-04 13:02 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010401\algo.dll
2015-01-05 13:13 - 2015-01-05 13:13 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 00022440 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 00054184 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 00053680 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_signals.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_8ce60f5e6bc42419\boost_signals-vc100-mt-1_44.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 02296736 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_none_421d23a1fa0a055d\QtCore4.dll
2014-10-19 21:30 - 2014-10-19 21:30 - 02364840 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_none_1bed397492abdaf4\xqilla-vc100-1_0.dll
2014-10-19 21:30 - 2014-10-19 21:30 - 00066976 _____ () C:\WINDOWS\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_none_a9eddec61c291613\zlib1-vc100-mt-1.2.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 02310056 _____ () C:\WINDOWS\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_none_abdcef110f80cf28\redland-vc100-1_0_9.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 00145328 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll
2014-10-19 21:31 - 2014-10-19 21:31 - 00051120 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 07546272 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtGui4.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 02027424 _____ () C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.5_9ca15c999435ee05_1.0.1.0_none_4232c379f9f9cd7b\QtCore4.dll
2014-10-19 21:32 - 2014-10-19 21:32 - 00524712 _____ () C:\WINDOWS\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll
2012-10-24 13:11 - 2012-10-24 13:11 - 01435544 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\activation2.dll
2014-10-19 21:30 - 2014-10-19 21:30 - 02996648 _____ () C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.2.1_9ca15c999435ee05_1.0.1.0_none_1bed22ac92abf495\xqilla21.dll
2011-06-22 07:19 - 2011-06-22 07:19 - 00070656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\libLogger-vc100-2_0.dll
2014-08-04 17:03 - 2014-08-04 17:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-26 20:30 - 2014-07-09 11:01 - 01459712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-08-26 20:30 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2012-10-17 07:40 - 2012-10-17 07:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2012-10-17 07:40 - 2012-10-17 07:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2014-10-19 21:32 - 2014-10-19 21:32 - 01030048 _____ () C:\WINDOWS\WinSxS\x86_smarttech.js.vc70.1.8_37a8c5fef6a21868_1.0.2.1_none_e909cd048128eadf\js32.dll
2012-10-24 13:11 - 2012-10-24 13:11 - 00466840 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\ziparchive-vc100-3_1_1a.dll
2014-10-26 17:22 - 2014-10-26 17:22 - 00334848 _____ () C:\Users\jimmy\AppData\Local\Packages\Amazon.com.Amazon_343d40qqvtj1t\AC\Microsoft\CLR_v4.0_32\NativeImages\AmazonForWi3a7c204a#\9fd3d15d3d76ee96d7a68bfd4e6e2875\AmazonForWindowsWebview.ni.exe
2014-10-23 14:47 - 2014-10-23 14:47 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\90a4331ab5b5bb3ead23d75d4349a491\Windows.UI.Xaml.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 01130496 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\6e37f358bf8363dad51e2333292d61a9\Windows.ApplicationModel.ni.dll
2014-10-26 17:22 - 2014-10-26 17:22 - 00378368 _____ () C:\Users\jimmy\AppData\Local\Packages\Amazon.com.Amazon_343d40qqvtj1t\AC\Microsoft\CLR_v4.0_32\NativeImages\Helper\8400bacf703fbe932482c715b8a4a2f5\Helper.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f0a2c10499402eff632a7a7df0b4afef\Windows.Storage.ni.dll
2014-12-22 17:27 - 2014-12-22 17:27 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\fe565d34d4335337c06264bb0d85e3b0\Windows.Data.ni.dll
2014-10-23 14:47 - 2014-10-23 14:47 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\7819e306c2c55c42f35a5fa10b93710f\Windows.System.ni.dll
2014-12-22 17:28 - 2014-12-22 17:28 - 00869888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Web\e80741874129b38ff4bc85abedf8e4a2\Windows.Web.ni.dll
2014-12-12 11:28 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 11:28 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 11:28 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 11:28 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1271087293-465154865-2948633367-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1271087293-465154865-2948633367-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1271087293-465154865-2948633367-1004 - Limited - Enabled)
jimmy (S-1-5-21-1271087293-465154865-2948633367-1002 - Administrator - Enabled) => C:\Users\jimmy
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2015 06:43:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/04/2015 03:43:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ae1e3a2e-9b69-4e4f-9f42-81c4ca1bd9ff}
Error: (01/04/2015 00:59:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
Description: Activation of app FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/04/2015 00:59:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: twinui.dll, version: 6.3.9600.17324, time stamp: 0x53f822bf
Exception code: 0xc0000005
Fault offset: 0x00000000001f39fa
Faulting process id: 0x864
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
Error: (01/04/2015 00:59:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ourpc)
Description: App FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager did not launch within its allotted time.
Error: (01/04/2015 04:23:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/04/2015 04:02:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/03/2015 11:34:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9f8c4aac-4bcf-4dcb-89e2-f501b01c5759}
Error: (01/03/2015 08:48:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5684527d-2080-46af-8a32-4dcf16f234f2}
Error: (01/03/2015 08:41:19 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8ab83c52-9309-4559-924a-741b92f0a6ed}
System errors:
=============
Error: (01/05/2015 06:42:24 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/05/2015 06:41:52 AM) (Source: DCOM) (EventID: 10010) (User: ourpc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/04/2015 03:36:16 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.
Error: (01/04/2015 03:35:49 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/04/2015 03:35:49 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/04/2015 03:35:48 PM) (Source: DCOM) (EventID: 10010) (User: ourpc)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/04/2015 03:25:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (01/04/2015 03:24:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Online Backup service terminated unexpectedly. It has done this 1 time(s).
Error: (01/04/2015 03:24:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/04/2015 03:24:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Microsoft Office Sessions:
=========================
Error: (01/05/2015 06:43:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Cricut-Craft Room\Drivers\Cricut Expression Drivers ia64.exe
Error: (01/04/2015 03:43:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {ae1e3a2e-9b69-4e4f-9f42-81c4ca1bd9ff}
Error: (01/04/2015 00:59:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ourpc)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2144927142
Error: (01/04/2015 00:59:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dctwinui.dll6.3.9600.1732453f822bfc000000500000000001f39fa86401d027726f7aab64C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\twinui.dll70a1e65d-943b-11e4-bf97-eca86baeef58
Error: (01/04/2015 00:59:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ourpc)
Description: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager
Error: (01/04/2015 04:23:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Cricut-Craft Room\Drivers\Cricut Expression Drivers ia64.exe
Error: (01/04/2015 04:02:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Cricut-Craft Room\Drivers\Cricut Expression Drivers ia64.exe
Error: (01/03/2015 11:34:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {9f8c4aac-4bcf-4dcb-89e2-f501b01c5759}
Error: (01/03/2015 08:48:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5684527d-2080-46af-8a32-4dcf16f234f2}
Error: (01/03/2015 08:41:19 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8ab83c52-9309-4559-924a-741b92f0a6ed}
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon HD Graphics
Percentage of memory in use: 53%
Total physical RAM: 3810.07 MB
Available physical RAM: 1768.81 MB
Total Pagefile: 5026.07 MB
Available Pagefile: 1717.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:446.51 GB) (Free:312.28 GB) NTFS
Drive d: () (Removable) (Total:0.98 GB) (Free:0.34 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 70D4E092)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 1000 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================