Here is my Malwarebytes log. Is this the right log? I quarantined some items but the log says no threats were detected.
Malwarebytes Anti-Malware
www.malwarebytes.orgScan Date: 9/15/2014
Scan Time: 9:39:53 PM
Logfile: malware.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.16.02
Rootkit Database: v2014.09.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: tayweb
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 312820
Time Elapsed: 30 min, 45 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
And my
Adw Cleaner Log# AdwCleaner v3.310 - Report created 15/09/2014 at 22:44:17
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : tayweb - TDIDDY
# Running from : C:\Users\tayweb\AppData\Local\Microsoft\Windows\INetCache\IE\PKJBUP9H\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\SaveItCoupons
Folder Deleted : C:\Program Files (x86)\AnyProtectEx
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Users\tayweb\AppData\Local\globalUpdate
Folder Deleted : C:\Users\tayweb\AppData\Local\Temp\apn
Folder Deleted : C:\Users\tayweb\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Users\tayweb\AppData\Local\AnyProtectScannerSetup.exe
File Deleted : C:\Users\tayweb\AppData\Roaming\aps.uninstall.scan.results
***** [ Scheduled Tasks ] *****
Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : Optimizer Pro Schedule
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [AnyProtect Scanner]
Key Deleted : HKLM\SOFTWARE\Classes\eaasyytoesshoopp.eaasyytoesshoopp
Key Deleted : HKLM\SOFTWARE\Classes\eaasyytoesshoopp.eaasyytoesshoopp.1.8
Key Deleted : HKLM\SOFTWARE\Classes\GreatsaviNg.GreatsaviNg
Key Deleted : HKLM\SOFTWARE\Classes\GreatsaviNg.GreatsaviNg.8.3
Key Deleted : HKLM\SOFTWARE\Classes\unicoupons.unicoupons
Key Deleted : HKLM\SOFTWARE\Classes\unicoupons.unicoupons.2.0
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A27600F-EF5E-FBB6-037A-49B8C9887AF1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{918D19D2-3556-40A8-1067-BC8A0554087D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6791CC9-80D1-18AF-D1B4-C01B687BF6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A27600F-EF5E-FBB6-037A-49B8C9887AF1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{918D19D2-3556-40A8-1067-BC8A0554087D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6791CC9-80D1-18AF-D1B4-C01B687BF6BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A27600F-EF5E-FBB6-037A-49B8C9887AF1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{918D19D2-3556-40A8-1067-BC8A0554087D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6791CC9-80D1-18AF-D1B4-C01B687BF6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2A27600F-EF5E-FBB6-037A-49B8C9887AF1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{918D19D2-3556-40A8-1067-BC8A0554087D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6791CC9-80D1-18AF-D1B4-C01B687BF6BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2A27600F-EF5E-FBB6-037A-49B8C9887AF1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{918D19D2-3556-40A8-1067-BC8A0554087D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F6791CC9-80D1-18AF-D1B4-C01B687BF6BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17278
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
-\\ Google Chrome v
[ File : C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : kbohmgpeabkdiinjpgnadfceebineoig
Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
*************************
AdwCleaner[R0].txt - [6405 octets] - [15/09/2014 22:28:07]
AdwCleaner[S0].txt - [5821 octets] - [15/09/2014 22:44:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5881 octets] ##########
Then my
FRST Log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by tayweb (administrator) on TDIDDY on 15-09-2014 22:51:10
Running from C:\Users\tayweb\AppData\Local\Microsoft\Windows\INetCache\IE\8QKJPCQ7
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-444850313-4093084663-149680862-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-444850313-4093084663-149680862-1001\...\Run: [GoogleChromeAutoLaunch_4B534D2853F8AE4650317E2DD1CF4E30] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://toshiba13.msn.com/?pc=TNJBHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://toshiba13.msn.com/?pc=TNJBHKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://toshiba13.msn.com/?pc=TNJBHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://toshiba13.msn.com/?pc=TNJBHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://toshiba13.msn.com/?pc=TNJBSearchScopes: HKLM - {46CF69E2-52E7-49A1-876C-EB39B13879C9} URL =
http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {46CF69E2-52E7-49A1-876C-EB39B13879C9} URL =
http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKCU - {46CF69E2-52E7-49A1-876C-EB39B13879C9} URL =
SearchScopes: HKCU - {BE6FDA0B-3592-4971-9879-5DACE7F1C60B} URL =
http://www.search.ask.com/web?tpid=ORJ- ... &pf=V7&p2=^BBD^OSJ000^YY^US&gct=&itbv=12.15.5.30&apn_uid=1FC733E6-67EE-43B7-B6AA-E4B67E2270DE&apn_ptnrs=BBD&apn_dtid=^OSJ000^YY^US&apn_dbr=new_chrome.exe_0_36.0.1985.125&doi=2014-09-07&trgb=IE&q={searchTerms}&psv=&pt=tb
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-09-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-25]
Chrome:
=======
CHR HomePage: Default ->
hxxp://www.google.com/CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-07]
CHR Extension: (Google Drive) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (YouTube) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-07]
CHR Extension: (Google Search) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-07]
CHR Extension: (Browser_AppS 1.1) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhapcklhkanndjbdnhichfmolhiaekg [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-07]
CHR Extension: (Gmail) - C:\Users\tayweb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-07]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] () [File not signed]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-25] (Symantec Corporation) [File not signed]
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140122.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140122.003\ENG64.SYS [126040 2013-12-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140122.003\EX64.SYS [2099288 2013-12-25] (Symantec Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-08-23] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1505000.013\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-09-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 22:50 - 2014-09-15 22:51 - 00000000 ____D () C:\FRST
2014-09-15 22:29 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-15 22:26 - 2014-09-15 22:44 - 00000000 ____D () C:\AdwCleaner
2014-09-15 21:38 - 2014-09-15 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:38 - 2014-09-15 21:38 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 21:37 - 2014-09-15 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 21:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 21:37 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 21:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 21:36 - 2014-09-15 21:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\tayweb\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 18:04 - 2014-09-15 18:04 - 04057608 _____ () C:\Users\tayweb\Downloads\tweaking.com_registry_backup_setup.exe
2014-09-15 18:04 - 2014-09-15 18:04 - 00002262 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 18:04 - 2014-09-15 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 18:04 - 2014-09-15 18:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 13:58 - 2014-08-15 19:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-15 13:58 - 2014-08-15 19:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-15 13:58 - 2014-08-15 19:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-15 13:58 - 2014-08-15 19:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 13:58 - 2014-08-15 19:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 13:58 - 2014-08-15 19:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-15 13:58 - 2014-08-15 19:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-15 13:58 - 2014-08-15 19:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 13:58 - 2014-08-15 19:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 13:58 - 2014-08-15 19:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 13:58 - 2014-08-15 18:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 13:57 - 2014-08-15 20:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 13:57 - 2014-08-15 20:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 13:57 - 2014-08-15 20:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 13:57 - 2014-08-15 20:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 13:57 - 2014-08-15 19:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 13:57 - 2014-08-15 19:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 13:57 - 2014-08-15 19:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-15 13:57 - 2014-08-15 19:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 13:57 - 2014-08-15 19:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 13:57 - 2014-08-15 19:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 13:57 - 2014-08-15 19:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 13:57 - 2014-08-15 18:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-15 13:57 - 2014-08-15 18:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 13:57 - 2014-08-15 18:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 13:57 - 2014-08-15 18:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 13:57 - 2014-08-15 18:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 13:57 - 2014-08-15 18:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 13:57 - 2014-08-15 18:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 13:57 - 2014-08-15 18:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 13:57 - 2014-08-15 18:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 13:57 - 2014-08-15 18:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 13:57 - 2014-08-15 18:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-15 13:57 - 2014-08-15 18:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 13:57 - 2014-08-15 18:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 12:03 - 2014-08-01 18:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-13 12:02 - 2014-07-23 21:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-13 12:02 - 2014-07-23 21:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-13 11:48 - 2014-09-13 11:49 - 00848304 _____ () C:\Windows\Minidump\091314-24562-01.dmp
2014-09-09 08:48 - 2014-09-09 08:49 - 00686368 _____ () C:\Windows\Minidump\090914-27750-01.dmp
2014-09-08 22:14 - 2014-09-08 22:14 - 00024147 _____ () C:\Users\tayweb\Desktop\dds.txt
2014-09-08 22:14 - 2014-09-08 22:14 - 00004404 _____ () C:\Users\tayweb\Desktop\attach.txt
2014-09-08 22:13 - 2014-09-08 22:13 - 00688992 ____R (Swearware) C:\Users\tayweb\Downloads\dds (1).scr
2014-09-08 22:08 - 2014-09-08 22:08 - 00688992 _____ (Swearware) C:\Users\tayweb\Downloads\dds.scr
2014-09-07 16:32 - 2014-09-07 16:32 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (3).exe
2014-09-07 16:27 - 2014-09-08 20:31 - 00001927 _____ () C:\Users\tayweb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\new_chrome - Shortcut.lnk
2014-09-07 16:26 - 2014-09-08 20:31 - 00001863 _____ () C:\Users\tayweb\Desktop\Google Chrome.lnk
2014-09-06 21:41 - 2014-09-06 21:41 - 00004624 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-06 21:41 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-06 21:41 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-06 21:41 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-06 21:41 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-06 21:40 - 2014-09-06 21:40 - 00918440 _____ (Oracle Corporation) C:\Users\tayweb\Downloads\chromeinstall-7u67.exe
2014-09-06 21:39 - 2014-09-06 21:39 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (2).exe
2014-09-06 21:33 - 2014-09-06 21:33 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (1).exe
2014-09-06 21:32 - 2014-09-06 21:32 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup.exe
2014-09-06 18:43 - 2014-09-06 18:43 - 00000000 ____D () C:\ProgramData\nfdmmccpjkgfcociijhohgekgllebcpp
2014-09-05 17:52 - 2014-09-05 17:52 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-09-02 15:36 - 2014-08-22 18:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-02 15:36 - 2014-08-06 20:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-02 15:36 - 2014-08-01 21:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-25 22:03 - 2014-08-25 22:03 - 03192320 _____ () C:\Users\tayweb\Downloads\Chapter R.ppt
2014-08-20 21:59 - 2014-08-06 16:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-20 21:59 - 2014-08-01 23:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-20 21:59 - 2014-08-01 21:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-17 16:51 - 2014-06-19 19:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 16:51 - 2014-06-19 17:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-17 16:51 - 2014-06-12 19:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-17 16:51 - 2014-06-12 19:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 16:51 - 2014-06-12 18:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-17 16:51 - 2014-06-06 05:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-17 16:50 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 16:50 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 16:50 - 2014-05-31 00:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-17 16:46 - 2014-07-15 12:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-17 16:46 - 2014-07-15 02:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-17 16:46 - 2014-07-15 02:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-17 16:46 - 2014-07-15 02:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-17 16:46 - 2014-07-09 22:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-17 16:46 - 2014-07-09 22:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-17 16:46 - 2014-07-09 21:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-17 16:46 - 2014-05-13 01:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-17 16:46 - 2014-05-12 23:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-17 16:46 - 2014-05-12 22:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-17 16:46 - 2014-05-12 22:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-17 16:46 - 2014-05-12 21:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-17 16:46 - 2014-05-12 21:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-17 16:46 - 2014-05-03 05:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-17 16:46 - 2014-05-03 03:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-17 16:46 - 2014-05-02 23:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-17 16:46 - 2014-05-02 23:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-17 16:46 - 2014-05-02 23:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-17 16:46 - 2014-05-02 23:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-17 16:46 - 2014-05-02 22:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-17 16:46 - 2014-05-02 22:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-17 16:46 - 2014-05-02 22:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-17 16:46 - 2014-05-02 17:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-17 16:46 - 2014-04-30 23:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-17 16:46 - 2014-04-30 00:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-17 16:46 - 2014-04-30 00:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-17 16:46 - 2014-04-30 00:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-17 16:46 - 2014-04-30 00:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-17 16:46 - 2014-04-29 23:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-17 16:46 - 2014-04-29 22:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-17 16:46 - 2014-04-29 22:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-17 16:46 - 2014-04-29 22:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-17 16:46 - 2014-04-29 22:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-17 16:46 - 2014-04-29 22:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-17 16:46 - 2014-04-29 22:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-17 16:46 - 2014-04-29 21:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-17 16:46 - 2014-04-29 21:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-17 16:46 - 2014-04-29 21:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-17 16:46 - 2014-04-29 21:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-17 16:46 - 2014-04-29 21:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-17 16:46 - 2014-04-29 21:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-17 16:46 - 2014-04-28 16:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-17 16:46 - 2014-04-26 16:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-17 16:46 - 2014-04-26 14:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-17 16:46 - 2014-04-26 10:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-17 16:46 - 2014-04-14 03:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-17 16:46 - 2014-04-14 02:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-17 16:46 - 2014-04-13 23:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-17 16:46 - 2014-04-09 00:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-17 16:46 - 2014-04-08 23:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-17 16:45 - 2014-07-11 22:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-17 16:45 - 2014-06-05 08:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-17 16:45 - 2014-06-05 07:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-17 16:45 - 2014-06-04 03:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 16:45 - 2014-06-03 23:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 16:45 - 2014-06-03 23:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 16:45 - 2014-06-03 22:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 16:45 - 2014-06-03 22:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-17 16:45 - 2014-06-03 20:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 16:45 - 2014-06-03 20:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-17 16:45 - 2014-06-01 20:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-17 16:45 - 2014-05-31 04:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-17 16:45 - 2014-05-31 04:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-17 16:45 - 2014-05-31 04:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-17 16:45 - 2014-05-31 04:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-17 16:45 - 2014-05-31 04:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-17 16:45 - 2014-05-31 00:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-17 16:45 - 2014-05-31 00:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-17 16:45 - 2014-05-31 00:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-17 16:45 - 2014-05-30 22:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-17 16:45 - 2014-05-30 22:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-17 16:45 - 2014-05-30 22:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-17 16:45 - 2014-05-27 09:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-17 16:45 - 2014-05-27 03:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-17 16:45 - 2014-05-27 03:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-17 16:45 - 2014-05-16 22:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-17 16:45 - 2014-05-16 22:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 22:51 - 2014-09-15 22:50 - 00000000 ____D () C:\FRST
2014-09-15 22:49 - 2014-01-14 12:02 - 00000000 ____D () C:\Users\tayweb\AppData\Roaming\ClassicShell
2014-09-15 22:49 - 2013-09-21 19:18 - 01949634 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 22:48 - 2014-01-07 20:13 - 00000000 ___RD () C:\Users\tayweb\Google Drive
2014-09-15 22:47 - 2013-12-25 10:57 - 00000000 ___DO () C:\Users\tayweb\SkyDrive
2014-09-15 22:47 - 2013-09-21 19:52 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 22:47 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 22:46 - 2013-09-12 21:14 - 00042928 _____ () C:\Windows\PFRO.log
2014-09-15 22:46 - 2013-08-22 07:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-15 22:44 - 2014-09-15 22:26 - 00000000 ____D () C:\AdwCleaner
2014-09-15 22:42 - 2013-12-25 10:34 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{43896C46-6ED1-4AAC-9E8E-3030293305A3}
2014-09-15 22:34 - 2013-12-25 09:36 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444850313-4093084663-149680862-1001
2014-09-15 22:03 - 2013-09-21 19:52 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 22:00 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-15 21:38 - 2014-09-15 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:38 - 2014-09-15 21:38 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 21:38 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 21:38 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 21:36 - 2014-09-15 21:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\tayweb\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 21:33 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-15 21:15 - 2014-01-11 11:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 21:12 - 2014-01-11 11:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-15 21:12 - 2013-12-25 09:30 - 00000000 ____D () C:\Users\tayweb
2014-09-15 21:11 - 2014-07-31 18:25 - 00000000 ____D () C:\ProgramData\fadb5000b04225e
2014-09-15 21:05 - 2013-09-12 21:51 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-15 20:59 - 2014-04-24 17:42 - 00000000 ____D () C:\Users\tayweb\AppData\Local\CrashDumps
2014-09-15 18:04 - 2014-09-15 18:04 - 04057608 _____ () C:\Users\tayweb\Downloads\tweaking.com_registry_backup_setup.exe
2014-09-15 18:04 - 2014-09-15 18:04 - 00002262 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 18:04 - 2014-09-15 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 18:04 - 2014-09-15 18:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 17:58 - 2014-04-12 13:25 - 02234368 ___SH () C:\Users\tayweb\Downloads\Thumbs.db
2014-09-15 16:32 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-15 13:53 - 2013-09-12 21:25 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 00:13 - 2013-09-21 19:18 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-09-15 00:13 - 2013-08-22 08:46 - 00023742 _____ () C:\Windows\setupact.log
2014-09-13 11:49 - 2014-09-13 11:48 - 00848304 _____ () C:\Windows\Minidump\091314-24562-01.dmp
2014-09-13 11:48 - 2014-04-10 11:03 - 00000000 ____D () C:\Windows\Minidump
2014-09-13 11:48 - 2014-04-10 11:02 - 542394446 _____ () C:\Windows\MEMORY.DMP
2014-09-09 08:49 - 2014-09-09 08:48 - 00686368 _____ () C:\Windows\Minidump\090914-27750-01.dmp
2014-09-09 08:48 - 2013-08-22 09:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-08 22:14 - 2014-09-08 22:14 - 00024147 _____ () C:\Users\tayweb\Desktop\dds.txt
2014-09-08 22:14 - 2014-09-08 22:14 - 00004404 _____ () C:\Users\tayweb\Desktop\attach.txt
2014-09-08 22:13 - 2014-09-08 22:13 - 00688992 ____R (Swearware) C:\Users\tayweb\Downloads\dds (1).scr
2014-09-08 22:08 - 2014-09-08 22:08 - 00688992 _____ (Swearware) C:\Users\tayweb\Downloads\dds.scr
2014-09-08 20:31 - 2014-09-07 16:27 - 00001927 _____ () C:\Users\tayweb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\new_chrome - Shortcut.lnk
2014-09-08 20:31 - 2014-09-07 16:26 - 00001863 _____ () C:\Users\tayweb\Desktop\Google Chrome.lnk
2014-09-08 13:02 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\rescache
2014-09-07 16:32 - 2014-09-07 16:32 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (3).exe
2014-09-06 21:42 - 2014-01-22 21:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-06 21:41 - 2014-09-06 21:41 - 00004624 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-06 21:41 - 2014-01-22 21:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-06 21:40 - 2014-09-06 21:40 - 00918440 _____ (Oracle Corporation) C:\Users\tayweb\Downloads\chromeinstall-7u67.exe
2014-09-06 21:39 - 2014-09-06 21:39 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (2).exe
2014-09-06 21:33 - 2014-09-06 21:33 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup (1).exe
2014-09-06 21:32 - 2014-09-06 21:32 - 00895120 _____ (Google Inc.) C:\Users\tayweb\Downloads\ChromeSetup.exe
2014-09-06 18:43 - 2014-09-06 18:43 - 00000000 ____D () C:\ProgramData\nfdmmccpjkgfcociijhohgekgllebcpp
2014-09-05 18:14 - 2014-03-23 22:50 - 00113152 ___SH () C:\Users\tayweb\Documents\Thumbs.db
2014-09-05 17:52 - 2014-09-05 17:52 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-09-05 17:48 - 2013-12-28 19:45 - 00124416 ___SH () C:\Users\tayweb\Desktop\Thumbs.db
2014-09-05 17:47 - 2013-09-21 19:49 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-05 17:47 - 2013-09-21 19:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-09-05 17:47 - 2013-09-21 19:48 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-09-05 17:44 - 2013-08-22 08:44 - 00373288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 17:40 - 2013-08-22 09:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-05 17:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-05 17:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-05 17:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-05 17:40 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\Camera
2014-09-02 16:36 - 2014-07-17 16:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-02 14:06 - 2013-08-22 09:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 14:06 - 2013-08-22 09:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-25 22:03 - 2014-08-25 22:03 - 03192320 _____ () C:\Users\tayweb\Downloads\Chapter R.ppt
2014-08-22 18:42 - 2014-09-02 15:36 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-17 16:44 - 2013-12-25 22:59 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-17 15:45 - 2014-06-11 22:00 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
Some content of TEMP:
====================
C:\Users\tayweb\AppData\Local\Temp\APNSetup.exe
C:\Users\tayweb\AppData\Local\Temp\Compete_setup.exe
C:\Users\tayweb\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\tayweb\AppData\Local\Temp\optprosetup.exe
C:\Users\tayweb\AppData\Local\Temp\ose00000.exe
C:\Users\tayweb\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-03 18:24
==================== End Of Log ============================
And lastly, my
Addition Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by tayweb at 2014-09-15 22:53:50
Running from C:\Users\tayweb\AppData\Local\Microsoft\Windows\INetCache\IE\8QKJPCQ7
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B280788C-B671-E08D-4219-CE907B7BFF75}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AMD Start Now (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.5.0.19 - Symantec Corporation)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.1.0.14 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
06-08-2014 16:18:38 Installed iTunes
02-09-2014 22:34:07 Windows Update
07-09-2014 03:40:39 Installed Java 7 Update 67
15-09-2014 19:48:49 Windows Update
16-09-2014 00:00:32 Start Fix
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0AAD7C23-1B80-40FD-90D8-ABA60B40A7A3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-15] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D887059-9683-41FB-8949-25858DFFBD4E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1C06A7E5-7850-4FD3-A26E-410DDD2AE970} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {25117C2D-B5FA-4DDA-BF5C-17D9B32EF8D4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {2A589662-5217-4C5F-BCB9-F85EB5160F86} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E648E60-0A4C-4A52-9779-F49D1B3C187D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {620AECB8-BF1D-445B-81B0-6D5ACD0DD82D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AD563D8-17EC-4122-AC41-7680EA8F3924} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E8BF76A-45F5-4A80-A341-49FB368255FA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-21] (Realtek Semiconductor)
Task: {94BAA4E2-E6D8-41F3-B234-6DC7BDB1CC34} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {9563FCBC-EF91-4669-8052-69BFBC9CFA74} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {9BD77BD6-B760-415C-BDED-7F25674F700A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-23] (Synaptics Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A540EEAF-903E-40EB-B08C-7FE907B23158} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {A85A4382-C212-4470-80F9-A81220AE080E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {AC9C2BE4-BDC6-46C6-8A16-D5828EB0B948} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D255E493-1FBD-46DD-8547-8897AC0796CE} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1CFE016-B532-48C6-83A0-F14A6B2A2E3D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FC6AE7E8-ADCE-453D-A269-C2355C305236} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 20:47 - 2013-08-30 20:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-10 13:54 - 2013-09-10 13:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-15 22:47 - 2014-09-15 22:47 - 00098816 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32api.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00110080 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\pywintypes27.dll
2014-09-15 22:47 - 2014-09-15 22:47 - 00364544 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\pythoncom27.dll
2014-09-15 22:47 - 2014-09-15 22:47 - 00045568 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_socket.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 01160704 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_ssl.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00320512 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32com.shell.shell.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00713216 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_hashlib.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 01175040 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._core_.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00805888 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._gdi_.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00811008 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._windows_.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 01062400 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._controls_.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00735232 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._misc_.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00128512 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_elementtree.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00127488 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\pyexpat.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00557056 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\pysqlite2._sqlite.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00007168 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\hashobjs_ext.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00087552 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_ctypes.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00119808 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32file.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00108544 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32security.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00018432 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32event.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00038912 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32inet.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00070656 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._html2.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00167936 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32gui.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00011264 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32crypt.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00027136 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\_multiprocessing.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00122368 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._wizard.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00010240 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\select.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00024064 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32pipe.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00686080 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\unicodedata.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00025600 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32pdh.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00525640 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\windows._lib_cacheinvalidation.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00035840 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32process.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00017408 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32profile.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00022528 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\win32ts.pyd
2014-09-15 22:47 - 2014-09-15 22:47 - 00078336 _____ () C:\Users\tayweb\AppData\Local\Temp\_MEI27042\wx._animate.pyd
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\tayweb\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2014 10:48:09 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (09/15/2014 10:24:43 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (09/15/2014 09:21:00 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (09/15/2014 08:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Toolbar.exe, version: 21.9.0.1064, time stamp: 0x53f23547
Faulting module name: so.dll_unloaded, version: 21.9.0.1064, time stamp: 0x53f2353d
Exception code: 0xc0000005
Fault offset: 0x00004200
Faulting process id: 0x107c
Faulting application start time: 0xToolbar.exe0
Faulting application path: Toolbar.exe1
Faulting module path: Toolbar.exe2
Report Id: Toolbar.exe3
Faulting package full name: Toolbar.exe4
Faulting package-relative application ID: Toolbar.exe5
Error: (09/15/2014 08:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Toolbar.exe, version: 21.9.0.1064, time stamp: 0x53f23547
Faulting module name: so.dll_unloaded, version: 21.9.0.1064, time stamp: 0x53f2353d
Exception code: 0xc0000005
Fault offset: 0x00004200
Faulting process id: 0x13e0
Faulting application start time: 0xToolbar.exe0
Faulting application path: Toolbar.exe1
Faulting module path: Toolbar.exe2
Report Id: Toolbar.exe3
Faulting package full name: Toolbar.exe4
Faulting package-relative application ID: Toolbar.exe5
Error: (09/15/2014 06:05:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Toolbar.exe, version: 21.9.0.1064, time stamp: 0x53f23547
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53086d7c
Exception code: 0xc0000005
Fault offset: 0x00016d61
Faulting process id: 0x107c
Faulting application start time: 0xToolbar.exe0
Faulting application path: Toolbar.exe1
Faulting module path: Toolbar.exe2
Report Id: Toolbar.exe3
Faulting package full name: Toolbar.exe4
Faulting package-relative application ID: Toolbar.exe5
Error: (09/15/2014 06:05:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Toolbar.exe, version: 21.9.0.1064, time stamp: 0x53f23547
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53086d7c
Exception code: 0xc0000005
Fault offset: 0x00016d61
Faulting process id: 0x13e0
Faulting application start time: 0xToolbar.exe0
Faulting application path: Toolbar.exe1
Faulting module path: Toolbar.exe2
Report Id: Toolbar.exe3
Faulting package full name: Toolbar.exe4
Faulting package-relative application ID: Toolbar.exe5
Error: (09/15/2014 04:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17239, time stamp: 0x53d22946
Faulting module name: atidxx32.dll, version: 8.17.10.519, time stamp: 0x52212a54
Exception code: 0xc0000005
Fault offset: 0x00072e57
Faulting process id: 0xca0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (09/15/2014 02:07:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1ca4
Start Time: 01cfd11ff6bf4ee4
Termination Time: 4294967295
Application Path: C:\Windows\syswow64\wwahost.exe
Report Id: ea633303-3d13-11e4-827f-008cfa733796
Faulting package full name: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (09/15/2014 01:53:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: da0
Start Time: 01cfcf7b19149335
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: e75f1e72-3d11-11e4-827f-008cfa733796
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (09/15/2014 09:18:07 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Error: (09/15/2014 09:15:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB2976978).
Error: (09/15/2014 09:15:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB2975719).
Error: (09/15/2014 02:13:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
Error: (09/13/2014 11:49:30 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe001206ae880, 0xfffff80270a2f930, 0xffffe0011fc02010)C:\Windows\MEMORY.DMP091314-24562-01
Error: (09/13/2014 11:48:23 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Error: (09/13/2014 11:48:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:31:42 PM on 9/10/2014 was unexpected.
Error: (09/13/2014 11:48:21 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 16) (User: NT AUTHORITY)
Description: 32212254731132128
Error: (09/09/2014 08:49:06 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe0005688b060, 0xfffff802737df930, 0xffffe0005750a600)C:\Windows\MEMORY.DMP090914-27750-01
Error: (09/09/2014 08:47:53 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 25%
Total physical RAM: 5582.26 MB
Available physical RAM: 4137.08 MB
Total Pagefile: 11214.26 MB
Available Pagefile: 9453.51 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: (TI10673700F) (Fixed) (Total:456.45 GB) (Free:390.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================