Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help!


  • This topic is locked This topic is locked
21 replies to this topic

#1 caleb.m.hartmann

caleb.m.hartmann

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 23 September 2014 - 05:19 PM

I'm having issues ever since I let my brother use my computer for a search he was doing.  I'm getting random pop up windows with the blocker on, random windows opening, windows appearing over buttons, etc. 



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 24 September 2014 - 08:16 AM

Hi there,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 24 September 2014 - 03:28 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Caleb's Computer at 2014-09-24 15:23:34
Running from C:\Users\Caleb's Computer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Apprevels version  1.4.0.13 (HKLM-x32\...\{04DF7063-9BDE-40A2-AD65-C86766A0B34B}_is1) (Version: 1.4.0.13 - Leawo Software)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version:  - Cyanide)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - )
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.06 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.12 - ASUSTeK)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
American Conquest (HKLM-x32\...\American Conquest) (Version:  - )
American Conquest with Fight Back (HKLM-x32\...\American Conquest with Fight Back_is1) (Version:  - GOG.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.2.562 - ASUSTEK)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.790 - AVG Technologies)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{6E016C56-820F-4B2D-A36F-34CCADF90C16}) (Version: 1.0.0.06 - Belkin)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.06 - Belkin) Hidden
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Codec 8.3a (HKLM-x32\...\Codec_is1) (Version:  - )
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Ritual)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - )
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Demigod (HKLM-x32\...\Steam App 202710) (Version:  - Gas Powered Games)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 1.0 - Dll-Files.com)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - )
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II: The Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fallen Enchantress (HKLM-x32\...\Steam App 216390) (Version:  - Stardock Entertainment)
Free Sound Recorder v9.2.7 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright© 2005-2011 FreeSoundRecorder Technologies, Inc.)
Galactic Civilizations I: Ultimate Edition (HKLM-x32\...\Steam App 214150) (Version:  - Stardock Entertainment)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version:  - Stardock Entertainment)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide)
GameFly Download Manager (HKCU\...\7998bdbe8c95db7f) (Version: 1.0.0.98 - GameFly)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Graph 4.3 (HKLM-x32\...\Graph_is1) (Version:  - Ivan Johansen)
Handy Updater (HKLM-x32\...\HandyUpdater) (Version:  - )
Homefront (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
hosts (HKLM-x32\...\hosts) (Version: 1.27.153.7 - Alex) <==== ATTENTION
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Idle-#-Crawler (HKLM-x32\...\Idle-#-Crawler) (Version: 87.0.0.434 - Internet Resources Analyzing Foundation) <==== ATTENTION
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Iron Brigade (HKLM-x32\...\Steam App 115120) (Version:  - )
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.15977 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.3.7631 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
King Arthur - Fallen Champions (HKLM-x32\...\Steam App 24460) (Version:  - )
King Arthur: Collection (HKLM-x32\...\Steam App 24470) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Legends of Pegasus (HKLM-x32\...\Steam App 205590) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)
Meridian: New World (HKLM-x32\...\Steam App 265120) (Version:  - Elder Games)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version:  - )
Mozilla Firefox 21.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 en-US)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version:  - Rainbow\Double Helix)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Myth II: Soulblighter version 1.7.1 (HKLM-x32\...\{52B9E460-AE08-4DA0-9952-2A1542519B69}_is1) (Version: 1.7.1 - Bungie Software)
Myth III: The Wolf Age version 1.3.1 (HKLM-x32\...\{139D63A3-A9DC-48CC-97DA-2963038975DC}_is1) (Version: 1.3.1 - MumboJumbo)
Myth: The Fallen Lords version 1.5 (HKLM-x32\...\{3B537865-547A-4245-AFE1-53353C744D80}_is1) (Version: 1.5 - Eidos Interactive)
NVIDIA Control Panel 267.08 (Version: 267.08 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.08 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2142 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Red Faction (HKLM-x32\...\Steam App 20530) (Version:  - )
Red Faction II (HKLM-x32\...\Steam App 20550) (Version:  - )
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)
Red Faction: Guerrilla  (HKLM-x32\...\Steam App 20500) (Version:  - Volition)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Risen (HKLM-x32\...\Steam App 40300) (Version:  - Piranha Bytes)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Secure Download Manager (HKLM-x32\...\{FF6A778A-02DA-4B2D-82F7-733A467984EC}) (Version: 3.0.2 - e-academy Inc.)
Sendori (HKLM-x32\...\Sendori) (Version: 2.0.18 - Sendori, Inc.) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shadows: Heretic Kingdoms (HKLM-x32\...\Steam App 256030) (Version:  - Games Farm)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sid Meier’s Ace Patrol: Pacific Skies (HKLM-x32\...\Steam App 244090) (Version:  - Firaxis)
Sid Meier's Ace Patrol (HKLM-x32\...\Steam App 244070) (Version:  - Firaxis Games)
Sid Meiers Civilization 4 - Colonization (HKLM-x32\...\Sid Meiers Civilization 4 - Colonization) (Version: 1.0 - 2K Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundCloud Downloader (HKLM-x32\...\SoundCloud Downloader) (Version:  - )
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\Star Wars Battlefront II) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version:  - Born Ready Games Ltd.)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - Born Ready Games Ltd.)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - Firefly Studios)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.36 - En Masse Entertainment)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Political Machine 2012 (HKLM-x32\...\Steam App 211120) (Version:  - Stardock Entertainment)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - IronLore)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - IronLore)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
TornTV (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - TornTV.com) <==== ATTENTION
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Rome II Additional Depots (HKLM-x32\...\Steam App 243660) (Version:  - )
Train Simulator 2012 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Tribler (remove only) (HKLM-x32\...\Tribler) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.7 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Walgreens PictureMover (HKLM-x32\...\{113DE59D-B57A-4075-9D4F-5803DFA69EB7}) (Version: 3.5.0.27 - Hewlett-Packard Company)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Warhammer® 40,000®: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-10-25 15:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {205318AC-DE06-4942-B397-CE4150869029} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11] (Google Inc.)
Task: {2D6ACCE0-5D5D-4B49-8376-705907561FEA} - System32\Tasks\Idle-#-Crawler Runner => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {35DF96D3-9A0F-4A7D-9D37-C45C673BD872} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {490797DC-FC55-46F7-80DD-42671DC0A934} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {74B3FD5D-6814-49FF-B17E-765BC5DF4F25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {8524931E-6493-4F6A-B2E8-3B6E799FF745} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-23] (ASUSTeK Computer Inc.)
Task: {9875522B-5863-4768-A51C-C38A7DB66834} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {B550F471-E34A-4E1A-B552-D232FE2B4394} - \BitGuard No Task File <==== ATTENTION
Task: {B6065375-7F9A-46A1-A275-56D21BB7335F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11] (Google Inc.)
Task: {CD334A02-0491-4497-8274-42480D9B7999} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {D7C6A364-401D-4820-B083-F06AD2EDB0CF} - System32\Tasks\Microsoft\Windows\Maintenance\Idle-#-Crawler Update => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {DFA889C0-D13D-4E47-83F8-99BB06593B84} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {FDEAE52C-3143-4437-8490-C97F2655A7BF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core.job => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA.job => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-29 14:08 - 2013-04-05 21:27 - 02231296 _____ () C:\Windows\system32\ac3filter64.acm
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-04-11 23:25 - 2010-11-03 04:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-04-11 23:25 - 2010-11-19 03:56 - 00915072 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe
2011-04-11 23:25 - 2010-10-21 04:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
2014-08-14 17:21 - 2014-08-14 17:21 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2009-11-25 19:45 - 2009-11-25 19:45 - 00110592 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2014-09-09 13:45 - 2014-09-09 13:45 - 00133216 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Idle-#-Crawler.exe
2013-08-28 19:23 - 2013-08-28 19:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-11 23:25 - 2014-09-19 16:29 - 00020992 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-04-11 23:25 - 2010-06-28 21:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2014-08-14 17:21 - 2014-08-14 17:21 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-09-03 09:49 - 2014-08-21 13:15 - 01171456 _____ () C:\New Folder\libavcodec-56.dll
2014-09-03 09:49 - 2014-08-21 13:15 - 00442368 _____ () C:\New Folder\libavutil-54.dll
2014-09-03 09:49 - 2014-08-21 13:15 - 00332800 _____ () C:\New Folder\libavresample-2.dll
2013-03-12 17:10 - 2014-08-20 17:38 - 00774656 _____ () C:\New Folder\SDL2.dll
2014-06-12 03:23 - 2014-08-28 06:48 - 02224320 _____ () C:\New Folder\video.dll
2014-09-03 09:49 - 2014-08-21 13:15 - 00403968 _____ () C:\New Folder\libavformat-56.dll
2014-09-03 09:49 - 2014-08-21 13:15 - 00485888 _____ () C:\New Folder\libswscale-3.dll
2011-10-05 16:42 - 2014-08-28 06:48 - 00678080 _____ () C:\New Folder\bin\chromehtml.DLL
2014-08-13 19:05 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Caleb's Computer\AppData\Local\temp\avgnt.exe\Avira.OE.ExtApi.dll
2009-09-15 20:17 - 2009-09-15 20:17 - 00200704 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2011-10-05 16:42 - 2014-08-20 17:38 - 34589376 _____ () C:\New Folder\bin\libcef.dll
2013-11-06 00:30 - 2014-09-19 16:14 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00104032 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\ManXec.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00074848 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\CmdProc.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00048224 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\PrfIns.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00056928 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WbSes.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00146016 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WdcMan.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00121952 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WblSupp.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00111200 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\CmnUtls.dll
2013-08-28 19:25 - 2013-08-28 19:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-09-12 11:30 - 2014-09-12 11:30 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2013-10-29 14:08 - 2013-04-05 21:26 - 02106368 _____ () C:\Program Files (x86)\AC3Filter\ac3filter.ax
2013-10-29 14:08 - 2013-04-05 21:27 - 01021440 _____ () C:\Program Files (x86)\AC3Filter\ac3filter_intl.dll
2014-09-13 17:36 - 2014-07-21 04:38 - 00393728 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-09-13 17:36 - 2014-07-21 04:38 - 00788480 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2014 06:31:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x3500
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/24/2014 04:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x228c
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/24/2014 02:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x4f84
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/24/2014 00:40:48 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/22/2014 02:31:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x00007a4c
Faulting process id: 0x2e90
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/22/2014 10:31:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x76c
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/22/2014 06:31:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x2da0
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3

Error: (09/22/2014 05:36:21 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/22/2014 04:53:20 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).

Error: (09/22/2014 04:31:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Faulting module name: ipmGui.exe, version: 14.0.6.522, time stamp: 0x53bec647
Exception code: 0xc0000005
Fault offset: 0x0000795b
Faulting process id: 0x35ac
Faulting application start time: 0xipmGui.exe0
Faulting application path: ipmGui.exe1
Faulting module path: ipmGui.exe2
Report Id: ipmGui.exe3


System errors:
=============
Error: (09/24/2014 03:49:34 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/24/2014 02:00:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/23/2014 05:17:04 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/20/2014 01:41:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/20/2014 01:40:40 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/19/2014 04:29:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avira Service Host service to connect.

Error: (09/19/2014 04:29:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Belkin WLAN service service failed to start due to the following error:
%%1053

Error: (09/19/2014 04:29:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Belkin WLAN service service to connect.

Error: (09/19/2014 04:29:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:
%%2

Error: (09/19/2014 04:09:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Avira Service Host service to connect.


Microsoft Office Sessions:
=========================
Error: (09/24/2014 06:31:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b350001cfd7da53989b38C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exe56b7dbcf-43de-11e4-92ab-14dae958dc76

Error: (09/24/2014 04:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b228c01cfd7c98f073890C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exe92caeb7c-43cd-11e4-92ab-14dae958dc76

Error: (09/24/2014 02:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b4f8401cfd7b8cac4aec7C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.execed6da53-43bc-11e4-92ab-14dae958dc76

Error: (09/24/2014 00:40:48 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/22/2014 02:31:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c000000500007a4c2e9001cfd68afce46c66C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exe012e5aac-428f-11e4-92ab-14dae958dc76

Error: (09/22/2014 10:31:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b76c01cfd66974a448b2C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exe787a8ace-426d-11e4-92ab-14dae958dc76

Error: (09/22/2014 06:31:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b2da001cfd647ece6c7c6C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exef0c65ef9-424b-11e4-92ab-14dae958dc76

Error: (09/22/2014 05:36:21 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (09/22/2014 04:53:20 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: There is not enough free space on the backup storage location to back up the data. (0x80780048)

Error: (09/22/2014 04:31:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.6.52253bec647ipmGui.exe14.0.6.52253bec647c00000050000795b35ac01cfd637293879a3C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\program files (x86)\avira\antivir desktop\ipmGui.exe2e9255a4-423b-11e4-92ab-14dae958dc76


CodeIntegrity Errors:
===================================
  Date: 2013-10-25 15:31:59.835
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 21:01:41.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 21:01:41.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 60%
Total physical RAM: 8173.22 MB
Available physical RAM: 3202.26 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 10480.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:57.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=917.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Caleb's Computer (administrator) on CALEBSCOMPUTER on 24-09-2014 15:22:29
Running from C:\Users\Caleb's Computer\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Valve Corporation) C:\New Folder\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\New Folder\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Idle-#-Crawler.exe
(BitTorrent Inc.) C:\Users\Caleb's Computer\AppData\Roaming\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-14] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [Steam] => C:\New Folder\Steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-10-18] (Electronic Arts)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [uTorrent] => C:\Users\Caleb's Computer\AppData\Roaming\uTorrent\uTorrent.exe [1418832 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [Google Update] => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-27] (Google Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [TornTv Downloader] => C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Winlogon: [Shell] C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm,explorer.exe <==== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => c:\Program Files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll [181720 2014-09-02] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belkin USB Wireless Adaptor Utility.lnk
ShortcutTarget: Belkin USB Wireless Adaptor Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Walgreens PictureMover.lnk
ShortcutTarget: Walgreens PictureMover.lnk -> C:\Program Files (x86)\Walgreens PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
Startup: C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M2FB3EEB7-FF89-4D98-BCDD-007ECD39BC0D&SearchSource=55&CUI=&UM=6&UP=SP0BF2FD1C-25E2-411A-8117-A828FAB86B64&SSPV=
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M2FB3EEB7-FF89-4D98-BCDD-007ECD39BC0D&SearchSource=58&CUI=&UM=6&UP=SP0BF2FD1C-25E2-411A-8117-A828FAB86B64&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M2FB3EEB7-FF89-4D98-BCDD-007ECD39BC0D&SearchSource=58&CUI=&UM=6&UP=SP0BF2FD1C-25E2-411A-8117-A828FAB86B64&q={searchTerms}&SSPV=
SearchScopes: HKCU - {88C5CF9F-0C10-4682-8309-DAB20EFD2E97} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={5E94B377-5E4C-4DF4-A2E1-E733F43EEB37}&mid=ad9618a576d447d3b7fdc593afbc3585-cffcb346c7c028b5801cfd61b98cb4f8fe069ece&lang=en&ds=oc011&coid=avgtbdisoc&pr=sa&d=2013-11-08 11:12:49&v=17.1.3.3&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A8DD4AF3-ACA7-4144-98DE-0C88A87E0760} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.790\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.790\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
DPF: HKLM-x32 {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://www.mathxl.com/BrowserCheck/wiz/wizmodules/testgen/installers/TestGenXInstall.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.navistar.com/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 02 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 03 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 04 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 15 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9-x64 01 C:\Windows\system32\Sendori64.dll [464160] (Sendori)
Winsock: Catalog9-x64 02 C:\Windows\system32\Sendori64.dll [464160] (Sendori)
Winsock: Catalog9-x64 03 C:\Windows\system32\Sendori64.dll [464160] (Sendori)
Winsock: Catalog9-x64 04 C:\Windows\system32\Sendori64.dll [464160] (Sendori)
Winsock: Catalog9-x64 15 C:\Windows\system32\Sendori64.dll [464160] (Sendori)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M2FB3EEB7-FF89-4D98-BCDD-007ECD39BC0D&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP0BF2FD1C-25E2-411A-8117-A828FAB86B64
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Caleb's Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Avira Browser Safety - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: All-in-One Gestures - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-08-27]
FF Extension: Website Counselor - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-13]
FF Extension: All-in-One Sidebar - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-09-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-06]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.790
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.790 [2014-08-14]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-26]

Chrome:
=======
CHR Profile: C:\Users\Caleb's Computer\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.2.101\avg.crx [2014-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe [915072 2010-11-19] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [586880 2010-10-21] ()
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
S3 DAUpdaterSvc; C:\New Folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-11] (BioWare)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-14] (AVG Secure Search)
S2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-12-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-14] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-08] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-12-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 15:22 - 2014-09-24 15:23 - 00026311 _____ () C:\Users\Caleb's Computer\Desktop\FRST.txt
2014-09-24 15:21 - 2014-09-24 15:21 - 02106880 _____ (Farbar) C:\Users\Caleb's Computer\Desktop\FRST64.exe
2014-09-24 15:12 - 2014-09-24 15:21 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Sin.City.A.Dame.to.Kill.For.2014.HDRip.STUDIO.AUDIO.XviD.AC3-EVO
2014-09-23 13:58 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 13:58 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 22:53 - 2014-09-22 22:58 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Gotham.S01E01.720p.HDTV.X264-DIMENSION
2014-09-21 21:28 - 2014-09-21 21:29 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Ray.Donovan.S02E11.HDTV.x264-KILLERS
2014-09-21 21:18 - 2014-09-24 11:31 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E03.720p.HDTV.x264-KILLERS
2014-09-21 08:00 - 2014-09-21 08:04 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Outlander.S01E07.HDTV.XviD-AFG
2014-09-19 16:26 - 2014-09-19 16:26 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-19 16:26 - 2014-09-19 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-19 16:14 - 2014-09-19 16:14 - 00000000 ____D () C:\ProgramData\374311380
2014-09-18 08:05 - 2014-09-18 08:06 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Extant.S01E13.720p.HDTV.X264-DIMENSION
2014-09-16 12:08 - 2014-09-16 13:10 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.I.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 12:08 - 2014-09-16 13:07 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.II.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 08:35 - 2014-09-16 08:39 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Transformers.Age.of.Extinction.2014.720p.WEB-DL.x264.AC3-EVO
2014-09-14 22:53 - 2014-09-23 12:03 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E02.720p.HDTV.x264-KILLERS
2014-09-14 10:30 - 2014-09-14 10:36 - 2033417784 _____ () C:\Users\Caleb's Computer\Downloads\UFC.Fight.Night.51.HDTV.x264-Ebi.mp4
2014-09-13 17:41 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\UFC 1-107 DVDRip XviD IPT Exclusive
2014-09-13 17:36 - 2014-09-13 17:36 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\WebExtend
2014-09-13 17:35 - 2014-09-13 17:37 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler
2014-09-13 17:35 - 2014-09-13 17:35 - 00004620 _____ () C:\Windows\System32\Tasks\Idle-#-Crawler Runner
2014-09-13 17:34 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Caleb's Computer\Documents\Optimizer Pro
2014-09-13 17:33 - 2014-09-19 16:14 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-13 17:33 - 2014-09-13 17:33 - 00004060 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-13 17:33 - 2014-09-13 17:33 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\VOPackage
2014-09-13 17:33 - 2014-09-13 17:33 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-13 17:32 - 2014-09-13 17:33 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\SearchProtect
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-13 17:30 - 2014-09-13 17:30 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2014-09-11 03:10 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:10 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:10 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:10 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:10 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:10 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:10 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:10 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:10 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:10 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:10 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:10 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:10 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:10 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:10 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:10 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:10 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:10 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:10 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:10 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:10 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:10 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:10 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:10 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:10 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:10 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:10 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:10 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:10 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:10 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:10 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:10 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:10 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:10 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:10 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:10 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:10 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:10 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:10 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:10 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:10 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:10 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:10 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:10 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:10 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:10 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:10 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:10 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:10 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:10 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 23:07 - 2014-09-04 21:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 23:07 - 2014-09-04 21:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 23:07 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 23:07 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 23:07 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 23:07 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 23:07 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 23:07 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 23:07 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 23:07 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 23:07 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 15:09 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Terminator The Sarah Connor Chronicles Complete BluRay iPad 720p AAC x264-CHDPAD
2014-09-03 10:01 - 2014-09-03 10:06 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 18554346 _____ () C:\Users\Caleb's Computer\Downloads\avidemux_2.6.8_win32_v2.exe
2014-09-03 10:01 - 2014-09-03 10:01 - 00001045 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2014-09-03 09:43 - 2014-09-14 16:40 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\vlc
2014-09-03 09:41 - 2014-09-03 09:41 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-03 09:40 - 2014-09-03 09:40 - 24743106 _____ () C:\Users\Caleb's Computer\Downloads\vlc-2.1.5-win32.exe
2014-08-31 12:57 - 2014-08-31 13:03 - 1480594804 _____ () C:\Users\Caleb's Computer\Downloads\UFC.177.Aug.30th.2014.HDTV.x264-Sir.Paul.mp4
2014-08-27 21:22 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:22 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:22 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 15:23 - 2014-09-24 15:22 - 00026311 _____ () C:\Users\Caleb's Computer\Desktop\FRST.txt
2014-09-24 15:23 - 2011-10-12 21:03 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\uTorrent
2014-09-24 15:22 - 2013-10-16 13:10 - 00000000 ____D () C:\FRST
2014-09-24 15:21 - 2014-09-24 15:21 - 02106880 _____ (Farbar) C:\Users\Caleb's Computer\Desktop\FRST64.exe
2014-09-24 15:21 - 2014-09-24 15:12 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Sin.City.A.Dame.to.Kill.For.2014.HDRip.STUDIO.AUDIO.XviD.AC3-EVO
2014-09-24 15:21 - 2013-10-18 09:13 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\Computer Fix
2014-09-24 15:08 - 2013-06-11 19:06 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-24 14:46 - 2014-04-19 20:30 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA.job
2014-09-24 14:30 - 2012-10-24 20:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 11:31 - 2014-09-21 21:18 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E03.720p.HDTV.x264-KILLERS
2014-09-24 10:42 - 2011-10-04 19:35 - 01524604 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 06:31 - 2013-11-04 10:13 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\CrashDumps
2014-09-24 02:46 - 2014-04-19 20:30 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core.job
2014-09-23 23:30 - 2014-05-01 04:30 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-23 23:30 - 2012-10-24 20:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 23:30 - 2012-10-24 20:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 23:30 - 2011-10-05 16:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 21:42 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:42 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:08 - 2013-06-11 19:06 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-23 12:03 - 2014-09-14 22:53 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E02.720p.HDTV.x264-KILLERS
2014-09-22 22:58 - 2014-09-22 22:53 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Gotham.S01E01.720p.HDTV.X264-DIMENSION
2014-09-22 19:42 - 2011-10-04 20:20 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\Calebs school
2014-09-21 21:29 - 2014-09-21 21:28 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Ray.Donovan.S02E11.HDTV.x264-KILLERS
2014-09-21 09:37 - 2009-07-14 00:13 - 00797850 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 08:04 - 2014-09-21 08:00 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Outlander.S01E07.HDTV.XviD-AFG
2014-09-19 16:29 - 2011-10-05 16:41 - 00000000 ____D () C:\New Folder
2014-09-19 16:28 - 2014-02-12 04:30 - 00003606 _____ () C:\Windows\setupact.log
2014-09-19 16:28 - 2012-05-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 16:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 16:27 - 2012-09-23 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-19 16:26 - 2014-09-19 16:26 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-19 16:26 - 2014-09-19 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files\iTunes
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-19 16:25 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files\iPod
2014-09-19 16:14 - 2014-09-19 16:14 - 00000000 ____D () C:\ProgramData\374311380
2014-09-19 16:14 - 2014-09-13 17:33 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-19 16:14 - 2013-11-06 00:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 16:07 - 2010-11-20 22:47 - 00763594 _____ () C:\Windows\PFRO.log
2014-09-18 08:06 - 2014-09-18 08:05 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Extant.S01E13.720p.HDTV.X264-DIMENSION
2014-09-16 13:10 - 2014-09-16 12:08 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.I.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 13:07 - 2014-09-16 12:08 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.II.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 08:39 - 2014-09-16 08:35 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Transformers.Age.of.Extinction.2014.720p.WEB-DL.x264.AC3-EVO
2014-09-15 16:52 - 2014-08-13 19:05 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-15 16:52 - 2014-04-05 12:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 16:52 - 2013-10-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-15 16:52 - 2013-10-15 18:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-14 16:40 - 2014-09-03 09:43 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\vlc
2014-09-14 10:36 - 2014-09-14 10:30 - 2033417784 _____ () C:\Users\Caleb's Computer\Downloads\UFC.Fight.Night.51.HDTV.x264-Ebi.mp4
2014-09-13 18:06 - 2014-09-13 17:41 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\UFC 1-107 DVDRip XviD IPT Exclusive
2014-09-13 17:37 - 2014-09-13 17:35 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler
2014-09-13 17:36 - 2014-09-13 17:36 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\WebExtend
2014-09-13 17:35 - 2014-09-13 17:35 - 00004620 _____ () C:\Windows\System32\Tasks\Idle-#-Crawler Runner
2014-09-13 17:34 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Caleb's Computer\Documents\Optimizer Pro
2014-09-13 17:33 - 2014-09-13 17:33 - 00004060 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-13 17:33 - 2014-09-13 17:33 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\VOPackage
2014-09-13 17:33 - 2014-09-13 17:33 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-13 17:33 - 2014-09-13 17:32 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\SearchProtect
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-13 17:30 - 2014-09-13 17:30 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2014-09-11 04:19 - 2014-08-15 03:54 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:09 - 2011-11-15 10:02 - 00789972 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:09 - 2011-10-04 21:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:08 - 2013-07-27 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2012-05-29 17:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-04-23 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 21:32 - 2014-09-10 15:09 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Terminator The Sarah Connor Chronicles Complete BluRay iPad 720p AAC x264-CHDPAD
2014-09-09 17:11 - 2014-09-23 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 16:47 - 2014-09-23 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-04 21:10 - 2014-09-10 23:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 21:05 - 2014-09-10 23:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 10:06 - 2014-09-03 10:01 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 18554346 _____ () C:\Users\Caleb's Computer\Downloads\avidemux_2.6.8_win32_v2.exe
2014-09-03 10:01 - 2014-09-03 10:01 - 00001045 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2014-09-03 09:41 - 2014-09-03 09:41 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-03 09:40 - 2014-09-03 09:40 - 24743106 _____ () C:\Users\Caleb's Computer\Downloads\vlc-2.1.5-win32.exe
2014-08-31 13:03 - 2014-08-31 12:57 - 1480594804 _____ () C:\Users\Caleb's Computer\Downloads\UFC.177.Aug.30th.2014.HDTV.x264-Sir.Paul.mp4
2014-08-31 13:00 - 2014-07-05 09:51 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Noah.2013.720p.BluRay.x264-SPARKS
2014-08-29 09:57 - 2013-11-26 04:20 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-08-28 03:17 - 2009-07-13 23:45 - 00419584 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Caleb's Computer\AppData\Local\temp\avgnt.exe
C:\Users\Caleb's Computer\AppData\Local\temp\BackupSetup.exe
C:\Users\Caleb's Computer\AppData\Local\temp\optprosetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 16:46

==================== End Of Log ============================



#4 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 24 September 2014 - 03:34 PM

Well, that didn't copy and paste well...  Please let me know what you would like me to do instead.


Please ignore that last post.  I refreshed and it seemed to be posted fine.  Sorry about the confusion.



#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 24 September 2014 - 04:13 PM

Ok, here we go:


Step 1

Please uninstall some programs:
  • Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    hosts
    Idle-#-Crawler
    Remote Desktop Access (VuuPC)
    Search Protect
    Sendori
    TornTV

  • Reboot your computer.


Step 2

Please download AdwCleaner (by Xplode) and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.


Step 3

Start FRST with administator privileges.
  • Make sure the option Addition.txt (under Optional Scan) is checked.
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.


#6 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 25 September 2014 - 08:31 AM

So now I have a big issue. I'm sending this from my phone because after the reboot from step one I cannot log on to any web pages. The web page I on stays on the tab but the text reverts to 'new tab' and the page stays blank. I've tried this in both Firefox (my normal browser) and IE, same result. My work laptop still connects to the internet so it's not an internet issue...

#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 25 September 2014 - 08:51 AM

Still the same if you reboot the machine and try again?
Is is only the browsers that don't work or is the internet connection dead? (You can test this for example with the ping command on the command line.)

#8 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 25 September 2014 - 09:23 AM

Rebooted 3 times, same results. No browsers work. Internet connection is good; I have my work laptop on and connected through the same router.

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 25 September 2014 - 12:48 PM

Ok I have a suspicion what might be the problem here.
Let's try this: Please open an elevated command prompt (see these instructions how to do it).
Type the following command into the prompt:

netsh winsock reset

and confirm with Enter.
Then reboot the computer.
Do the browsers still not work afterwards?

#10 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 25 September 2014 - 01:45 PM

Back in.  Thanks for the help.

 

First file is below

 

# AdwCleaner v3.008 - Report created 24/09/2014 at 17:26:58
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Caleb's Computer - CALEBSCOMPUTER
# Running from : C:\Users\Caleb's Computer\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Caleb's Computer\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Caleb's Computer\Documents\optimizer pro
File Deleted : C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v21.0 (en-US)

[ File : C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v

[ File : C:\Users\Caleb's Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15453 octets] - [17/10/2013 20:51:12]
AdwCleaner[R1].txt - [6916 octets] - [24/09/2014 17:25:47]
AdwCleaner[S0].txt - [15024 octets] - [17/10/2013 20:57:12]
AdwCleaner[S1].txt - [6495 octets] - [24/09/2014 17:26:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6555 octets] ##########
 



#11 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 25 September 2014 - 01:48 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-09-2014 01
Ran by Caleb's Computer (administrator) on CALEBSCOMPUTER on 25-09-2014 13:44:48
Running from C:\Users\Caleb's Computer\Desktop
Loaded Profile: Caleb's Computer (Available profiles: Caleb's Computer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Valve Corporation) C:\New Folder\Steam.exe.old
(BitTorrent Inc.) C:\Users\Caleb's Computer\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Idle-#-Crawler.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [Steam] => C:\New Folder\Steam.exe [1938112 2014-09-22] (Valve Corporation)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-10-18] (Electronic Arts)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [uTorrent] => C:\Users\Caleb's Computer\AppData\Roaming\uTorrent\uTorrent.exe [1418832 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [Google Update] => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-27] (Google Inc.)
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [TornTv Downloader] => C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Winlogon: [Shell] C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm,explorer.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belkin USB Wireless Adaptor Utility.lnk
ShortcutTarget: Belkin USB Wireless Adaptor Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Walgreens PictureMover.lnk
ShortcutTarget: Walgreens PictureMover.lnk -> C:\Program Files (x86)\Walgreens PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {88C5CF9F-0C10-4682-8309-DAB20EFD2E97} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {A8DD4AF3-ACA7-4144-98DE-0C88A87E0760} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://www.mathxl.com/BrowserCheck/wiz/wizmodules/testgen/installers/TestGenXInstall.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.navistar.com/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default
FF SearchEngineOrder.1: Secure Search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Caleb's Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Caleb's Computer\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Avira Browser Safety - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: All-in-One Gestures - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-08-27]
FF Extension: Website Counselor - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-13]
FF Extension: All-in-One Sidebar - C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-09-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-06]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-26]

Chrome:
=======
CHR Profile: C:\Users\Caleb's Computer\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe [915072 2010-11-19] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 DAUpdaterSvc; C:\New Folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2013-12-11] (BioWare)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-12-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-14] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-08] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-12-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 13:44 - 2014-09-25 13:44 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\FRST-OlderVersion
2014-09-24 20:57 - 2014-09-24 20:57 - 00006659 _____ () C:\Users\Caleb's Computer\Desktop\AdwCleaner[S1].txt
2014-09-24 15:23 - 2014-09-24 15:24 - 00058373 _____ () C:\Users\Caleb's Computer\Desktop\Addition.txt
2014-09-24 15:22 - 2014-09-25 13:44 - 00023399 _____ () C:\Users\Caleb's Computer\Desktop\FRST.txt
2014-09-24 15:21 - 2014-09-25 13:44 - 02108928 _____ (Farbar) C:\Users\Caleb's Computer\Desktop\FRST64.exe
2014-09-24 15:12 - 2014-09-24 15:21 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Sin.City.A.Dame.to.Kill.For.2014.HDRip.STUDIO.AUDIO.XviD.AC3-EVO
2014-09-23 13:58 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 13:58 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 22:53 - 2014-09-22 22:58 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Gotham.S01E01.720p.HDTV.X264-DIMENSION
2014-09-21 21:28 - 2014-09-25 12:23 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Ray.Donovan.S02E11.HDTV.x264-KILLERS
2014-09-21 21:18 - 2014-09-24 11:31 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E03.720p.HDTV.x264-KILLERS
2014-09-21 08:00 - 2014-09-21 08:04 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Outlander.S01E07.HDTV.XviD-AFG
2014-09-19 16:26 - 2014-09-19 16:26 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-19 16:26 - 2014-09-19 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-19 16:14 - 2014-09-19 16:14 - 00000000 ____D () C:\ProgramData\374311380
2014-09-18 08:05 - 2014-09-18 08:06 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Extant.S01E13.720p.HDTV.X264-DIMENSION
2014-09-16 12:08 - 2014-09-16 13:10 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.I.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 12:08 - 2014-09-16 13:07 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.II.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 08:35 - 2014-09-16 08:39 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Transformers.Age.of.Extinction.2014.720p.WEB-DL.x264.AC3-EVO
2014-09-14 22:53 - 2014-09-23 12:03 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E02.720p.HDTV.x264-KILLERS
2014-09-14 10:30 - 2014-09-14 10:36 - 2033417784 _____ () C:\Users\Caleb's Computer\Downloads\UFC.Fight.Night.51.HDTV.x264-Ebi.mp4
2014-09-13 17:41 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\UFC 1-107 DVDRip XviD IPT Exclusive
2014-09-13 17:36 - 2014-09-13 17:36 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\WebExtend
2014-09-13 17:35 - 2014-09-13 17:37 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler
2014-09-13 17:35 - 2014-09-13 17:35 - 00004620 _____ () C:\Windows\System32\Tasks\Idle-#-Crawler Runner
2014-09-13 17:33 - 2014-09-13 17:33 - 00004060 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-11 03:10 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:10 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:10 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:10 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:10 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:10 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:10 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:10 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:10 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:10 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:10 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:10 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:10 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:10 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:10 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:10 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:10 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:10 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:10 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:10 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:10 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:10 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:10 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:10 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:10 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:10 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:10 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:10 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:10 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:10 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:10 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:10 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:10 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:10 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:10 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:10 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:10 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:10 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:10 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:10 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:10 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:10 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:10 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:10 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:10 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:10 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:10 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:10 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:10 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:10 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:10 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:10 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 23:07 - 2014-09-04 21:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 23:07 - 2014-09-04 21:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 23:07 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 23:07 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 23:07 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 23:07 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 23:07 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 23:07 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 23:07 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 23:07 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 23:07 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 15:09 - 2014-09-10 21:32 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Terminator The Sarah Connor Chronicles Complete BluRay iPad 720p AAC x264-CHDPAD
2014-09-03 10:01 - 2014-09-03 10:06 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 18554346 _____ () C:\Users\Caleb's Computer\Downloads\avidemux_2.6.8_win32_v2.exe
2014-09-03 10:01 - 2014-09-03 10:01 - 00001045 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2014-09-03 09:43 - 2014-09-14 16:40 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\vlc
2014-09-03 09:41 - 2014-09-03 09:41 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-03 09:40 - 2014-09-03 09:40 - 24743106 _____ () C:\Users\Caleb's Computer\Downloads\vlc-2.1.5-win32.exe
2014-08-31 12:57 - 2014-08-31 13:03 - 1480594804 _____ () C:\Users\Caleb's Computer\Downloads\UFC.177.Aug.30th.2014.HDTV.x264-Sir.Paul.mp4
2014-08-27 21:22 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:22 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:22 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 13:45 - 2014-09-24 15:22 - 00023399 _____ () C:\Users\Caleb's Computer\Desktop\FRST.txt
2014-09-25 13:45 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 13:45 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 13:44 - 2014-09-25 13:44 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\FRST-OlderVersion
2014-09-25 13:44 - 2014-09-24 15:21 - 02108928 _____ (Farbar) C:\Users\Caleb's Computer\Desktop\FRST64.exe
2014-09-25 13:44 - 2013-10-16 13:10 - 00000000 ____D () C:\FRST
2014-09-25 13:44 - 2011-10-12 21:03 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\uTorrent
2014-09-25 13:39 - 2011-10-05 16:41 - 00000000 ____D () C:\New Folder
2014-09-25 13:37 - 2014-02-12 04:30 - 00003886 _____ () C:\Windows\setupact.log
2014-09-25 13:37 - 2013-06-11 19:06 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 13:37 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 13:36 - 2011-10-04 19:35 - 01565838 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 13:35 - 2013-11-04 10:13 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\CrashDumps
2014-09-25 13:30 - 2012-10-24 20:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 13:08 - 2013-06-11 19:06 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 12:46 - 2014-04-19 20:30 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA.job
2014-09-25 12:23 - 2014-09-21 21:28 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Ray.Donovan.S02E11.HDTV.x264-KILLERS
2014-09-25 02:46 - 2014-04-19 20:30 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core.job
2014-09-24 20:57 - 2014-09-24 20:57 - 00006659 _____ () C:\Users\Caleb's Computer\Desktop\AdwCleaner[S1].txt
2014-09-24 17:27 - 2013-10-17 20:51 - 00000000 ____D () C:\AdwCleaner
2014-09-24 17:25 - 2013-10-18 09:13 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\Computer Fix
2014-09-24 17:08 - 2014-08-15 03:54 - 00000000 ____D () C:\Windows\rescache
2014-09-24 16:42 - 2010-11-20 22:47 - 00765660 _____ () C:\Windows\PFRO.log
2014-09-24 15:24 - 2014-09-24 15:23 - 00058373 _____ () C:\Users\Caleb's Computer\Desktop\Addition.txt
2014-09-24 15:21 - 2014-09-24 15:12 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Sin.City.A.Dame.to.Kill.For.2014.HDRip.STUDIO.AUDIO.XviD.AC3-EVO
2014-09-24 11:31 - 2014-09-21 21:18 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E03.720p.HDTV.x264-KILLERS
2014-09-23 23:30 - 2014-05-01 04:30 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-23 23:30 - 2012-10-24 20:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 23:30 - 2012-10-24 20:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 23:30 - 2011-10-05 16:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 12:03 - 2014-09-14 22:53 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Boardwalk.Empire.S05E02.720p.HDTV.x264-KILLERS
2014-09-22 22:58 - 2014-09-22 22:53 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Gotham.S01E01.720p.HDTV.X264-DIMENSION
2014-09-22 19:42 - 2011-10-04 20:20 - 00000000 ____D () C:\Users\Caleb's Computer\Desktop\Calebs school
2014-09-21 09:37 - 2009-07-14 00:13 - 00797850 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 08:04 - 2014-09-21 08:00 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Outlander.S01E07.HDTV.XviD-AFG
2014-09-19 16:28 - 2012-05-03 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 16:27 - 2012-09-23 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-19 16:26 - 2014-09-19 16:26 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-19 16:26 - 2014-09-19 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files\iTunes
2014-09-19 16:26 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-19 16:25 - 2012-12-31 13:28 - 00000000 ____D () C:\Program Files\iPod
2014-09-19 16:14 - 2014-09-19 16:14 - 00000000 ____D () C:\ProgramData\374311380
2014-09-19 16:14 - 2013-11-06 00:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 08:06 - 2014-09-18 08:05 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Extant.S01E13.720p.HDTV.X264-DIMENSION
2014-09-16 13:10 - 2014-09-16 12:08 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.I.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 13:07 - 2014-09-16 12:08 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Nymphomaniac.Vol.II.2013.LiMiTED.DVDR.NTSC-LPD
2014-09-16 08:39 - 2014-09-16 08:35 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Transformers.Age.of.Extinction.2014.720p.WEB-DL.x264.AC3-EVO
2014-09-15 16:52 - 2014-08-13 19:05 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-15 16:52 - 2014-04-05 12:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 16:52 - 2013-10-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-15 16:52 - 2013-10-15 18:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-14 16:40 - 2014-09-03 09:43 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\vlc
2014-09-14 10:36 - 2014-09-14 10:30 - 2033417784 _____ () C:\Users\Caleb's Computer\Downloads\UFC.Fight.Night.51.HDTV.x264-Ebi.mp4
2014-09-13 18:06 - 2014-09-13 17:41 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\UFC 1-107 DVDRip XviD IPT Exclusive
2014-09-13 17:37 - 2014-09-13 17:35 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler
2014-09-13 17:36 - 2014-09-13 17:36 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\WebExtend
2014-09-13 17:35 - 2014-09-13 17:35 - 00004620 _____ () C:\Windows\System32\Tasks\Idle-#-Crawler Runner
2014-09-13 17:33 - 2014-09-13 17:33 - 00004060 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-11 03:09 - 2011-11-15 10:02 - 00789972 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:09 - 2011-10-04 21:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:08 - 2013-07-27 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2012-05-29 17:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-04-23 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 21:32 - 2014-09-10 15:09 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Terminator The Sarah Connor Chronicles Complete BluRay iPad 720p AAC x264-CHDPAD
2014-09-09 17:11 - 2014-09-23 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 16:47 - 2014-09-23 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-04 21:10 - 2014-09-10 23:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 21:05 - 2014-09-10 23:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 10:06 - 2014-09-03 10:01 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 18554346 _____ () C:\Users\Caleb's Computer\Downloads\avidemux_2.6.8_win32_v2.exe
2014-09-03 10:01 - 2014-09-03 10:01 - 00001045 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-09-03 10:01 - 2014-09-03 10:01 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2014-09-03 09:41 - 2014-09-03 09:41 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-03 09:41 - 2014-09-03 09:41 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-03 09:40 - 2014-09-03 09:40 - 24743106 _____ () C:\Users\Caleb's Computer\Downloads\vlc-2.1.5-win32.exe
2014-08-31 13:03 - 2014-08-31 12:57 - 1480594804 _____ () C:\Users\Caleb's Computer\Downloads\UFC.177.Aug.30th.2014.HDTV.x264-Sir.Paul.mp4
2014-08-31 13:00 - 2014-07-05 09:51 - 00000000 ____D () C:\Users\Caleb's Computer\Downloads\Noah.2013.720p.BluRay.x264-SPARKS
2014-08-29 09:57 - 2013-11-26 04:20 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-08-28 03:17 - 2009-07-13 23:45 - 00419584 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Caleb's Computer\AppData\Local\temp\avgnt.exe
C:\Users\Caleb's Computer\AppData\Local\temp\BackupSetup.exe
C:\Users\Caleb's Computer\AppData\Local\temp\optprosetup.exe
C:\Users\Caleb's Computer\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 16:46

==================== End Of Log ============================



#12 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 25 September 2014 - 01:49 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2014 01
Ran by Caleb's Computer at 2014-09-25 13:48:15
Running from C:\Users\Caleb's Computer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Apprevels version  1.4.0.13 (HKLM-x32\...\{04DF7063-9BDE-40A2-AD65-C86766A0B34B}_is1) (Version: 1.4.0.13 - Leawo Software)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version:  - Cyanide)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - )
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.06 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.12 - ASUSTeK)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
American Conquest (HKLM-x32\...\American Conquest) (Version:  - )
American Conquest with Fight Back (HKLM-x32\...\American Conquest with Fight Back_is1) (Version:  - GOG.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.2.562 - ASUSTEK)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.790 - AVG Technologies)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{6E016C56-820F-4B2D-A36F-34CCADF90C16}) (Version: 1.0.0.06 - Belkin)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.06 - Belkin) Hidden
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Codec 8.3a (HKLM-x32\...\Codec_is1) (Version:  - )
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Ritual)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - )
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Demigod (HKLM-x32\...\Steam App 202710) (Version:  - Gas Powered Games)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 1.0 - Dll-Files.com)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - )
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II: The Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fallen Enchantress (HKLM-x32\...\Steam App 216390) (Version:  - Stardock Entertainment)
Free Sound Recorder v9.2.7 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright© 2005-2011 FreeSoundRecorder Technologies, Inc.)
Galactic Civilizations I: Ultimate Edition (HKLM-x32\...\Steam App 214150) (Version:  - Stardock Entertainment)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version:  - Stardock Entertainment)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide)
GameFly Download Manager (HKCU\...\7998bdbe8c95db7f) (Version: 1.0.0.98 - GameFly)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Graph 4.3 (HKLM-x32\...\Graph_is1) (Version:  - Ivan Johansen)
Handy Updater (HKLM-x32\...\HandyUpdater) (Version:  - )
Homefront (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Iron Brigade (HKLM-x32\...\Steam App 115120) (Version:  - )
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.15977 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.3.7631 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
King Arthur - Fallen Champions (HKLM-x32\...\Steam App 24460) (Version:  - )
King Arthur: Collection (HKLM-x32\...\Steam App 24470) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Legends of Pegasus (HKLM-x32\...\Steam App 205590) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)
Meridian: New World (HKLM-x32\...\Steam App 265120) (Version:  - Elder Games)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version:  - )
Mozilla Firefox 21.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 en-US)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version:  - Rainbow\Double Helix)
Myth II: Soulblighter version 1.7.1 (HKLM-x32\...\{52B9E460-AE08-4DA0-9952-2A1542519B69}_is1) (Version: 1.7.1 - Bungie Software)
Myth III: The Wolf Age version 1.3.1 (HKLM-x32\...\{139D63A3-A9DC-48CC-97DA-2963038975DC}_is1) (Version: 1.3.1 - MumboJumbo)
Myth: The Fallen Lords version 1.5 (HKLM-x32\...\{3B537865-547A-4245-AFE1-53353C744D80}_is1) (Version: 1.5 - Eidos Interactive)
NVIDIA Control Panel 267.08 (Version: 267.08 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.08 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2142 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Red Faction (HKLM-x32\...\Steam App 20530) (Version:  - )
Red Faction II (HKLM-x32\...\Steam App 20550) (Version:  - )
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)
Red Faction: Guerrilla  (HKLM-x32\...\Steam App 20500) (Version:  - Volition)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Risen (HKLM-x32\...\Steam App 40300) (Version:  - Piranha Bytes)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)
Secure Download Manager (HKLM-x32\...\{FF6A778A-02DA-4B2D-82F7-733A467984EC}) (Version: 3.0.2 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shadows: Heretic Kingdoms (HKLM-x32\...\Steam App 256030) (Version:  - Games Farm)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sid Meier’s Ace Patrol: Pacific Skies (HKLM-x32\...\Steam App 244090) (Version:  - Firaxis)
Sid Meier's Ace Patrol (HKLM-x32\...\Steam App 244070) (Version:  - Firaxis Games)
Sid Meiers Civilization 4 - Colonization (HKLM-x32\...\Sid Meiers Civilization 4 - Colonization) (Version: 1.0 - 2K Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundCloud Downloader (HKLM-x32\...\SoundCloud Downloader) (Version:  - )
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\Star Wars Battlefront II) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version:  - Born Ready Games Ltd.)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - Born Ready Games Ltd.)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - Firefly Studios)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.36 - En Masse Entertainment)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Political Machine 2012 (HKLM-x32\...\Steam App 211120) (Version:  - Stardock Entertainment)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - IronLore)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - IronLore)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: Rome II Additional Depots (HKLM-x32\...\Steam App 243660) (Version:  - )
Train Simulator 2012 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Tribler (remove only) (HKLM-x32\...\Tribler) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.7 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Walgreens PictureMover (HKLM-x32\...\{113DE59D-B57A-4075-9D4F-5803DFA69EB7}) (Version: 3.5.0.27 - Hewlett-Packard Company)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Warhammer® 40,000®: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3520896638-2416368937-1527133040-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Caleb's Computer\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

24-09-2014 22:12:28 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-10-25 15:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {205318AC-DE06-4942-B397-CE4150869029} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11] (Google Inc.)
Task: {2D6ACCE0-5D5D-4B49-8376-705907561FEA} - System32\Tasks\Idle-#-Crawler Runner => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {35DF96D3-9A0F-4A7D-9D37-C45C673BD872} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {490797DC-FC55-46F7-80DD-42671DC0A934} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {74B3FD5D-6814-49FF-B17E-765BC5DF4F25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {8524931E-6493-4F6A-B2E8-3B6E799FF745} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-23] (ASUSTeK Computer Inc.)
Task: {9875522B-5863-4768-A51C-C38A7DB66834} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {B550F471-E34A-4E1A-B552-D232FE2B4394} - \BitGuard No Task File <==== ATTENTION
Task: {B6065375-7F9A-46A1-A275-56D21BB7335F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-11] (Google Inc.)
Task: {CD334A02-0491-4497-8274-42480D9B7999} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {D7C6A364-401D-4820-B083-F06AD2EDB0CF} - System32\Tasks\Microsoft\Windows\Maintenance\Idle-#-Crawler Update => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {DFA889C0-D13D-4E47-83F8-99BB06593B84} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {FDEAE52C-3143-4437-8490-C97F2655A7BF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001Core.job => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3520896638-2416368937-1527133040-1001UA.job => C:\Users\Caleb's Computer\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-04-11 23:25 - 2010-11-03 04:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-04-11 23:25 - 2010-11-19 03:56 - 00915072 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.11\aaHMSvc.exe
2011-04-11 23:25 - 2010-10-21 04:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
2009-11-25 19:45 - 2009-11-25 19:45 - 00110592 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2013-08-28 19:23 - 2013-08-28 19:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-09 13:45 - 2014-09-09 13:45 - 00133216 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Idle-#-Crawler.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-11 23:25 - 2014-09-25 13:37 - 00020992 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-04-11 23:25 - 2010-06-28 21:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2009-09-15 20:17 - 2009-09-15 20:17 - 00200704 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2014-08-13 19:05 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Caleb's Computer\AppData\Local\temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-08-28 19:25 - 2013-08-28 19:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00104032 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\ManXec.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00074848 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\CmdProc.dll
2014-09-09 13:46 - 2014-09-09 13:46 - 00048224 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\PrfIns.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00056928 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WbSes.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00146016 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WdcMan.dll
2014-09-09 13:47 - 2014-09-09 13:47 - 00121952 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Modules\WblSupp.dll
2014-09-13 17:36 - 2014-07-21 04:38 - 00393728 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\ppGoogleNaClPluginChrome.dll
2014-09-13 17:36 - 2014-07-21 04:38 - 00788480 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\ffmpegsumo.dll
2013-11-06 00:30 - 2014-09-19 16:14 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-12 11:30 - 2014-09-12 11:30 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-09-13 17:36 - 2013-12-03 21:48 - 13586896 _____ () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler\Chrome-bin\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3520896638-2416368937-1527133040-500 -> Administrator - Disabled - Status: Degraded)
Caleb's Computer (S-1-5-21-3520896638-2416368937-1527133040-1001 -> Administrator - Enabled - Status: OK) => C:\Users\Caleb's Computer
Guest (S-1-5-21-3520896638-2416368937-1527133040-501 -> Limited - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-3520896638-2416368937-1527133040-1002 -> Limited - Enabled - Status: OK)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2014 01:39:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: CalebsComputer)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/25/2014 01:38:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 01:35:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa2e07
Exception code: 0xc0000005
Fault offset: 0x00000000001300bb
Faulting process id: 0x628
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (09/25/2014 09:54:15 AM) (Source: MsiInstaller) (EventID: 1024) (User: CalebsComputer)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/25/2014 09:53:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/25/2014 09:53:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/25/2014 09:52:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 09:52:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.OE.Systray.exe, version: 1.1.21.25189, time stamp: 0x53fdd63b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xf90
Faulting application start time: 0xAvira.OE.Systray.exe0
Faulting application path: Avira.OE.Systray.exe1
Faulting module path: Avira.OE.Systray.exe2
Report Id: Avira.OE.Systray.exe3

Error: (09/25/2014 09:52:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException
Stack:
   at System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   at Avira.OE.WinCore.NetworkStatusListener..ctor()
   at Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   at Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   at Avira.OE.Systray.SystrayIcon..ctor()
   at Avira.OE.Systray.Program.Main(System.String[])

Error: (09/25/2014 09:52:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (09/25/2014 01:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Belkin WLAN service service failed to start due to the following error:
%%1053

Error: (09/25/2014 01:37:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Belkin WLAN service service to connect.

Error: (09/25/2014 01:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.1.9 service failed to start due to the following error:
%%2

Error: (09/25/2014 09:53:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 3 time(s).

Error: (09/25/2014 09:53:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/25/2014 09:53:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/25/2014 09:51:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Belkin WLAN service service failed to start due to the following error:
%%1053

Error: (09/25/2014 09:51:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Belkin WLAN service service to connect.

Error: (09/25/2014 09:51:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.1.9 service failed to start due to the following error:
%%2

Error: (09/25/2014 09:51:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The PasswordBox service terminated with the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (09/25/2014 01:39:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: CalebsComputer)
Description: Adobe Reader XI (11.0.08){AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (09/25/2014 01:38:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 01:35:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1851753aa2e07c000000500000000001300bb62801cfd8d0265fdfbdC:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dllb417ecc8-44e2-11e4-ab91-14dae958dc76

Error: (09/25/2014 09:54:15 AM) (Source: MsiInstaller) (EventID: 1024) (User: CalebsComputer)
Description: Adobe Reader XI (11.0.08){AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (09/25/2014 09:53:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/25/2014 09:53:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/25/2014 09:52:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/25/2014 09:52:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.21.2518953fdd63bKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42df9001cfd8d0375b7a01C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dlla1163cb4-44c3-11e4-ab91-14dae958dc76

Error: (09/25/2014 09:52:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException
Stack:
   at System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   at Avira.OE.WinCore.NetworkStatusListener..ctor()
   at Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   at Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   at Avira.OE.Systray.SystrayIcon..ctor()
   at Avira.OE.Systray.Program.Main(System.String[])

Error: (09/25/2014 09:52:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.CompositionException
Stack:
   at System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   at System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   at System.ComponentModel.Composition.Primitives.Export.get_Value()
   at System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


CodeIntegrity Errors:
===================================
  Date: 2013-10-25 15:31:59.835
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-25 15:31:59.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 21:01:41.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 21:01:41.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8173.22 MB
Available physical RAM: 4870.95 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 12534.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:917.33 GB) (Free:56.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=917.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 26 September 2014 - 04:58 AM

How is your computer running after the following steps?


Step 1
Please download this attached Attached File  fixlist.txt   1.94KB   2 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#14 caleb.m.hartmann

caleb.m.hartmann
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:56 AM

Posted 26 September 2014 - 08:28 AM

I ran the fix through FRST twice and both times it froze the computer.  The log that it generated is below.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-09-2014 01
Ran by Caleb's Computer at 2014-09-26 08:06:46 Run:4
Running from C:\Users\Caleb's Computer\Desktop
Loaded Profile: Caleb's Computer (Available profiles: Caleb's Computer)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Run: [TornTv Downloader] => C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-3520896638-2416368937-1527133040-1001\...\Winlogon: [Shell] C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm,explorer.exe <==== ATTENTION
C:\Users\Caleb's Computer\AppData\Roaming\dlc.xmm
Startup: C:\Users\Caleb's Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Caleb's Computer\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
FF SearchPlugin: C:\Users\Caleb's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\oxl65idy.default\searchplugins\trovi-search.xml
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
2014-09-19 16:14 - 2014-09-19 16:14 - 00000000 ____D () C:\ProgramData\374311380
2014-09-13 17:36 - 2014-09-13 17:36 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Roaming\WebExtend
2014-09-13 17:35 - 2014-09-13 17:37 - 00000000 ____D () C:\Users\Caleb's Computer\AppData\Local\Idle-#-Crawler
2014-09-13 17:35 - 2014-09-13 17:35 - 00004620 _____ () C:\Windows\System32\Tasks\Idle-#-Crawler Runner
2014-09-13 17:33 - 2014-09-13 17:33 - 00004060 _____ () C:\Windows\System32\Tasks\LaunchSignup
Task: {2D6ACCE0-5D5D-4B49-8376-705907561FEA} - System32\Tasks\Idle-#-Crawler Runner => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {B550F471-E34A-4E1A-B552-D232FE2B4394} - \BitGuard No Task File <==== ATTENTION
Task: {D7C6A364-401D-4820-B083-F06AD2EDB0CF} - System32\Tasks\Microsoft\Windows\Maintenance\Idle-#-Crawler Update => %LOCALAPPDATA%\Idle-#-Crawler\Idle-#-Crawler.exe <==== ATTENTION
Task: {FDEAE52C-3143-4437-8490-C97F2655A7BF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
EmptyTemp:

*****************

Processes closed successfully.
 



#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:56 PM

Posted 26 September 2014 - 09:33 AM

Please try to run this fix again in safe mode.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users