Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

browser.exe*32 Google Chrome appears repeatedly and hogs processes


  • This topic is locked This topic is locked
6 replies to this topic

#1 optionsmom

optionsmom

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Southern California
  • Local time:06:05 AM

Posted 14 February 2015 - 11:37 PM

On Windows 7 running on bootcamped iMac. I ran Malwarebytes and it only found PUP.optional.opencandy.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Sean (administrator) on PC on 14-02-2015 20:19:36
Running from C:\Users\Sean\Desktop
Loaded Profiles: Sean (Available profiles: Sean & Pillowpunch)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe
(Google Inc.) C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\browser.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [740152 2010-11-11] (Apple Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\...\Run: [ValidatorNoteworthy] => C:\Windows\system32\rundll32.exe "C:\Users\Sean\AppData\Local\ValidatorNoteworthy\ValidatorNoteworthy.dll",DllRegisterServer <===== ATTENTION
HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.64.12

FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\82v022g2.default
FF DefaultSearchEngine: Google
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [223544 2010-11-11] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-26] (Electronic Arts)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [51712 2010-09-17] (Apple Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 20:19 - 2015-02-14 20:20 - 00006861 _____ () C:\Users\Sean\Desktop\FRST.txt
2015-02-14 20:19 - 2015-02-14 20:19 - 00000000 ____D () C:\FRST
2015-02-14 20:18 - 2015-02-14 20:18 - 02134528 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
2015-02-14 19:29 - 2015-02-14 19:29 - 00000622 _____ () C:\Windows\PFRO.log
2015-02-14 19:29 - 2015-02-14 19:29 - 00000056 _____ () C:\Windows\setupact.log
2015-02-14 19:29 - 2015-02-14 19:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 19:15 - 2015-02-14 19:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-14 19:14 - 2015-02-14 19:14 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-14 19:14 - 2015-02-14 19:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-14 19:14 - 2015-02-14 19:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-14 19:14 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-14 19:14 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-14 19:14 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-14 19:13 - 2015-02-14 19:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sean\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-14 18:32 - 2015-02-14 18:32 - 209010648 _____ () C:\Users\Sean\Downloads\RegBackup.reg
2015-02-14 18:29 - 2015-02-14 18:30 - 00146764 _____ () C:\Users\Sean\Desktop\remove.reg.htm
2015-02-14 18:20 - 2015-02-14 18:20 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-14 18:20 - 2015-02-14 18:20 - 00000830 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-14 18:20 - 2015-02-14 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-14 18:20 - 2015-02-14 18:20 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-14 18:17 - 2015-02-14 18:17 - 05325208 _____ (Piriform Ltd) C:\Users\Sean\Downloads\ccsetup502.exe
2015-02-11 17:46 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 17:46 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 17:46 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 17:46 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 19:12 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 19:12 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 19:12 - 2014-10-03 18:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 19:12 - 2014-10-03 17:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 19:12 - 2014-10-03 17:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 19:11 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 19:11 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 19:11 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 19:11 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 19:11 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 19:11 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 19:09 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 19:09 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 19:08 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 19:07 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 19:07 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 19:07 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 19:07 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 19:07 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 19:07 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 19:07 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 19:07 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 19:07 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 19:07 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 19:07 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 19:07 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 19:07 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 19:07 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 19:07 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 19:07 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 19:07 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 19:07 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 19:07 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 19:07 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 19:07 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 19:07 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 19:07 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 19:07 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 19:07 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 19:07 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 19:07 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 19:07 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 19:07 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 19:07 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 19:07 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 19:07 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 19:07 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 19:07 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 19:07 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 19:07 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 19:07 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 19:07 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 19:07 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 19:07 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 19:07 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 19:07 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 19:07 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 19:07 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 19:07 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 19:07 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 19:06 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 19:06 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 19:05 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 19:05 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 19:05 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 19:05 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 19:05 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 19:05 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 19:05 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 19:05 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 19:05 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 19:05 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 19:05 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 19:05 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 19:05 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 19:05 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 19:05 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 19:04 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 19:04 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 19:04 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 19:04 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 19:04 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 19:04 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 19:04 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 19:01 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 19:01 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 18:54 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-03 17:32 - 2015-02-03 17:32 - 00000000 ____D () C:\Users\Sean\Documents\Freemake

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-14 19:47 - 2013-05-19 17:25 - 01280950 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 19:36 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 19:36 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 19:29 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 18:34 - 2013-09-05 07:37 - 00000000 ____D () C:\Users\Sean\AppData\Local\Google
2015-02-14 18:22 - 2013-05-20 18:32 - 00000000 ____D () C:\Windows\Minidump
2015-02-14 18:22 - 2013-05-20 01:15 - 00000000 ____D () C:\Windows\Panther
2015-02-14 18:07 - 2013-05-19 20:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-14 17:39 - 2013-05-19 19:53 - 00000000 ____D () C:\ProgramData\Origin
2015-02-14 17:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 03:24 - 2009-07-13 20:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:22 - 2014-12-10 19:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 03:22 - 2014-05-11 07:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-03 17:32 - 2014-02-15 09:03 - 00000000 ____D () C:\Program Files (x86)\Freemake

==================== Files in the root of some directories =======

2014-08-19 06:43 - 2014-08-19 06:43 - 0000000 _____ () C:\Users\Sean\AppData\Local\{3147BF26-4E2A-4D72-B194-3D907B3126AC}

Some content of TEMP:
====================
C:\Users\Sean\AppData\Local\Temp\AutoDetectUtilApp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-14 16:50

==================== End Of Log ============================

****The addition.txt file was too big to upload so I copied and pasted it below. I'm sorry if that messes up the procedure.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by Sean at 2015-02-14 20:20:13
Running from C:\Users\Sean\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Aiseesoft DVD Creator 5.1.16 (HKLM-x32\...\{094BCE17-69CE-45ce-A131-F674CE996B3F}_is1) (Version:  - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.6 - )
Boot Camp Services (HKLM\...\{B2B7054B-EC2E-4E96-8666-FD6ED77678B2}) (Version: 3.2.0 - Apple Inc.)
Bus Driver (HKLM-x32\...\BFG-Bus Driver) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.0.10.69 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net  (01/11/2008 3.10.3.9) (HKLM\...\C840EA8E99FB237CC57769BB041F070E4F370C32) (Version: 01/11/2008 3.10.3.9 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\2CD6536AAFFF9B465A871060CF483EC9F3341D29) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (03/01/2010 3.1.0.3) (HKLM\...\72B627097B72F7023F412161DFA6B3CF03E4E42B) (Version: 03/01/2010 3.1.0.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\70C7CBB0824BF74552A2F28F5FFBF62A15053DA8) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (03/24/2010 3.1.0.3) (HKLM\...\928D27B46C93CC78C6A130F0708335AAF4894DB0) (Version: 03/24/2010 3.1.0.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (02/11/2010 3.1.0.0) (HKLM\...\E8951DD23B8C356DA6C1428CA872050C5AD70DAF) (Version: 02/11/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (10/05/2010 3.2.0.1) (HKLM\...\C6E8C9058AE1580C038DC5F715B0D4969F617CEF) (Version: 10/05/2010 3.2.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (02/11/2010 3.1.0.0) (HKLM\...\285BA6738DB5393199CA6BC5837BAED53E8BA625) (Version: 02/11/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (10/05/2010 3.2.0.1) (HKLM\...\6F4B26C960BC665E637C424F12C4E8FF3ADF0C54) (Version: 10/05/2010 3.2.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) (HKLM\...\91F52A595A7B2112937CED490A8C682CD03F945E) (Version: 01/17/2008 2.0.2.2 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) (HKLM\...\A0A897639A1D288A8B472FE790EBF9DB71E52ACF) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) (HKLM\...\76830D11874044260C923425E7F5A72F25EDA758) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) (HKLM\...\B3F27F12C500003EFE44A668CE685DE4B46A735C) (Version: 11/30/2009 3.0.0.6 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (04/12/2010 3.1.0.5) (HKLM\...\A46476509EEBF9339F8D09C9507024E1093D4FA7) (Version: 04/12/2010 3.1.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7) (HKLM\...\2F702E803208BBC067CA18B3DCC9FC2CFDAE56E6) (Version: 08/24/2010 3.1.0.7 - Apple Inc.)
Windows Driver Package - Apple Inc. System  (08/22/2008 2.1.1.1) (HKLM\...\F5E7472CCD6B3C1A568AEE4486C4BA0813A7D7AC) (Version: 08/22/2008 2.1.1.1 - Apple Inc.)
Windows Driver Package - Atheros Communications Inc. (athr) Net  (11/18/2009 8.0.0.258) (HKLM\...\E5AEAAF07505D71E430CCA10496FAE61597B81A2) (Version: 11/18/2009 8.0.0.258 - Atheros Communications Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net  (02/09/2010 14.0.0.7) (HKLM\...\E92A2345EDF3FC39429C89D37FAF28AA7BAFF288) (Version: 02/09/2010 14.0.0.7 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net  (08/21/2009 5.60.18.8) (HKLM\...\E9575EA5D430B59D0CFF29323C74D0FBA1898F3B) (Version: 08/21/2009 5.60.18.8 - Broadcom)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (04/28/2010 6.6001.1.25) (HKLM\...\16E9B4B4A3817C38179BF7D6E12774E0432FD558) (Version: 04/28/2010 6.6001.1.25 - Cirrus Logic, Inc.)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (08/16/2010 6.6001.1.26) (HKLM\...\680D5EED614F3F01A9AD4547E9D81CFE9B0E4902) (Version: 08/16/2010 6.6001.1.26 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net  (02/06/2008 9.12.17.0) (HKLM\...\294FF9FB7AF744F64B12EC12F83D8661CD9AD532) (Version: 02/06/2008 9.12.17.0 - Intel)
Windows Driver Package - Intel (E1G60) Net  (01/08/2008 8.3.9.0) (HKLM\...\3A8900CC8E77F2BF2269FEFF364561BDF86B9F27) (Version: 01/08/2008 8.3.9.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net  (07/22/2008 10.3.45.0) (HKLM\...\1864DCF02A292C57953B91D537026F4F1CA60D91) (Version: 07/22/2008 10.3.45.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net  (08/05/2008 10.3.49.0) (HKLM\...\C9952C95B4A2ACCCBC684FC6E8182A3210DEDC13) (Version: 08/05/2008 10.3.49.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net  (07/16/2008 9.52.10.0) (HKLM\...\E43E2A40D22886250D739AEE91E9C7E9ABDD52DA) (Version: 07/16/2008 9.52.10.0 - Intel)
Windows Driver Package - Intel Net  (02/06/2008 9.12.18.0) (HKLM\...\269C8F82CDD61B0400CE8D6768EC084C59C63079) (Version: 02/06/2008 9.12.18.0 - Intel)
Windows Driver Package - Intel Net  (06/13/2008 9.52.9.0) (HKLM\...\0CB233C04CEB3FB45CEDFFEA9146B77B4B783FDA) (Version: 06/13/2008 9.52.9.0 - Intel)
Windows Driver Package - Intel Net  (07/22/2008 10.3.45.0) (HKLM\...\D701F1A58CF3028E88DA512D1423EC3DD6D7BE86) (Version: 07/22/2008 10.3.45.0 - Intel)
Windows Driver Package - Intel Net  (08/05/2008 10.3.49.0) (HKLM\...\5CC5D940D9F4B779FAAF12E7F75A212618ABEB7D) (Version: 08/05/2008 10.3.49.0 - Intel)
Windows Driver Package - Intel Net  (11/07/2007 8.10.1.0) (HKLM\...\01D845C666B4FC04566E16B923F638B2A404807C) (Version: 11/07/2007 8.10.1.0 - Intel)
Windows Driver Package - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Driver Package - Marvell (yukonx64) Net  (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-01-2015 20:11:26 Windows Update
13-01-2015 16:52:55 Windows Update
13-01-2015 22:07:10 Windows Update
21-01-2015 16:22:07 Windows Update
25-01-2015 16:45:17 Windows Update
30-01-2015 20:35:32 Windows Update
03-02-2015 17:23:37 Windows Update
08-02-2015 20:24:04 Windows Update
11-02-2015 03:00:27 Windows Update
11-02-2015 21:10:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14EBDEC9-AD1D-4036-9389-00E50453E397} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24A22043-5944-4B00-849E-75D50A709AB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)

==================== Loaded Modules (whitelisted) ==============

2010-11-11 19:01 - 2010-11-11 19:01 - 00223544 _____ () C:\Windows\system32\AppleOSSMgr.exe
2015-01-01 14:49 - 2014-11-26 08:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-27 21:15 - 2014-08-27 21:15 - 00718152 _____ () C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\36.0.1985.143\libglesv2.dll
2014-08-27 21:15 - 2014-08-27 21:15 - 00126280 _____ () C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\36.0.1985.143\libegl.dll
2014-08-27 21:15 - 2014-08-27 21:15 - 08537928 _____ () C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\36.0.1985.143\pdf.dll
2014-08-27 21:15 - 2014-08-27 21:15 - 00353096 _____ () C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-27 21:15 - 2014-08-27 21:15 - 01732936 _____ () C:\Users\Sean\AppData\LocalLow\ProviderWireless\VolunteerInfinity\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1663E41B
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 68.238.64.12

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1891279171-1326999520-3759395819-500 - Administrator - Disabled)
Guest (S-1-5-21-1891279171-1326999520-3759395819-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1891279171-1326999520-3759395819-1002 - Limited - Enabled)
Pillowpunch (S-1-5-21-1891279171-1326999520-3759395819-1003 - Administrator - Enabled) => C:\Users\Pillowpunch
Sean (S-1-5-21-1891279171-1326999520-3759395819-1001 - Administrator - Enabled) => C:\Users\Sean

==================== Faulty Device Manager Devices =============

Name: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B36
Description: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B36
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B3B
Description: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B3B
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Logitech_WmVirHid01
Description: Logitech_WmVirHid01
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech_WmVirHid02
Description: Logitech_WmVirHid02
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/14/2015 07:31:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2476) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000A9.log.


System errors:
=============
Error: (02/14/2015 07:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/14/2015 07:31:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/14/2015 06:06:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:05:15 PM on ‎2/‎14/‎2015 was unexpected.

Error: (02/13/2015 06:47:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:15:21 PM on ‎2/‎13/‎2015 was unexpected.

Error: (02/11/2015 03:01:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB3031432).

Error: (02/10/2015 09:29:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/10/2015 06:57:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:56:03 PM on ‎2/‎10/‎2015 was unexpected.

Error: (02/02/2015 09:12:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:38:21 PM on ‎2/‎1/‎2015 was unexpected.

Error: (02/01/2015 09:05:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/22/2015 08:20:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:00:49 PM on ‎1/‎21/‎2015 was unexpected.


Microsoft Office Sessions:
=========================
Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (02/14/2015 07:31:26 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description:
Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/14/2015 07:31:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows2476Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000A9.log-1811


==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 45%
Total physical RAM: 4021.98 MB
Available physical RAM: 2179.66 MB
Total Pagefile: 8042.15 MB
Available Pagefile: 5531.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:186.13 GB) (Free:107.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Macintosh HD) (Fixed) (Total:744.58 GB) (Free:581.17 GB) HFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 829AD19D)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=744.6 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=186.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:05 PM

Posted 15 February 2015 - 12:39 AM

Hello optionsmom, welcome to Bleeping Computer's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 

======================================================
 
Please consider the following suggestion, and proceed with the instructions below.
 

goGMWSt.gifNo Anti-Virus Installed
 
------------------------------
 
Connecting to the Internet without an Anti-Virus is a risk to you, and to everyone as well. Your computer is susceptible to malware infections involving Botnets and Zombie Computers . Using Anti-Virus software will help minimize the risk and help prevent your computer from being used to pass on infections to other machines. When infected and compromised, malware spreads faster and more extensively, distributed denial-of-service (DDoS) attacks are easier to launch, spammers have more platforms from which to send E-mails and more zombies are created to perpetuate the cycle.
 
Nowadays, a multi-layed approach to security that incorporates Anti-Virus software is required to protect your computer from the latest threats. Many of attackers today employ advanced techniques which involve sophisticated Backdoor Trojans and Rootkits to hide their presence on a computer. Without an Anti-Virus, your computer is not only more susceptible to infection, but also means you are less likely to realise your computer is infected - sometimes the only symptom is an alert from your Anti-Virus. Please refer to the following articles for more information.

Please download and install ONE of the Anti-Virus' listed below. For a paid solution, my choice of Anti-Virus is ESET NOD32, and for a free solution, my choice of Anti-Virus is avast!. Please be aware that there is no universal "one size fits all" solution that works for everyone and there is no single best anti-virus. What works for one person may not work for another.

 
Ensure your work is saved before running the script in STEP 1.

 

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint:
    CloseProcessess:
    C:\Users\Sean\AppData\LocalLow\ProviderWireless
    HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\...\Run: [ValidatorNoteworthy] => C:\Windows\system32\rundll32.exe "C:\Users\Sean\AppData\Local\ValidatorNoteworthy\ValidatorNoteworthy.dll",DllRegisterServer <===== ATTENTION
    C:\Users\Sean\AppData\Local\ValidatorNoteworthy
    AlternateDataStreams: C:\ProgramData\TEMP:1663E41B
    AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
    Folder: C:\Users\Sean\AppData
    EmptyTemp:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. This log will be very large. Ensure you attach the file in your next reply or upload to my channel.
     

STEP 2
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 
 
STEP 3
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================

STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • AdwCleaner[S0].txt
  • ESET log

Edited by LiquidTension, 15 February 2015 - 12:39 AM.

Posted Image

#3 optionsmom

optionsmom
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Southern California
  • Local time:06:05 AM

Posted 16 February 2015 - 01:13 PM

 Hi Adam, thanks so much for helping with our computer. I'm Donna and I followed your steps and installed Avast.

The Fixlog file was too big to attach so I zipped it. :hello:

Thanks again...

 

Attached Files



#4 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:05 PM

Posted 17 February 2015 - 03:21 AM

Hi Donna, 
 
Thank you for the logs. 
Please do the following:
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint:
    C:\Users\Sean\Downloads\ccsetup502.exe
    C:\Windows\System32\Adobe\Shockwave 12\gt.exe
    C:\Windows\System32\Macromed\Shockwave 10\gt.exe
    C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe
    C:\Windows\SysWOW64\Macromed\Shockwave 10\gt.exe
    C:\Users\Sean\AppData\LocalLow\ReceiverPale
    C:\Users\Sean\AppData\LocalLow\ValidatorVoice
    EmptyTemp: 
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • FRST.txt
  • Addition.txt

Posted Image

#5 optionsmom

optionsmom
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Southern California
  • Local time:06:05 AM

Posted 17 February 2015 - 03:58 PM

Thanks again for responding. Here is the Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Sean at 2015-02-17 12:48:14 Run:2
Running from C:\Users\Sean\Desktop
Loaded Profiles: Sean (Available profiles: Sean & Pillowpunch)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CreateRestorePoint:
C:\Users\Sean\Downloads\ccsetup502.exe
C:\Windows\System32\Adobe\Shockwave 12\gt.exe
C:\Windows\System32\Macromed\Shockwave 10\gt.exe
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe
C:\Windows\SysWOW64\Macromed\Shockwave 10\gt.exe
C:\Users\Sean\AppData\LocalLow\ReceiverPale
C:\Users\Sean\AppData\LocalLow\ValidatorVoice
EmptyTemp:
end
*****************

Restore point was successfully created.
C:\Users\Sean\Downloads\ccsetup502.exe => Moved successfully.
"C:\Windows\System32\Adobe\Shockwave 12\gt.exe" => File/Directory not found.
"C:\Windows\System32\Macromed\Shockwave 10\gt.exe" => File/Directory not found.
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe => Moved successfully.
C:\Windows\SysWOW64\Macromed\Shockwave 10\gt.exe => Moved successfully.
C:\Users\Sean\AppData\LocalLow\ReceiverPale => Moved successfully.
C:\Users\Sean\AppData\LocalLow\ValidatorVoice => Moved successfully.
EmptyTemp: => Removed 664 MB temporary data.


The system needed a reboot.

==== End of Fixlog 12:48:35 ====

 

Here is the FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Sean (administrator) on PC on 17-02-2015 12:51:59
Running from C:\Users\Sean\Desktop
Loaded Profiles: Sean (Available profiles: Sean & Pillowpunch)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [740152 2010-11-11] (Apple Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-15] (AVAST Software)
HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.64.12

FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\82v022g2.default
FF DefaultSearchEngine: Google
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-15]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [223544 2010-11-11] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-15] (Avast Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-26] (Electronic Arts)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [51712 2010-09-17] (Apple Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-15] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 12:51 - 2015-02-17 12:51 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-51-37.088-AvastVBoxSVC.exe-3168.log
2015-02-17 12:33 - 2015-01-08 19:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 12:33 - 2015-01-08 19:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 12:33 - 2015-01-08 19:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 12:33 - 2015-01-08 18:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-17 12:28 - 2015-02-17 12:29 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-28-47.076-AvastVBoxSVC.exe-2132.log
2015-02-16 10:21 - 2015-02-16 10:21 - 00000197 _____ () C:\Windows\system32\2015-02-16-18-21-52.056-AvastVBoxSVC.exe-3520.log
2015-02-15 23:40 - 2015-02-15 23:40 - 00094939 _____ () C:\Users\Sean\Desktop\Fixlog.zip
2015-02-15 23:21 - 2015-02-15 23:21 - 00000544 _____ () C:\Users\Sean\Desktop\MyEsetScan.txt
2015-02-15 12:27 - 2015-02-15 12:27 - 02347384 _____ (ESET) C:\Users\Sean\Downloads\esetsmartinstaller_enu.exe
2015-02-15 12:27 - 2015-02-15 12:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-15 12:21 - 2015-02-15 12:21 - 00000197 _____ () C:\Windows\system32\2015-02-15-20-21-56.088-AvastVBoxSVC.exe-2260.log
2015-02-15 12:11 - 2015-02-15 12:11 - 00000197 _____ () C:\Windows\system32\2015-02-15-20-11-46.057-AvastVBoxSVC.exe-2372.log
2015-02-15 12:08 - 2015-02-15 12:08 - 00000810 _____ () C:\Users\Sean\Desktop\AdwCleaner[S0].txt
2015-02-15 12:04 - 2015-02-15 12:21 - 00000000 ____D () C:\AdwCleaner
2015-02-15 12:04 - 2015-02-15 12:04 - 02112512 _____ () C:\Users\Sean\Downloads\AdwCleaner.exe
2015-02-15 11:53 - 2015-02-15 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-15-19-53-43.090-AvastVBoxSVC.exe-2144.log
2015-02-15 11:47 - 2015-02-15 11:47 - 00000247 _____ () C:\Windows\system32\2015-02-15-19-47-37.045-aswFe.exe-4448.log
2015-02-15 11:46 - 2015-02-15 11:46 - 00000000 ____D () C:\Users\Sean\Desktop\FRST-OlderVersion
2015-02-15 11:44 - 2015-02-15 11:47 - 00000247 _____ () C:\Windows\system32\2015-02-15-19-44-00.042-aswFe.exe-1276.log
2015-02-15 11:43 - 2015-02-15 11:43 - 00000197 _____ () C:\Windows\system32\2015-02-15-19-43-53.030-AvastVBoxSVC.exe-4192.log
2015-02-15 11:33 - 2015-02-15 11:33 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVAST Software
2015-02-15 11:31 - 2015-02-15 11:32 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-15 11:31 - 2015-02-15 11:32 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-15 11:31 - 2015-02-15 11:31 - 00001972 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-15 11:31 - 2015-02-15 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-15 11:30 - 2015-02-17 12:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-15 11:30 - 2015-02-15 11:30 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-15 11:30 - 2015-02-15 11:30 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-15 11:30 - 2015-02-15 11:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-15 11:30 - 2015-02-15 11:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-15 11:29 - 2015-02-15 11:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-15 11:28 - 2015-02-15 11:28 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-15 11:27 - 2015-02-15 11:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-15 11:26 - 2015-02-15 11:27 - 05006864 _____ (AVAST Software) C:\Users\Sean\Downloads\avast_free_antivirus_setup_online.exe
2015-02-14 20:26 - 2015-02-14 20:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-14 20:20 - 2015-02-14 20:20 - 00024181 _____ () C:\Users\Sean\Desktop\Addition.txt
2015-02-14 20:19 - 2015-02-17 12:52 - 00007887 _____ () C:\Users\Sean\Desktop\FRST.txt
2015-02-14 20:19 - 2015-02-17 12:52 - 00000000 ____D () C:\FRST
2015-02-14 20:18 - 2015-02-15 11:46 - 02085888 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
2015-02-14 19:29 - 2015-02-17 12:49 - 00000448 _____ () C:\Windows\setupact.log
2015-02-14 19:29 - 2015-02-15 11:51 - 00001536 _____ () C:\Windows\PFRO.log
2015-02-14 19:29 - 2015-02-14 19:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 19:15 - 2015-02-17 12:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-14 19:14 - 2015-02-14 19:14 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-14 19:14 - 2015-02-14 19:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-14 19:14 - 2015-02-14 19:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-14 19:14 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-14 19:14 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-14 19:14 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-14 19:13 - 2015-02-14 19:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sean\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-14 18:32 - 2015-02-14 18:32 - 209010648 _____ () C:\Users\Sean\Downloads\RegBackup.reg
2015-02-14 18:29 - 2015-02-14 18:30 - 00146764 _____ () C:\Users\Sean\Desktop\remove.reg.htm
2015-02-14 18:20 - 2015-02-14 18:20 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-14 18:20 - 2015-02-14 18:20 - 00000830 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-14 18:20 - 2015-02-14 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-14 18:20 - 2015-02-14 18:20 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-11 17:46 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 17:46 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 17:46 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 17:46 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 19:12 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 19:12 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 19:12 - 2014-10-03 18:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 19:12 - 2014-10-03 17:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 19:12 - 2014-10-03 17:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 19:11 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 19:11 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 19:11 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 19:11 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 19:11 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 19:11 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 19:09 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-10 19:09 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 19:09 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-10 19:08 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 19:08 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 19:08 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 19:07 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 19:07 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 19:07 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 19:07 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 19:07 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 19:07 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 19:07 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 19:07 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 19:07 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 19:07 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 19:07 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 19:07 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 19:07 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 19:07 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 19:07 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 19:07 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 19:07 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 19:07 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 19:07 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 19:07 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 19:07 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 19:07 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 19:07 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 19:07 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 19:07 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 19:07 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 19:07 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 19:07 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 19:07 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 19:07 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 19:07 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 19:07 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 19:07 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 19:07 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 19:07 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 19:07 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 19:07 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 19:07 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 19:07 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 19:07 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 19:07 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 19:07 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 19:07 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 19:07 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 19:07 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 19:07 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 19:07 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 19:07 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 19:06 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 19:06 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 19:05 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 19:05 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 19:05 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 19:05 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 19:05 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 19:05 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 19:05 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 19:05 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 19:05 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 19:05 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 19:05 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 19:05 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 19:05 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 19:05 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 19:05 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 19:05 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 19:04 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 19:04 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 19:04 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 19:04 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 19:04 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 19:04 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 19:04 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 19:01 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 19:01 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 18:54 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-03 17:32 - 2015-02-03 17:32 - 00000000 ____D () C:\Users\Sean\Documents\Freemake

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 12:49 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 12:48 - 2013-05-19 17:25 - 01484701 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 12:48 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2015-02-17 12:44 - 2013-08-18 08:19 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-17 12:35 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 12:35 - 2009-07-13 20:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 13:14 - 2013-05-19 19:53 - 00000000 ____D () C:\ProgramData\Origin
2015-02-16 10:23 - 2013-05-19 20:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-15 11:51 - 2015-01-01 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 18:34 - 2013-09-05 07:37 - 00000000 ____D () C:\Users\Sean\AppData\Local\Google
2015-02-14 18:22 - 2013-05-20 18:32 - 00000000 ____D () C:\Windows\Minidump
2015-02-14 18:22 - 2013-05-20 01:15 - 00000000 ____D () C:\Windows\Panther
2015-02-14 17:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 03:24 - 2009-07-13 20:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:22 - 2014-12-10 19:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 03:22 - 2014-05-11 07:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-03 17:32 - 2014-02-15 09:03 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-29 17:49 - 2013-06-04 12:36 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-08-19 06:43 - 2014-08-19 06:43 - 0000000 _____ () C:\Users\Sean\AppData\Local\{3147BF26-4E2A-4D72-B194-3D907B3126AC}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-14 16:50

==================== End Of Log ============================

 

Here is the Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Sean at 2015-02-17 12:52:42
Running from C:\Users\Sean\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Aiseesoft DVD Creator 5.1.16 (HKLM-x32\...\{094BCE17-69CE-45ce-A131-F674CE996B3F}_is1) (Version:  - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.6 - )
Boot Camp Services (HKLM\...\{B2B7054B-EC2E-4E96-8666-FD6ED77678B2}) (Version: 3.2.0 - Apple Inc.)
Bus Driver (HKLM-x32\...\BFG-Bus Driver) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.0.10.69 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net  (01/11/2008 3.10.3.9) (HKLM\...\C840EA8E99FB237CC57769BB041F070E4F370C32) (Version: 01/11/2008 3.10.3.9 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\2CD6536AAFFF9B465A871060CF483EC9F3341D29) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (03/01/2010 3.1.0.3) (HKLM\...\72B627097B72F7023F412161DFA6B3CF03E4E42B) (Version: 03/01/2010 3.1.0.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\70C7CBB0824BF74552A2F28F5FFBF62A15053DA8) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (03/24/2010 3.1.0.3) (HKLM\...\928D27B46C93CC78C6A130F0708335AAF4894DB0) (Version: 03/24/2010 3.1.0.3 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (02/11/2010 3.1.0.0) (HKLM\...\E8951DD23B8C356DA6C1428CA872050C5AD70DAF) (Version: 02/11/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (10/05/2010 3.2.0.1) (HKLM\...\C6E8C9058AE1580C038DC5F715B0D4969F617CEF) (Version: 10/05/2010 3.2.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (02/11/2010 3.1.0.0) (HKLM\...\285BA6738DB5393199CA6BC5837BAED53E8BA625) (Version: 02/11/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (10/05/2010 3.2.0.1) (HKLM\...\6F4B26C960BC665E637C424F12C4E8FF3ADF0C54) (Version: 10/05/2010 3.2.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) (HKLM\...\91F52A595A7B2112937CED490A8C682CD03F945E) (Version: 01/17/2008 2.0.2.2 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) (HKLM\...\A0A897639A1D288A8B472FE790EBF9DB71E52ACF) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) (HKLM\...\76830D11874044260C923425E7F5A72F25EDA758) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) (HKLM\...\B3F27F12C500003EFE44A668CE685DE4B46A735C) (Version: 11/30/2009 3.0.0.6 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (04/12/2010 3.1.0.5) (HKLM\...\A46476509EEBF9339F8D09C9507024E1093D4FA7) (Version: 04/12/2010 3.1.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7) (HKLM\...\2F702E803208BBC067CA18B3DCC9FC2CFDAE56E6) (Version: 08/24/2010 3.1.0.7 - Apple Inc.)
Windows Driver Package - Apple Inc. System  (08/22/2008 2.1.1.1) (HKLM\...\F5E7472CCD6B3C1A568AEE4486C4BA0813A7D7AC) (Version: 08/22/2008 2.1.1.1 - Apple Inc.)
Windows Driver Package - Atheros Communications Inc. (athr) Net  (11/18/2009 8.0.0.258) (HKLM\...\E5AEAAF07505D71E430CCA10496FAE61597B81A2) (Version: 11/18/2009 8.0.0.258 - Atheros Communications Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net  (02/09/2010 14.0.0.7) (HKLM\...\E92A2345EDF3FC39429C89D37FAF28AA7BAFF288) (Version: 02/09/2010 14.0.0.7 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net  (08/21/2009 5.60.18.8) (HKLM\...\E9575EA5D430B59D0CFF29323C74D0FBA1898F3B) (Version: 08/21/2009 5.60.18.8 - Broadcom)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (04/28/2010 6.6001.1.25) (HKLM\...\16E9B4B4A3817C38179BF7D6E12774E0432FD558) (Version: 04/28/2010 6.6001.1.25 - Cirrus Logic, Inc.)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (08/16/2010 6.6001.1.26) (HKLM\...\680D5EED614F3F01A9AD4547E9D81CFE9B0E4902) (Version: 08/16/2010 6.6001.1.26 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net  (02/06/2008 9.12.17.0) (HKLM\...\294FF9FB7AF744F64B12EC12F83D8661CD9AD532) (Version: 02/06/2008 9.12.17.0 - Intel)
Windows Driver Package - Intel (E1G60) Net  (01/08/2008 8.3.9.0) (HKLM\...\3A8900CC8E77F2BF2269FEFF364561BDF86B9F27) (Version: 01/08/2008 8.3.9.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net  (07/22/2008 10.3.45.0) (HKLM\...\1864DCF02A292C57953B91D537026F4F1CA60D91) (Version: 07/22/2008 10.3.45.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net  (08/05/2008 10.3.49.0) (HKLM\...\C9952C95B4A2ACCCBC684FC6E8182A3210DEDC13) (Version: 08/05/2008 10.3.49.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net  (07/16/2008 9.52.10.0) (HKLM\...\E43E2A40D22886250D739AEE91E9C7E9ABDD52DA) (Version: 07/16/2008 9.52.10.0 - Intel)
Windows Driver Package - Intel Net  (02/06/2008 9.12.18.0) (HKLM\...\269C8F82CDD61B0400CE8D6768EC084C59C63079) (Version: 02/06/2008 9.12.18.0 - Intel)
Windows Driver Package - Intel Net  (06/13/2008 9.52.9.0) (HKLM\...\0CB233C04CEB3FB45CEDFFEA9146B77B4B783FDA) (Version: 06/13/2008 9.52.9.0 - Intel)
Windows Driver Package - Intel Net  (07/22/2008 10.3.45.0) (HKLM\...\D701F1A58CF3028E88DA512D1423EC3DD6D7BE86) (Version: 07/22/2008 10.3.45.0 - Intel)
Windows Driver Package - Intel Net  (08/05/2008 10.3.49.0) (HKLM\...\5CC5D940D9F4B779FAAF12E7F75A212618ABEB7D) (Version: 08/05/2008 10.3.49.0 - Intel)
Windows Driver Package - Intel Net  (11/07/2007 8.10.1.0) (HKLM\...\01D845C666B4FC04566E16B923F638B2A404807C) (Version: 11/07/2007 8.10.1.0 - Intel)
Windows Driver Package - Intel System  (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Driver Package - Marvell (yukonx64) Net  (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-01-2015 16:52:55 Windows Update
13-01-2015 22:07:10 Windows Update
21-01-2015 16:22:07 Windows Update
25-01-2015 16:45:17 Windows Update
30-01-2015 20:35:32 Windows Update
03-02-2015 17:23:37 Windows Update
08-02-2015 20:24:04 Windows Update
11-02-2015 03:00:27 Windows Update
11-02-2015 21:10:28 Windows Update
15-02-2015 11:27:53 avast! antivirus system restore point
15-02-2015 11:47:43 Restore Point Created by FRST
17-02-2015 12:34:34 Windows Update
17-02-2015 12:42:11 Windows Update
17-02-2015 12:48:15 Restore Point Created by FRST

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F3DCB05-CFE8-4955-96FC-A3326EBEC26B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-15] (AVAST Software)
Task: {14EBDEC9-AD1D-4036-9389-00E50453E397} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24A22043-5944-4B00-849E-75D50A709AB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)

==================== Loaded Modules (whitelisted) ==============

2010-11-11 19:01 - 2010-11-11 19:01 - 00223544 _____ () C:\Windows\system32\AppleOSSMgr.exe
2015-02-15 11:29 - 2015-02-15 11:29 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-15 11:29 - 2015-02-15 11:29 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-17 12:28 - 2015-02-17 12:28 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021701\algo.dll
2015-02-15 11:29 - 2015-02-15 11:29 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-17 12:50 - 2015-02-17 12:50 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021702\algo.dll
2015-02-15 11:29 - 2015-02-15 11:29 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1891279171-1326999520-3759395819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 68.238.64.12

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1891279171-1326999520-3759395819-500 - Administrator - Disabled)
Guest (S-1-5-21-1891279171-1326999520-3759395819-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1891279171-1326999520-3759395819-1002 - Limited - Enabled)
Pillowpunch (S-1-5-21-1891279171-1326999520-3759395819-1003 - Administrator - Enabled) => C:\Users\Pillowpunch
Sean (S-1-5-21-1891279171-1326999520-3759395819-1001 - Administrator - Enabled) => C:\Users\Sean

==================== Faulty Device Manager Devices =============

Name: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B36
Description: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B36
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B3B
Description: Intel® 5 Series/3400 Series Chipset Family USB Universal Host Controller - 3B3B
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Logitech_WmVirHid01
Description: Logitech_WmVirHid01
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech_WmVirHid02
Description: Logitech_WmVirHid02
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2015 00:45:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2015 10:25:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program fifa15.exe version 1.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d30

Start Time: 01d04a15d8ee701c

Termination Time: 1298

Application Path: C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe

Report Id: 2003ee8c-b609-11e4-8cca-78ca39c2bded

Error: (02/16/2015 10:17:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Exception code: 0xc0000005
Fault offset: 0x0000000003bffda5
Faulting process id: 0x73c
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3

Error: (02/15/2015 11:41:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 11:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 11:41:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 00:27:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 00:27:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 00:27:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/15/2015 00:27:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/16/2015 10:16:25 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/16/2015 10:16:25 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/16/2015 10:16:24 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/16/2015 10:16:18 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/16/2015 10:16:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswRvrt
aswSnx
aswSP
aswVmm
discache
spldr
Wanarpv6

Error: (02/16/2015 10:07:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (02/15/2015 02:52:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (02/15/2015 10:53:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (02/14/2015 08:49:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (02/14/2015 08:48:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (02/17/2015 00:45:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/16/2015 10:25:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: fifa15.exe1.4.0.0d3001d04a15d8ee701c1298C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe2003ee8c-b609-11e4-8cca-78ca39c2bded

Error: (02/16/2015 10:17:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637fifa15.exe1.4.0.0545d6637c00000050000000003bffda573c01d04a14c8680f53C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exeC:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe127c5a0c-b608-11e4-8337-c8bcc8a7742e

Error: (02/15/2015 11:41:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 11:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 11:41:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 00:27:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 00:27:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 00:27:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe

Error: (02/15/2015 00:27:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sean\Downloads\esetsmartinstaller_enu.exe


==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 36%
Total physical RAM: 4021.98 MB
Available physical RAM: 2545.94 MB
Total Pagefile: 8042.15 MB
Available Pagefile: 6406.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:186.13 GB) (Free:98.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Macintosh HD) (Fixed) (Total:744.58 GB) (Free:578.36 GB) HFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 829AD19D)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=744.6 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=186.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Best regards,

Donna



#6 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:05 PM

Posted 18 February 2015 - 05:38 AM

Hi Donna, 

 

Do you have any outstanding issues or concerns with your computer?


Posted Image

#7 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:05 PM

Posted 23 February 2015 - 12:21 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users