Go Daddy cert not valid.

[gposter]

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz, Intel64 Family 6 Model 30 Stepping 5
Processor Count: 8
RAM: 4084 Mb
Graphics Card: NVIDIA GeForce GTX 460M, 1536 Mb
Hard Drives: C: Total - 463819 MB, Free - 373230 MB;
Motherboard: TOSHIBA, Qosmio X505-Q894
Antivirus: avast! Antivirus, Updated and Enabled

I keep getting a popup message about redirecting to a website that does not have a valid certificate, do i still want to proceed. This happens even when there is nothing else open on my computer. My computer had blue screened twice, done a check disk for errors spontaneously and can't successfully restore a previous windows restore point... although i think the windows restore issue is not related. I've had that issue since I bought the computer and even when it was put in for warranty for the issue it still couldn't update windows when they gave it back to me >.< I've backed up all my data. Thanks in advance for the assistance!

 

[gposter]

Bump. Please and Thank you

 

[askey127]

Hi gposter,
Let's get to the bottom of this.
-----------------------------------------------------------
Run the MGA Diagnostic Tool
Download MGA Diagnostic Tool to your Desktop.

• Double click MGADiag.exe to launch the program.
• Click Continue and let the scan run.
• When finished it will have created a log.
• Click Copy.
• Next open Notepad.
  • Click Start > Run type Notepad click OK.
  • This will open an empty Notepad file.
  • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
  • Save the file to your Desktop.
• Close MGA Diagnostic Tool.
• Copy/Paste the Notepad log you just made in your next reply please.

-----------------------------------------------------------
Download and Run the Farbar Scan Tool

• Download FRST64 and save to your Desktop.
  
• Double click Frst64.exe to launch it.
• FRST64 will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.

If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

askey127

 

[gposter]

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-4F8HK-M4P73-W8DQG
Windows Product Key Hash: Xs1iQgVeo0C+sObJxS7eu+FuBPQ=
Windows Product ID: 00359-OEM-8992687-00057
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {652B0DF6-6E4D-4870-94F0-83154D764281}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.150113-1808
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{652B0DF6-6E4D-4870-94F0-83154D764281}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-W8DQG</PKey><PID>00359-OEM-8992687-00057</PID><PIDType>2</PIDType><SID>S-1-5-21-2744622841-2444319950-4175525256</SID><SYSTEM><Manufacturer>TOSHIBA</Manufacturer><Model>Qosmio X505-Q894</Model></SYSTEM><BIOS><Manufacturer>TOSHIBA</Manufacturer><Version>V2.90 </Version><SMBIOSVersion major="2" minor="6"/><Date>20101210000000.000000+000</Date></BIOS><HWID>53A13707018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>TOSQCI</OEMID><OEMTableID>TOSQCI00</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800057-02-1033-7600.0000-2342010
Installation ID: 019373180474550851278703198262630192759385532043689682
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: W8DQG
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 2/20/2015 5:24:33 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:6:2014 18:17
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: MAAAAAEAAQABAAEAAgABAAAAAgABAAEA6GGg8PKqkkG0/doikk3omf60Wne0nXZW

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC PTLTD APIC
FACP INTEL CALPELLA
HPET INTEL CALPELLA
BOOT PTLTD $SBFTBL$
MCFG INTEL CALPELLA
SLIC TOSQCI TOSQCI00
DMAR INTEL CP_FIELD
SSDT PmRef CpuPm

 

[gposter]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Claudia (administrator) on CLAUDIA-PC on 20-02-2015 17:28:24
Running from C:\Users\Claudia\Desktop
Loaded Profiles: Claudia (Available profiles: Claudia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
(Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
(Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1810728 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-07-22] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-06-11] (Toshiba)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-06-02] (Toshiba)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1063632 2015-01-19] (Carbonite, Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Google Update] => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-19] (Google Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\RunOnce: [Adobe Speed Launcher] => 1424470767
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {054f1468-3a53-11e3-b8e4-e89a8f852d06} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {376d29a7-d0ae-11e2-b704-e89a8f852d06} - E:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {f1aa6be7-a479-11e2-8a4d-e89a8f852d06} - E:\setup.exe -a
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
SearchScopes: HKLM -> DefaultScope {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKLM-x32 -> DefaultScope {1383BC91-9D22-4728-A580-653E059CCE24} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {1383BC91-9D22-4728-A580-653E059CCE24} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKU\.DEFAULT -> DefaultScope {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
SearchScopes: HKU\.DEFAULT -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {1383BC91-9D22-4728-A580-653E059CCE24} URL =
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {96B67FC5-B84C-43A2-8E7D-835FFC172B9C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {A65C8359-ECEE-4F39-B976-EF17555F90A2} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Claudia\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @talk.google.com/O1DPlugin -> C:\Users\Claudia\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2744622841-2444319950-4175525256-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Claudia\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Claudia\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-19]
CHR Extension: (Google Search) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-19]
CHR Extension: (AdBlock) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-25]
CHR Extension: (http://www.runescape.com/game.ws?beta=true&j=) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\glgebdjlojgcilmndlcejlcigmngplkg [2012-08-18]
CHR Extension: (Google Wallet) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-14]
StartMenuInternet: Google Chrome - C:\Users\Claudia\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-07] (Avast Software)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-11-07] (Fitbit, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2015-01-27] (Verizon)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [103792 2010-01-28] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-18] (O2Micro )
S3 Tosrfcom; No ImagePath
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-07] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 17:28 - 2015-02-20 17:28 - 00022642 _____ () C:\Users\Claudia\Desktop\FRST.txt
2015-02-20 17:28 - 2015-02-20 17:28 - 00000000 ____D () C:\FRST
2015-02-20 17:27 - 2015-02-20 17:27 - 02086912 _____ (Farbar) C:\Users\Claudia\Desktop\FRST64.exe
2015-02-20 17:24 - 2015-02-20 17:24 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2015-02-20 17:24 - 2015-02-20 17:24 - 00000000 ____D () C:\MGADiagToolOutput
2015-02-20 17:23 - 2015-02-20 17:23 - 02031992 _____ (Microsoft Corporation) C:\Users\Claudia\Desktop\MGADiag.exe
2015-02-20 17:23 - 2015-02-20 17:23 - 00000197 _____ () C:\windows\system32\2015-02-20-22-23-27.037-AvastVBoxSVC.exe-2724.log
2015-02-20 15:50 - 2015-02-20 15:50 - 00000197 _____ () C:\windows\system32\2015-02-20-20-50-49.067-AvastVBoxSVC.exe-3572.log
2015-02-20 01:56 - 2015-02-20 01:56 - 00000247 _____ () C:\windows\system32\2015-02-20-06-56-01.015-aswFe.exe-6260.log
2015-02-20 01:45 - 2015-02-20 01:55 - 00000247 _____ () C:\windows\system32\2015-02-20-06-45-43.020-aswFe.exe-4708.log
2015-02-20 01:45 - 2015-02-20 01:45 - 00000197 _____ () C:\windows\system32\2015-02-20-06-45-39.017-AvastVBoxSVC.exe-4668.log
2015-02-19 13:39 - 2015-02-19 13:39 - 00000197 _____ () C:\windows\system32\2015-02-19-18-39-49.021-AvastVBoxSVC.exe-5556.log
2015-02-18 19:55 - 2015-02-18 19:55 - 00000197 _____ () C:\windows\system32\2015-02-19-00-55-02.092-AvastVBoxSVC.exe-3628.log
2015-02-18 11:00 - 2015-02-18 11:00 - 00000197 _____ () C:\windows\system32\2015-02-18-16-00-41.023-AvastVBoxSVC.exe-4412.log
2015-02-17 19:38 - 2015-02-17 19:38 - 00000197 _____ () C:\windows\system32\2015-02-18-00-38-28.067-AvastVBoxSVC.exe-4824.log
2015-02-17 13:49 - 2015-02-17 13:49 - 00000247 _____ () C:\windows\system32\2015-02-17-18-49-00.064-aswFe.exe-221496.log
2015-02-17 13:44 - 2015-02-17 13:48 - 00000247 _____ () C:\windows\system32\2015-02-17-18-44-05.049-aswFe.exe-108380.log
2015-02-17 13:44 - 2015-02-17 13:44 - 00000197 _____ () C:\windows\system32\2015-02-17-18-44-01.077-AvastVBoxSVC.exe-52416.log
2015-02-17 13:38 - 2015-02-17 13:38 - 00000197 _____ () C:\windows\system32\2015-02-17-18-38-23.081-AvastVBoxSVC.exe-32564.log
2015-02-15 11:23 - 2015-02-15 11:24 - 00000197 _____ () C:\windows\system32\2015-02-15-16-23-48.091-AvastVBoxSVC.exe-4672.log
2015-02-14 20:29 - 2015-02-14 20:29 - 00000197 _____ () C:\windows\system32\2015-02-15-01-29-25.095-AvastVBoxSVC.exe-4972.log
2015-02-14 11:23 - 2015-02-14 11:24 - 00000197 _____ () C:\windows\system32\2015-02-14-16-23-46.002-AvastVBoxSVC.exe-1876.log
2015-02-14 03:47 - 2015-02-14 03:47 - 00000197 _____ () C:\windows\system32\2015-02-14-08-47-44.080-AvastVBoxSVC.exe-4856.log
2015-02-13 18:34 - 2015-02-13 18:34 - 00000197 _____ () C:\windows\system32\2015-02-13-23-34-58.037-AvastVBoxSVC.exe-5732.log
2015-02-13 13:27 - 2015-02-13 13:27 - 00509440 _____ (Tech Support Guy System) C:\Users\Claudia\Downloads\SysInfo.exe
2015-02-13 13:04 - 2015-02-13 13:04 - 00000197 _____ () C:\windows\system32\2015-02-13-18-04-48.073-AvastVBoxSVC.exe-5112.log
2015-02-13 11:41 - 2015-02-13 11:41 - 00000197 _____ () C:\windows\system32\2015-02-13-16-41-34.048-AvastVBoxSVC.exe-5152.log
2015-02-12 15:15 - 2015-02-12 15:15 - 00000197 _____ () C:\windows\system32\2015-02-12-20-15-02.052-AvastVBoxSVC.exe-4680.log
2015-02-12 14:45 - 2015-02-12 14:45 - 00000197 _____ () C:\windows\system32\2015-02-12-19-45-42.063-AvastVBoxSVC.exe-4652.log
2015-02-12 12:50 - 2015-02-12 12:50 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\GeoGebra 5.0
2015-02-12 11:48 - 2015-02-12 11:48 - 00000247 _____ () C:\windows\system32\2015-02-12-16-48-25.037-aswFe.exe-5532.log
2015-02-12 11:42 - 2015-02-12 11:48 - 00000247 _____ () C:\windows\system32\2015-02-12-16-42-30.086-aswFe.exe-5988.log
2015-02-12 11:42 - 2015-02-12 11:42 - 00000197 _____ () C:\windows\system32\2015-02-12-16-42-27.013-AvastVBoxSVC.exe-2784.log
2015-02-12 11:36 - 2015-02-12 11:36 - 00000197 _____ () C:\windows\system32\2015-02-12-16-36-42.068-AvastVBoxSVC.exe-4608.log
2015-02-12 10:21 - 2015-02-12 10:21 - 00000197 _____ () C:\windows\system32\2015-02-12-15-21-16.063-AvastVBoxSVC.exe-5116.log
2015-02-12 09:04 - 2015-02-12 09:04 - 00000197 _____ () C:\windows\system32\2015-02-12-14-04-50.097-AvastVBoxSVC.exe-1216.log
2015-02-11 20:01 - 2015-02-11 20:01 - 00000197 _____ () C:\windows\system32\2015-02-12-01-01-32.061-AvastVBoxSVC.exe-4160.log
2015-02-11 16:29 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-11 16:29 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-11 16:29 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-11 16:29 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 13:41 - 2015-02-11 13:41 - 00000197 _____ () C:\windows\system32\2015-02-11-18-41-15.019-AvastVBoxSVC.exe-3344.log
2015-02-11 03:23 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 03:23 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 03:23 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 03:23 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 03:23 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 03:23 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 03:23 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 03:23 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 03:22 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 03:22 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 03:22 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 03:22 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 03:22 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 03:22 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 03:22 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 03:22 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 03:22 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 03:22 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 03:22 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 03:22 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 03:22 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 03:22 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 03:22 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 03:22 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 03:22 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 03:22 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 03:22 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 03:22 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 03:22 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 03:22 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 03:22 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 03:22 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 03:22 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 03:21 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 03:21 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 03:21 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 03:21 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 03:21 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 03:21 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 03:21 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 03:21 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 03:21 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 03:21 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 03:21 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 03:21 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 03:21 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 03:21 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 03:21 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 03:21 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 03:21 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 03:21 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 03:21 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 03:21 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 03:21 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 03:21 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 03:21 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 03:21 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 03:21 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 03:21 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 03:21 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 03:20 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 03:20 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 03:20 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 03:20 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 03:20 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 03:20 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 03:20 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 03:20 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 03:20 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 03:20 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 03:20 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 03:20 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 03:20 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 03:20 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 03:20 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 03:20 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 03:20 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 03:20 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 03:20 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 03:20 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 03:19 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-11 03:19 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 03:19 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 03:19 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 03:19 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 03:19 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 03:19 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 03:19 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-11 03:19 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-02-11 03:19 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-02-10 23:29 - 2015-02-10 23:29 - 00004152 _____ () C:\windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2015-02-10 23:29 - 2015-02-10 23:29 - 00002147 _____ () C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\ProgramData\Carbonite
2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\Program Files\Carbonite
2015-02-10 23:29 - 2015-02-10 23:29 - 00000000 ____D () C:\Program Files (x86)\Carbonite
2015-02-10 20:17 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-10 20:17 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-10 20:17 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-10 20:16 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-10 20:16 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-10 20:16 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-10 20:16 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-10 20:13 - 2015-02-10 20:13 - 00000197 _____ () C:\windows\system32\2015-02-11-01-13-28.053-AvastVBoxSVC.exe-3432.log
2015-02-10 19:55 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-10 19:55 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-10 19:55 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-10 12:43 - 2015-02-10 19:31 - 00000000 ____D () C:\Users\Claudia\AppData\Local\AVG Web TuneUp
2015-02-10 12:43 - 2015-02-10 19:31 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\AVG2015
2015-02-10 12:34 - 2015-02-10 12:34 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\TuneUp Software
2015-02-10 12:32 - 2015-02-10 12:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-10 12:32 - 2015-02-10 12:32 - 00000000 ___HD () C:\$AVG
2015-02-10 12:27 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Avg2015
2015-02-10 12:27 - 2015-02-10 12:27 - 00000000 ____D () C:\Users\Claudia\AppData\Local\MFAData
2015-02-02 20:48 - 2015-02-02 20:48 - 00000197 _____ () C:\windows\system32\2015-02-03-01-48-28.040-AvastVBoxSVC.exe-4876.log
2015-02-01 08:56 - 2015-02-01 08:57 - 00000197 _____ () C:\windows\system32\2015-02-01-13-56-40.084-AvastVBoxSVC.exe-4884.log
2015-01-31 23:41 - 2015-01-31 23:41 - 00000197 _____ () C:\windows\system32\2015-02-01-04-41-10.094-AvastVBoxSVC.exe-4204.log
2015-01-31 18:30 - 2015-01-31 18:31 - 00000197 _____ () C:\windows\system32\2015-01-31-23-30-51.090-AvastVBoxSVC.exe-4192.log
2015-01-31 12:25 - 2015-01-31 12:25 - 00000197 _____ () C:\windows\system32\2015-01-31-17-25-24.015-AvastVBoxSVC.exe-4524.log
2015-01-30 22:56 - 2015-02-10 20:04 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Mozilla
2015-01-30 20:52 - 2015-01-30 20:52 - 00000197 _____ () C:\windows\system32\2015-01-31-01-52-39.024-AvastVBoxSVC.exe-4332.log
2015-01-30 13:44 - 2015-01-30 13:44 - 00000197 _____ () C:\windows\system32\2015-01-30-18-44-30.013-AvastVBoxSVC.exe-4848.log
2015-01-30 11:38 - 2015-01-30 11:38 - 00000197 _____ () C:\windows\system32\2015-01-30-16-38-38.047-AvastVBoxSVC.exe-5224.log
2015-01-30 11:00 - 2015-01-30 11:01 - 00000197 _____ () C:\windows\system32\2015-01-30-16-00-23.064-AvastVBoxSVC.exe-4868.log
2015-01-29 20:57 - 2015-01-29 20:58 - 00000197 _____ () C:\windows\system32\2015-01-30-01-57-58.035-AvastVBoxSVC.exe-4956.log
2015-01-29 14:34 - 2015-01-29 14:34 - 00000197 _____ () C:\windows\system32\2015-01-29-19-34-43.026-AvastVBoxSVC.exe-4600.log
2015-01-29 10:16 - 2015-01-29 10:16 - 00000197 _____ () C:\windows\system32\2015-01-29-15-16-16.098-AvastVBoxSVC.exe-4232.log
2015-01-28 14:55 - 2015-01-28 14:56 - 00000197 _____ () C:\windows\system32\2015-01-28-19-55-41.089-AvastVBoxSVC.exe-5036.log
2015-01-27 17:47 - 2015-01-27 17:47 - 00000197 _____ () C:\windows\system32\2015-01-27-22-47-28.020-AvastVBoxSVC.exe-3524.log
2015-01-26 19:29 - 2015-01-26 19:30 - 00000197 _____ () C:\windows\system32\2015-01-27-00-29-43.016-AvastVBoxSVC.exe-4768.log
2015-01-25 13:02 - 2015-01-25 13:03 - 00000197 _____ () C:\windows\system32\2015-01-25-18-02-49.040-AvastVBoxSVC.exe-5236.log
2015-01-24 21:07 - 2015-01-24 21:07 - 00000197 _____ () C:\windows\system32\2015-01-25-02-07-27.030-AvastVBoxSVC.exe-4660.log
2015-01-24 07:34 - 2015-01-24 07:35 - 00000197 _____ () C:\windows\system32\2015-01-24-12-34-32.038-AvastVBoxSVC.exe-4432.log
2015-01-23 23:32 - 2015-01-23 23:32 - 00000197 _____ () C:\windows\system32\2015-01-24-04-32-13.009-AvastVBoxSVC.exe-4740.log
2015-01-23 10:59 - 2015-01-23 10:59 - 00000197 _____ () C:\windows\system32\2015-01-23-15-59-13.066-AvastVBoxSVC.exe-4140.log
2015-01-22 14:31 - 2015-01-22 14:32 - 00000197 _____ () C:\windows\system32\2015-01-22-19-31-53.068-AvastVBoxSVC.exe-4324.log
2015-01-22 10:12 - 2015-01-22 10:13 - 00000197 _____ () C:\windows\system32\2015-01-22-15-12-58.071-AvastVBoxSVC.exe-4472.log
2015-01-22 09:26 - 2015-01-22 09:26 - 00000197 _____ () C:\windows\system32\2015-01-22-14-26-33.007-AvastVBoxSVC.exe-1336.log
2015-01-22 06:32 - 2015-01-22 06:32 - 00000197 _____ () C:\windows\system32\2015-01-22-11-32-28.065-AvastVBoxSVC.exe-4684.log
2015-01-21 15:12 - 2015-01-21 15:12 - 00000197 _____ () C:\windows\system32\2015-01-21-20-12-23.035-AvastVBoxSVC.exe-4540.log
2015-01-21 10:01 - 2015-01-21 10:01 - 00000197 _____ () C:\windows\system32\2015-01-21-15-01-50.017-AvastVBoxSVC.exe-4488.log
2015-01-21 06:36 - 2015-01-21 06:36 - 00000197 _____ () C:\windows\system32\2015-01-21-11-36-00.032-AvastVBoxSVC.exe-4300.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 17:25 - 2012-06-15 19:35 - 01451329 _____ () C:\windows\WindowsUpdate.log
2015-02-20 17:19 - 2012-11-17 05:15 - 00000000 ____D () C:\Temp
2015-02-20 17:19 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-20 17:18 - 2009-07-13 23:51 - 00141630 _____ () C:\windows\setupact.log
2015-02-20 16:20 - 2012-06-16 08:09 - 00000024 _____ () C:\Users\Claudia\random.dat
2015-02-20 16:08 - 2012-06-19 05:47 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA.job
2015-02-20 16:01 - 2013-03-13 17:37 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 15:59 - 2012-06-16 08:09 - 00000024 _____ () C:\Users\Claudia\jagexappletviewer.preferences
2015-02-20 15:58 - 2009-07-13 23:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 15:58 - 2009-07-13 23:45 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 15:49 - 2012-09-14 09:53 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-02-20 15:49 - 2012-06-16 08:09 - 00000046 _____ () C:\Users\Claudia\jagex_cl_runescape_LIVE.dat
2015-02-20 07:18 - 2012-06-16 08:13 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Skype
2015-02-20 02:13 - 2013-12-15 22:23 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\TS3Client
2015-02-20 01:32 - 2014-02-26 21:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-20 01:32 - 2012-06-16 08:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-19 22:42 - 2012-06-19 05:47 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core.job
2015-02-16 05:48 - 2014-03-12 22:02 - 00000000 ____D () C:\Users\Claudia\Documents\Recipes
2015-02-16 00:29 - 2013-04-04 18:37 - 00000047 _____ () C:\Users\Claudia\jagex_cl_runescape_LIVE1.dat
2015-02-14 22:32 - 2012-06-19 20:21 - 00000000 ____D () C:\Users\Claudia\Documents\RS
2015-02-12 15:56 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2015-02-12 10:30 - 2009-07-14 00:08 - 00032552 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-11 13:38 - 2009-07-13 23:45 - 00297432 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 04:50 - 2014-12-10 10:38 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 04:50 - 2014-05-06 21:47 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 03:09 - 2013-07-17 08:59 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 03:02 - 2012-06-15 17:49 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-10 23:18 - 2013-08-28 22:11 - 00000000 ____D () C:\Users\Claudia\Documents\Pathfinder
2015-02-10 22:48 - 2013-01-22 02:20 - 00000000 ____D () C:\Users\Claudia\Documents\Schoolwork
2015-02-10 22:47 - 2012-11-30 19:41 - 00000000 ____D () C:\Users\Claudia\Documents\LifeSkills
2015-02-10 22:01 - 2013-03-13 17:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-10 22:01 - 2013-03-13 17:37 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-10 22:01 - 2013-03-13 17:37 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-10 21:03 - 2012-06-19 05:47 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA
2015-02-10 21:03 - 2012-06-19 05:47 - 00003494 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core
2015-02-10 20:21 - 2014-05-14 00:00 - 00001128 _____ () C:\Users\Public\Desktop\Vz In-Home Agent.lnk
2015-02-10 20:11 - 2012-06-15 17:15 - 00000000 ____D () C:\Users\Claudia
2015-02-10 20:09 - 2013-03-13 17:37 - 00000000 ____D () C:\windows\system32\Macromed
2015-02-10 20:09 - 2010-08-23 03:32 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2015-02-10 20:09 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-02-10 20:08 - 2014-12-26 11:14 - 00000000 ____D () C:\ProgramData\FitbitConnect
2015-02-10 20:08 - 2014-12-26 11:14 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2015-02-10 20:08 - 2014-12-14 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-10 20:08 - 2013-08-30 18:10 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-02-10 20:08 - 2013-08-24 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vz In-Home Agent
2015-02-10 20:08 - 2012-06-19 05:48 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-10 20:08 - 2012-06-16 08:09 - 00000000 ____D () C:\.jagex_cache_32
2015-02-10 20:08 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
2015-02-10 20:08 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat
2015-02-10 20:04 - 2014-12-01 21:20 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Corel
2015-02-10 20:04 - 2014-10-06 21:41 - 00000000 ____D () C:\Users\Claudia\Desktop\OpenOffice 4.1.1 (en-US) Installation Files
2015-02-10 20:04 - 2014-09-23 15:39 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Dropbox
2015-02-10 20:04 - 2013-12-18 16:45 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Motorola Mobility
2015-02-10 20:04 - 2013-09-03 21:22 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\OpenOffice
2015-02-10 20:04 - 2013-08-25 13:24 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\Verizon
2015-02-10 20:04 - 2013-08-17 22:12 - 00000000 ____D () C:\Users\Claudia\Documents\Electronic Arts
2015-02-10 20:04 - 2013-04-04 18:37 - 00000000 ____D () C:\Users\Claudia\jagexcache1
2015-02-10 20:04 - 2012-09-23 08:47 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\.minecraft
2015-02-10 20:04 - 2012-06-16 08:07 - 00000000 ____D () C:\Users\Claudia\jagexcache
2015-02-10 20:03 - 2014-08-31 15:00 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Citrix
2015-02-10 20:03 - 2014-08-10 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
2015-02-10 20:03 - 2014-02-26 21:23 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Skype
2015-02-10 20:03 - 2013-12-18 16:45 - 00000000 ____D () C:\ProgramData\Motorola
2015-02-10 20:03 - 2013-10-16 15:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-10 20:03 - 2013-08-17 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
2015-02-10 20:03 - 2013-07-17 08:53 - 00000000 ____D () C:\Users\Claudia\AppData\Local\SupportSoft
2015-02-10 20:02 - 2013-12-18 16:42 - 00000000 ____D () C:\Program Files\Common Files\Motorola Shared
2015-02-10 20:02 - 2013-11-29 08:38 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-02-10 20:02 - 2013-09-15 21:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-10 20:02 - 2013-08-17 22:12 - 00000000 ____D () C:\ProgramData\EA Core
2015-02-10 20:02 - 2013-08-17 19:38 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-02-10 20:02 - 2012-09-14 09:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-10 20:01 - 2015-01-14 23:06 - 00000000 ____D () C:\Program Files (x86)\GeoGebra 5.0
2015-02-10 20:01 - 2014-10-21 15:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-10 20:01 - 2014-08-10 17:35 - 00000000 ____D () C:\Program Files (x86)\Maxis
2015-02-10 20:01 - 2014-05-21 07:41 - 00000000 ____D () C:\Program Files (x86)\GanttProject-2.6
2015-02-10 20:01 - 2013-12-18 16:44 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2015-02-10 20:01 - 2013-12-18 16:44 - 00000000 ____D () C:\Program Files (x86)\Motorola
2015-02-10 20:01 - 2013-12-15 22:23 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2015-02-10 20:01 - 2013-09-15 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-10 20:01 - 2013-09-03 21:20 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-02-10 20:01 - 2013-08-18 11:48 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-02-10 20:01 - 2013-08-17 19:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-10 20:01 - 2013-08-17 19:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-10 20:01 - 2013-07-17 08:53 - 00000000 ____D () C:\Program Files (x86)\Verizon
2015-02-10 20:01 - 2013-02-20 10:13 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-10 20:01 - 2012-09-14 09:53 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-10 19:31 - 2012-06-15 22:25 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-10 12:32 - 2012-06-15 22:28 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-24 14:52 - 2014-10-21 15:38 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-01-24 14:52 - 2014-10-21 15:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-01-24 14:52 - 2014-10-21 15:38 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-01-24 14:52 - 2014-10-21 15:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2012-06-19 05:44 - 2012-06-19 05:44 - 0034764 _____ () C:\Users\Claudia\AppData\Local\dt.dat
2014-12-01 20:36 - 2014-12-10 18:56 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Files to move or delete:
====================
C:\Users\Claudia\jagex_cl_runescape_LIVE.dat
C:\Users\Claudia\jagex_cl_runescape_LIVE1.dat
C:\Users\Claudia\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Claudia\random.dat


Some content of TEMP:
====================
C:\Users\Claudia\AppData\Local\Temp\avguidx.dll
C:\Users\Claudia\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Claudia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_e2tyd.dll
C:\Users\Claudia\AppData\Local\Temp\fwoqwd7w.dll
C:\Users\Claudia\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Claudia\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Claudia\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Claudia\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Claudia\AppData\Local\Temp\mk17rim1.dll
C:\Users\Claudia\AppData\Local\Temp\MotoCast_Installer_2.0405.exe
C:\Users\Claudia\AppData\Local\Temp\oi_{A68D9BA4-BB38-4CBA-9EA9-4B1158DF2BFF}.exe
C:\Users\Claudia\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Claudia\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Claudia\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 12:16

==================== End Of Log ============================

 

[gposter]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Claudia at 2015-02-20 17:29:31
Running from C:\Users\Claudia\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.16(T) - TOSHIBA CORPORATION)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.2 build 4667 (Jan-19-2015) - Carbonite)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO) (Version: 4.126.0.62 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.110 - Corel Inc.)
Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.1 - Dolby)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{E54705FB-98A6-4C03-B2DC-D8C3B5486DCD}) (Version: 2.0.0.6512 - Fitbit Inc.)
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.57.0 - International GeoGebra Institute)
Google Chrome (HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION)
HDMI Control Manager (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (x32 Version: 2.0 - TOSHIBA CORPORATION) Hidden
IHA_MessageCenter (HKLM-x32\...\{834265C4-CDF4-44D3-BD24-31531617EFB8}) (Version: 1.8.70 - Verizon)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
[email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5912 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{6408053B-4FC3-4087-BB58-68C220D02BA4}) (Version: 2.0.56 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.56 - O2Micro International LTD.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.7.3 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Sims Deluxe Edition (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version: - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.12-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.18.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.02.01.00 - )
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.1.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.02.01.00 - )
TOSHIBA USB Sleep and Charge Utility (HKLM-x32\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.4.0 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.40.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Verizon Activation (HKLM-x32\...\{92125850-CE9E-405F-8DC7-774DC36AE76C}_is1) (Version: - Verizon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.71.0 - Verizon)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.1.3 - WildTangent)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
WinASO Registry Optimizer 4.7.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version: - X.M.Y International LLC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Claudia\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Claudia\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

17-02-2015 19:59:26 Scheduled Checkpoint
17-02-2015 20:24:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {067410F4-4398-4168-BE7E-1A8D48C94D0B} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {2D0A50D8-C30B-4EA6-A38E-F0D88D79272B} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {5C64FBA6-2F4D-4F68-A770-FBF57ACC5304} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {5D71B1E6-0535-4F7C-9133-8E9043363B03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-10] (Adobe Systems Incorporated)
Task: {6E59D547-D8A3-4E3F-97F6-F9490AD39E65} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
Task: {7F701CC7-A354-4C4F-86A4-334365541ABC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {7FFCD880-F2AB-499E-ACAE-826402FCD255} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {8331DCA4-19C7-43AE-BA68-448F443BDF4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
Task: {B1F22ABC-E904-4CE6-B749-8FE9BB4F228D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-19] (Google Inc.)
Task: {C19C617E-BE3E-4B9C-80B7-8C3E7959F786} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {CEF9ACF7-4F63-4B10-8F10-C36F6AD3D4D3} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {ECAEEB97-EC00-4754-9B95-68CFAB107412} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001Core.job => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744622841-2444319950-4175525256-1001UA.job => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2009-10-18 17:20 - 2009-10-18 17:20 - 07959864 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 15:26 - 2009-11-03 15:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-08-23 03:27 - 2009-06-22 17:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 21:08 - 2009-03-12 21:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 19:38 - 2009-07-25 19:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-01-07 18:52 - 2010-01-07 18:52 - 00417592 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
2014-12-07 19:50 - 2014-12-07 19:50 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-07 19:50 - 2014-12-07 19:50 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2010-02-05 19:44 - 2010-02-05 19:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-02-20 15:49 - 2015-02-20 15:49 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15022001\algo.dll
2014-12-07 19:50 - 2014-12-07 19:50 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-28 12:22 - 2014-10-28 12:22 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2014-12-07 19:50 - 2014-12-07 19:50 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-02-19 14:09 - 2015-02-17 17:44 - 01117512 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 14:09 - 2015-02-17 17:44 - 00211272 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 14:09 - 2015-02-17 17:44 - 09171272 _____ () C:\Users\Claudia\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Accounts: =============================

Administrator (S-1-5-21-2744622841-2444319950-4175525256-500 - Administrator - Disabled)
Claudia (S-1-5-21-2744622841-2444319950-4175525256-1001 - Administrator - Enabled) => C:\Users\Claudia
Guest (S-1-5-21-2744622841-2444319950-4175525256-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2744622841-2444319950-4175525256-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2015 05:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: carboniteservice.exe, version: 5.7.2.4667, time stamp: 0x54bd3043
Faulting module name: carboniteservice.exe, version: 5.7.2.4667, time stamp: 0x54bd3043
Exception code: 0xc0000005
Fault offset: 0x0000000000148057
Faulting process id: 0x470
Faulting application start time: 0xcarboniteservice.exe0
Faulting application path: carboniteservice.exe1
Faulting module path: carboniteservice.exe2
Report Id: carboniteservice.exe3

Error: (02/20/2015 05:19:54 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/20/2015 03:49:33 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
.

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
.

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]

Error: (02/20/2015 05:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program hsplayer.exe version 10.5.0.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d18

Start Time: 01d04cd75baee051

Termination Time: 5

Application Path: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\hsplayer.exe

Report Id: e4967291-b8ed-11e4-b75a-e89a8f852d06

Error: (02/20/2015 01:32:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
Description: Application or service 'Windows Defender' could not be shut down.

Error: (02/20/2015 01:32:20 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
Description: Application or service 'Windows Defender' could not be shut down.


System errors:
=============
Error: (02/20/2015 05:22:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
%%1056

Error: (02/20/2015 05:20:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/20/2015 02:00:45 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
%%1056

Error: (02/20/2015 01:59:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/19/2015 10:43:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (02/19/2015 02:33:50 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (02/19/2015 01:38:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%1053

Error: (02/19/2015 01:38:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.

Error: (02/19/2015 01:37:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:45:05 AM on &#8206;2/&#8206;19/&#8206;2015 was unexpected.

Error: (02/18/2015 10:53:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================
Error: (02/20/2015 05:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: carboniteservice.exe5.7.2.466754bd3043carboniteservice.exe5.7.2.466754bd3043c0000005000000000014805747001d04d5b42a46447C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exea838d550-b94e-11e4-9084-e89a8f852d06

Error: (02/20/2015 05:19:54 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/20/2015 03:49:33 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070013, The media is write protected.

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070013, The media is write protected.

Error: (02/20/2015 07:24:49 AM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.

Error: (02/20/2015 05:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hsplayer.exe10.5.0.5d1801d04cd75baee0515C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\hsplayer.exee4967291-b8ed-11e4-b75a-e89a8f852d06

Error: (02/20/2015 01:32:32 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
Description: 1svchost.exeWindows Defender03026216150720

Error: (02/20/2015 01:32:20 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Claudia-PC)
Description: 0svchost.exeWindows Defender03026216150720


CodeIntegrity Errors:
===================================
Date: 2015-02-08 12:07:42.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:42.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:42.391
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:42.211
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:42.071
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:41.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:41.751
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:41.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:41.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-08 12:07:40.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 52%
Total physical RAM: 4084.48 MB
Available physical RAM: 1929.43 MB
Total Pagefile: 8167.15 MB
Available Pagefile: 5715.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI105970W0D) (Fixed) (Total:452.95 GB) (Free:359.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 89B15EC1)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=17)

==================== End Of Log ============================

 

[gposter]

Thank you so much! I believe that is everything. Let me know if you need anything else.

 

[askey127]

gposter,
You don't have to open any file from the GoDaddy server if you don't want to.
They have been tolerating adware distributors (at least) on their servers for a long time, based on many reports.
I can't say for sure yet what's calling it..
--------------------------------------------------------
Run A Fix With FRST
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
(Both on the Desktop is OK, or both in the same folder elsewhere)

Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
If for some reason the tool needs a restart, please make sure you let the system restart normally.
The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

askey127

 

[gposter]

ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Claudia at 2015-02-20 23:53:37 Run:1
Running from C:\Users\Claudia\Desktop
Loaded Profiles: Claudia (Available profiles: Claudia)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [103792 2010-01-28] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-10 12:43 - 2015-02-10 12:43 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Claudia\AppData\Roaming\AVG2015
2015-02-10 12:32 - 2015-02-10 12:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-10 12:27 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Claudia\AppData\Local\Avg2015
2015-02-10 12:32 - 2012-06-15 22:28 - 00000000 ____D () C:\Program Files (x86)\AVG
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Google Update] => C:\Users\Claudia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-19] (Google Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4369952 2014-11-07] (Fitbit, Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\RunOnce: [Adobe Speed Launcher] => 1424470767
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {054f1468-3a53-11e3-b8e4-e89a8f852d06} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {376d29a7-d0ae-11e2-b704-e89a8f852d06} - E:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\...\MountPoints2: {f1aa6be7-a479-11e2-8a4d-e89a8f852d06} - E:\setup.exe -a
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2744622841-2444319950-4175525256-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}

*****************

Norton PC Checkup Application Launcher => Unable to stop service
Norton PC Checkup Application Launcher => Service deleted successfully.
PCCUJobMgr => Unable to stop service
PCCUJobMgr => Service deleted successfully.
C:\ProgramData\AVG Security Toolbar => Moved successfully.
C:\ProgramData\AVG Web TuneUp => Moved successfully.
C:\Users\Claudia\AppData\Roaming\AVG2015 => Moved successfully.
C:\ProgramData\AVG2015 => Moved successfully.
C:\Users\Claudia\AppData\Local\Avg2015 => Moved successfully.
C:\Program Files (x86)\AVG => Moved successfully.
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Fitbit Connect => value deleted successfully.
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully.
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
"HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{054f1468-3a53-11e3-b8e4-e89a8f852d06}" => Key deleted successfully.
HKCR\CLSID\{054f1468-3a53-11e3-b8e4-e89a8f852d06} => Key not found.
"HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{376d29a7-d0ae-11e2-b704-e89a8f852d06}" => Key deleted successfully.
HKCR\CLSID\{376d29a7-d0ae-11e2-b704-e89a8f852d06} => Key not found.
"HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1aa6be7-a479-11e2-8a4d-e89a8f852d06}" => Key deleted successfully.
HKCR\CLSID\{f1aa6be7-a479-11e2-8a4d-e89a8f852d06} => Key not found.
"HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKU\S-1-5-21-2744622841-2444319950-4175525256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.


The system needed a reboot.

==== End of Fixlog 23:53:49 ====

 

[askey127]

gposter,
-------------------------------------------------------------
AdwCleaner Download and Run

Download AdwCleaner and save it to your desktop or somewhere you can find it.
Take care NOT to click on any ad, like from PC Optimizer Pro. The correct link is the button labeled "Download from Bleeping Computer".
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete.
When it is done, click on the Clean button, accept any prompts that appear and allow the system to Reboot.
You will then be presented with the report. Copy & Paste it into a reply here.


If you lose track of the log, it is saved in this folder C:\AdwCleaner\
The filename will be adwcleaner[xx].txt where [xx] will be S1, or S2, etc. whichever filename is newest.

Also Tell me how the machine is behaving.
askey127

 

[gposter]

# AdwCleaner v4.111 - Logfile created 21/02/2015 at 18:57:51
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Claudia - CLAUDIA-PC
# Running from : C:\Users\Claudia\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Users\Claudia\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\IGearSettings
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;192.168.*.*

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Google Chrome v

[C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={FAF3DF4B-DE11-4DA2-8DF4-804E9EED0EE5}&mid=c381cb39e97e47d0bbdb39d3c961c4f5-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-06-15 23:30:33&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [3318 bytes] - [21/02/2015 18:54:29]
AdwCleaner[S0].txt - [3236 bytes] - [21/02/2015 18:57:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3295 bytes] ##########

 

[gposter]

I haven't been on all day to see how it's running. I will let you know in a few hours. Thank you so much!!

 

[askey127]

I'll be here.

 

[gposter]

I have not had any more problems Thank you soooo much!!! I will mark solved