HJT Log please advise

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
So I have been having issues with my laptop going to blue screen of death and freezing I started a post in Windows 7 , about an hour ago, But I wanted to see if I can get help with the HJT log while I wait for help over there I don't know how to join the 2 post if that what needs to be done Here is my TSG info and my HJT log thanks for all help, I have not owned this lap top very long I purchased it from Aarons rent a center. Paid it off and started having issues



Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3681 Mb
Graphics Card: AMD Radeon HD 7310 Graphics, 384 Mb
Hard Drives: C: Total - 461788 MB, Free - 414980 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: None


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:53:55 PM, on 7/24/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)

FIREFOX: 29.0.1 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Users\aaron\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=45466c31-a8df-07c5-6842-bb40aa26ee5d&searchtype=ds&q={searchTerms}&installDate={installDate}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=45466c31-a8df-07c5-6842-bb40aa26ee5d&searchtype=ds&q={searchTerms}&installDate={installDate}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=45466c31-a8df-07c5-6842-bb40aa26ee5d&searchtype=ds&q={searchTerms}&installDate={installDate}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ZooskMessenger.lnk = C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - https://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: lxeaCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
O23 - Service: lxea_device - - C:\windows\system32\lxeacoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Toshiba Laptop Checkup Application Launcher (Norton PC Checkup Application Launcher) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11098 bytes
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Jammer1010,
You can't run a PC for long with no antivirus.
I cannot tell yet whether your Windows 7 system is intact
Do you have a Lexmark 300 series printer?
-----------------------------------------------------------
Download the Microsoft Security Essentials Installer
The download is here: http://www.microsoft.com/security_essentials/
Choose "Save As" and Save it to your desktop.
Double Click the icon for the Microsoft Security Essentials installer.
Let it install, update itself, run a scan and delete anything it finds.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool
  • Download FRST64 and save to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST64 will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
Feel free to use separate replies if it's more convenient.

Let me know how it goes.
askey127
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
Hi thanks for the assistance,
I just now saw this post so I will do the programs u asked me to do. In the mean time, Yes I have a Lexmark Printer I also have some error messages from when it crashes I can give you if needed. I will post my logs as soon as they are done, THKS
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
here is the Frst log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
Ran by aaron (administrator) on JOLENE on 25-07-2014 14:05:35
Running from C:\Users\aaron\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lxeacoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoHook.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-03-16] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-05-05] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [148280 2010-05-05] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\MountPoints2: {d5d7b034-7f14-11e3-9ca9-00266c261eee} - E:\X501_ZTE.exe
Startup: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=45466c31-a8df-07c5-6842-bb40aa26ee5d&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
SearchScopes: HKLM - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {EE2A3F61-6C01-4D24-A98F-D155CA7B3F37} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS569
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {EE2A3F61-6C01-4D24-A98F-D155CA7B3F37} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS569
SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Lexmark Toolbar -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} https://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11

FireFox:
========
FF ProfilePath: C:\Users\aaron\AppData\Roaming\Mozilla\Firefox\Profiles\fsnd0xom.default
FF Homepage: https://www.yahoo.com/
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: Free Games (4357) - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected] [2014-01-04]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: Speed Test (4354) - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected] [2014-01-04]

Chrome:
=======
CHR Extension: (Snap.Do ) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-01-15]
CHR Extension: (Docs) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (YouTube) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google Search) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Norton Identity Protection) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Gmail) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 lxeaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [123320 2014-01-15] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [126392 2011-11-30] (Symantec Corporation)
R2 TosCoSrv; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [580608 2012-02-02] (TOSHIBA Corporation) [File not signed]
S4 UDisk Monitor; C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [517960 2012-04-20] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-20] (Symantec Corporation)
S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [128328 2012-04-20] (Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 14:05 - 2014-07-25 14:06 - 00018980 _____ () C:\Users\aaron\Desktop\FRST.txt
2014-07-25 14:05 - 2014-07-25 14:05 - 00000000 ____D () C:\FRST
2014-07-25 14:03 - 2014-07-25 14:03 - 02093568 _____ (Farbar) C:\Users\aaron\Desktop\FRST64.exe
2014-07-25 13:37 - 2014-07-25 13:37 - 00001945 _____ () C:\windows\epplauncher.mif
2014-07-25 13:36 - 2014-07-25 13:36 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-25 13:35 - 2014-07-25 13:37 - 00000000 ____D () C:\f8954ddd9a76dd6522
2014-07-25 13:33 - 2014-07-25 13:33 - 13829304 _____ (Microsoft Corporation) C:\Users\aaron\Desktop\mseinstall.exe
2014-07-25 02:29 - 2014-07-25 02:29 - 00313638 _____ () C:\Users\aaron\AppData\Local\census.cache
2014-07-25 02:29 - 2014-07-25 02:29 - 00157259 _____ () C:\Users\aaron\AppData\Local\ars.cache
2014-07-25 02:25 - 2014-07-25 02:25 - 00000010 _____ () C:\Users\aaron\AppData\Local\sponge.last.runtime.cache
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\sftldr_wow64.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiuxpag.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiumdva.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atigktxx.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atidxx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\aticfx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiadlxy.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\amdocl.dll
2014-07-25 02:15 - 2014-07-25 02:15 - 00000036 _____ () C:\Users\aaron\AppData\Local\housecall.guid.cache
2014-07-25 02:15 - 2013-09-02 00:58 - 00175528 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2014-07-25 01:58 - 2014-07-25 01:58 - 02044792 _____ (SafeInstall, LLC) C:\Users\aaron\Desktop\manualdownload.exe
2014-07-24 23:02 - 2014-07-24 23:02 - 00509440 _____ (Tech Support Guy System) C:\Users\aaron\SysInfo.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\aaron\HijackThis.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00011100 _____ () C:\Users\aaron\hijackthis.log
2014-07-20 16:05 - 2014-07-25 09:54 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for aaron.job
2014-07-20 16:05 - 2014-07-20 16:05 - 00003606 _____ () C:\windows\System32\Tasks\Norton Security Scan for aaron
2014-07-20 16:05 - 2014-07-20 16:05 - 00001428 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-20 03:06 - 2014-07-20 03:06 - 00000000 ____D () C:\Users\aaron\AppData\Local\AMD
2014-07-20 03:05 - 2014-07-20 03:05 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 02:52 - 2014-07-20 02:52 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-07-20 02:51 - 2014-07-20 02:51 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\library_dir
2014-07-20 02:50 - 2014-07-25 13:17 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Raptr
2014-07-20 02:50 - 2014-07-20 02:51 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-07-20 02:50 - 2014-07-20 02:50 - 00067160 _____ () C:\windows\SysWOW64\CCCInstall_201407200250149083.log
2014-07-20 02:50 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 02:49 - 2014-07-20 02:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 02:48 - 2014-07-20 02:50 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 02:46 - 2014-07-20 02:46 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:49 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI
2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\AMD
2014-07-20 01:01 - 2014-07-20 01:01 - 00002272 _____ () C:\Users\Public\Desktop\Driver Support.lnk
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2014-07-15 19:11 - 2014-07-15 19:11 - 00779704 _____ (Symantec) C:\Users\aaron\Desktop\Setup.exe
2014-07-15 19:10 - 2014-07-15 19:10 - 00779704 _____ (Symantec) C:\Users\aaron\Downloads\Setup.exe
2014-07-15 01:40 - 2014-07-15 01:40 - 00645432 _____ () C:\windows\Minidump\071514-21964-01.dmp
2014-07-14 17:11 - 2014-07-14 17:11 - 00000000 ____D () C:\Users\aaron\AppData\Local\{7B549D41-0ECA-4980-9F52-B054FA772753}
2014-07-09 09:33 - 2014-07-09 09:34 - 00000000 ____D () C:\Users\aaron\Desktop\pis for cl
2014-07-09 01:52 - 2014-07-09 01:52 - 00000000 ____D () C:\Users\aaron\AppData\Local\{55AD2261-D3B4-4297-8EDB-7A8B3A8C44E4}
2014-07-08 18:10 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-08 18:10 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-08 18:09 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-08 18:09 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-08 18:09 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-08 18:09 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-08 18:09 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-08 18:09 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-08 18:09 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-08 18:09 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-08 18:09 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-08 18:09 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-08 18:09 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-08 18:09 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-08 18:09 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-08 18:09 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 18:09 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-08 18:09 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-08 18:09 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-08 18:09 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-08 18:09 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-08 18:09 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-08 18:09 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-08 18:09 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-08 18:09 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-08 18:09 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-08 18:09 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-08 18:09 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-08 18:09 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-08 18:09 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-08 18:09 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-08 18:09 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-08 18:09 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-08 18:09 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-08 18:09 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-08 18:09 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-08 18:09 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-08 18:09 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-08 18:09 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-08 18:09 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-08 18:09 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-08 18:09 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-08 18:09 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-08 18:09 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-08 18:09 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-08 18:09 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-08 18:09 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-08 18:09 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-08 18:09 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-08 18:09 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-08 18:09 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-08 18:09 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-08 18:08 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-08 18:08 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-08 18:08 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-08 18:08 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-08 18:08 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-08 18:08 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-08 18:08 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-08 18:08 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-08 18:08 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-08 18:08 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-08 18:08 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-08 18:08 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-08 18:08 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-08 18:08 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-08 18:08 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-07 16:43 - 2014-07-07 16:43 - 00000000 ____D () C:\Users\aaron\AppData\Local\{21D12364-47AA-4306-953B-258904FB1EC8}
2014-06-27 09:48 - 2014-06-27 09:49 - 00000000 ____D () C:\Users\aaron\AppData\Local\{0D168EF4-0BCE-477D-88D8-1212D5095D08}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 14:06 - 2014-07-25 14:05 - 00018980 _____ () C:\Users\aaron\Desktop\FRST.txt
2014-07-25 14:05 - 2014-07-25 14:05 - 00000000 ____D () C:\FRST
2014-07-25 14:03 - 2014-07-25 14:03 - 02093568 _____ (Farbar) C:\Users\aaron\Desktop\FRST64.exe
2014-07-25 13:51 - 2012-04-16 02:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-25 13:41 - 2013-11-08 18:05 - 01153413 _____ () C:\windows\WindowsUpdate.log
2014-07-25 13:37 - 2014-07-25 13:37 - 00001945 _____ () C:\windows\epplauncher.mif
2014-07-25 13:37 - 2014-07-25 13:35 - 00000000 ____D () C:\f8954ddd9a76dd6522
2014-07-25 13:36 - 2014-07-25 13:36 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-25 13:33 - 2014-07-25 13:33 - 13829304 _____ (Microsoft Corporation) C:\Users\aaron\Desktop\mseinstall.exe
2014-07-25 13:18 - 2009-07-13 22:13 - 00783360 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-25 13:17 - 2014-07-20 02:50 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Raptr
2014-07-25 13:16 - 2014-06-24 19:31 - 00012789 _____ () C:\ProgramData\lxeascan.log
2014-07-25 11:28 - 2014-03-29 13:10 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Skype
2014-07-25 09:54 - 2014-07-20 16:05 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for aaron.job
2014-07-25 07:17 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 07:17 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 07:10 - 2014-05-28 01:03 - 00004816 _____ () C:\windows\setupact.log
2014-07-25 07:10 - 2014-03-30 03:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 07:10 - 2014-03-30 03:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 07:10 - 2010-11-20 20:47 - 01186314 _____ () C:\windows\PFRO.log
2014-07-25 07:10 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-25 03:55 - 2014-03-28 01:49 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\SoftGrid Client
2014-07-25 03:04 - 2014-03-30 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 02:29 - 2014-07-25 02:29 - 00313638 _____ () C:\Users\aaron\AppData\Local\census.cache
2014-07-25 02:29 - 2014-07-25 02:29 - 00157259 _____ () C:\Users\aaron\AppData\Local\ars.cache
2014-07-25 02:25 - 2014-07-25 02:25 - 00000010 _____ () C:\Users\aaron\AppData\Local\sponge.last.runtime.cache
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\sftldr_wow64.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiuxpag.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiumdva.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atigktxx.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atidxx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\aticfx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiadlxy.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\amdocl.dll
2014-07-25 02:15 - 2014-07-25 02:15 - 00000036 _____ () C:\Users\aaron\AppData\Local\housecall.guid.cache
2014-07-25 01:58 - 2014-07-25 01:58 - 02044792 _____ (SafeInstall, LLC) C:\Users\aaron\Desktop\manualdownload.exe
2014-07-24 23:02 - 2014-07-24 23:02 - 00509440 _____ (Tech Support Guy System) C:\Users\aaron\SysInfo.exe
2014-07-24 23:02 - 2013-12-18 16:58 - 00000000 ____D () C:\Users\aaron
2014-07-24 22:53 - 2014-07-24 22:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\aaron\HijackThis.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00011100 _____ () C:\Users\aaron\hijackthis.log
2014-07-24 22:49 - 2013-12-18 17:00 - 00000000 ____D () C:\Users\aaron\AppData\Local\VirtualStore
2014-07-24 22:28 - 2014-05-16 03:20 - 00000000 ____D () C:\Users\aaron\downloaded pic
2014-07-20 16:05 - 2014-07-20 16:05 - 00003606 _____ () C:\windows\System32\Tasks\Norton Security Scan for aaron
2014-07-20 16:05 - 2014-07-20 16:05 - 00001428 _____ () C:\Users\Public\Desktop\Norton Security Scan.LNK
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\windows\system32\Drivers\NSSx64
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2014-07-20 16:05 - 2014-07-20 16:05 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-07-20 16:05 - 2012-04-16 03:10 - 00000000 ____D () C:\ProgramData\Norton
2014-07-20 03:06 - 2014-07-20 03:06 - 00000000 ____D () C:\Users\aaron\AppData\Local\AMD
2014-07-20 03:05 - 2014-07-20 03:05 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 02:52 - 2014-07-20 02:52 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-07-20 02:51 - 2014-07-20 02:51 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\library_dir
2014-07-20 02:51 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-07-20 02:50 - 2014-07-20 02:50 - 00067160 _____ () C:\windows\SysWOW64\CCCInstall_201407200250149083.log
2014-07-20 02:50 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 02:50 - 2014-07-20 02:48 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 02:50 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-20 02:49 - 2014-07-20 02:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 02:49 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 02:47 - 2013-11-08 18:13 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 02:46 - 2014-07-20 02:46 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI
2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\AMD
2014-07-20 01:01 - 2014-07-20 01:01 - 00002272 _____ () C:\Users\Public\Desktop\Driver Support.lnk
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2014-07-20 00:35 - 2014-06-24 00:53 - 00000000 ____D () C:\Users\aaron\AppData\Local\Unity
2014-07-19 21:16 - 2014-01-17 18:02 - 00000000 ____D () C:\Users\aaron\AppData\Local\CrashDumps
2014-07-18 20:35 - 2014-06-24 20:39 - 00000712 _____ () C:\ProgramData\lxeaDiagnostics.log
2014-07-15 19:11 - 2014-07-15 19:11 - 00779704 _____ (Symantec) C:\Users\aaron\Desktop\Setup.exe
2014-07-15 19:10 - 2014-07-15 19:10 - 00779704 _____ (Symantec) C:\Users\aaron\Downloads\Setup.exe
2014-07-15 01:40 - 2014-07-15 01:40 - 00645432 _____ () C:\windows\Minidump\071514-21964-01.dmp
2014-07-15 01:40 - 2014-06-11 01:07 - 361519420 _____ () C:\windows\MEMORY.DMP
2014-07-15 01:40 - 2014-02-16 19:07 - 00000000 ____D () C:\windows\Minidump
2014-07-14 17:11 - 2014-07-14 17:11 - 00000000 ____D () C:\Users\aaron\AppData\Local\{7B549D41-0ECA-4980-9F52-B054FA772753}
2014-07-09 13:24 - 2013-12-18 17:03 - 00058016 _____ () C:\Users\aaron\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-09 09:34 - 2014-07-09 09:33 - 00000000 ____D () C:\Users\aaron\Desktop\pis for cl
2014-07-09 08:02 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-07-09 07:25 - 2009-07-13 21:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-09 07:23 - 2014-05-07 03:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-09 07:23 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 07:23 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-09 07:23 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\Dism
2014-07-09 03:05 - 2014-05-28 01:46 - 00000000 ____D () C:\windows\system32\MRT
2014-07-09 03:03 - 2014-05-28 01:46 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-09 01:52 - 2014-07-09 01:52 - 00000000 ____D () C:\Users\aaron\AppData\Local\{55AD2261-D3B4-4297-8EDB-7A8B3A8C44E4}
2014-07-08 16:51 - 2012-04-16 02:58 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 16:51 - 2012-04-16 02:58 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 16:51 - 2012-04-16 02:58 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 16:43 - 2014-07-07 16:43 - 00000000 ____D () C:\Users\aaron\AppData\Local\{21D12364-47AA-4306-953B-258904FB1EC8}
2014-07-07 15:47 - 2014-05-16 02:48 - 00000000 ____D () C:\Users\aaron\pic to go thru
2014-07-06 06:26 - 2014-04-30 02:09 - 00000000 ____D () C:\Users\aaron\Downloads\books
2014-07-05 14:23 - 2014-05-07 17:15 - 00007609 _____ () C:\Users\aaron\AppData\Local\Resmon.ResmonCfg
2014-06-29 19:09 - 2014-07-08 18:10 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-08 18:10 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-27 09:49 - 2014-06-27 09:48 - 00000000 ____D () C:\Users\aaron\AppData\Local\{0D168EF4-0BCE-477D-88D8-1212D5095D08}
2014-06-26 02:39 - 2014-05-07 21:07 - 00000000 ____D () C:\Users\aaron\Desktop\inspiraional E cards
2014-06-26 02:35 - 2014-05-16 02:54 - 00000000 ____D () C:\Users\aaron\Desktop\CNF

Files to move or delete:
====================
C:\Users\aaron\HijackThis.exe
C:\Users\aaron\SysInfo.exe


Some content of TEMP:
====================
C:\Users\aaron\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\aaron\AppData\Local\Temp\BackupSetup.exe
C:\Users\aaron\AppData\Local\Temp\install_helper.exe
C:\Users\aaron\AppData\Local\Temp\install_reader11_en_gtbd_chrd_dn_aaa_aih.exe
C:\Users\aaron\AppData\Local\Temp\newsetup.exe
C:\Users\aaron\AppData\Local\Temp\raptrpatch.exe
C:\Users\aaron\AppData\Local\Temp\raptr_stub.exe
C:\Users\aaron\AppData\Local\Temp\SCC.dll
C:\Users\aaron\AppData\Local\Temp\SymCCIS.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 03:44

==================== End Of Log ============================
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
Here is the Addition log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 01
Ran by aaron at 2014-07-25 14:07:25
Running from C:\Users\aaron\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.03.0000 - AMD) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Android USB Driver (HKLM-x32\...\Android USB Driver_is1) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1 - PC Drivers Headquarters, LP)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Ipswitch WS_FTP Pro (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 9.01 - )
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version: - Lexmark International, Inc.)
Lexmark Toolbar (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.3.37.0 - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype&#8482; 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)
TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C9C56642-9AAB-4267-9454-36FF1CC59168}) (Version: 1.3.11.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.10 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.17.38 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.7.52020010 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
Toshiba Security Dashboard (HKLM-x32\...\ToshibaSD) (Version: 1.0.0.48 - Symantec Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.5 - TOSHIBA Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0025.640205 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.0025.640205 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.0025.640205 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.33 - TOSHIBA Corporation) Hidden
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2350155945-2762223346-1391456072-1000_Classes\CLSID\{ed5e439f-eb8b-4eca-9707-69eb71689040}\InprocServer32 -> C:\windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

09-07-2014 01:08:08 Windows Update
09-07-2014 10:00:15 Windows Update
15-07-2014 12:48:07 Windows Update
19-07-2014 03:44:42 Windows Update
20-07-2014 08:26:44 Restore Operation
20-07-2014 08:42:22 Windows Backup
20-07-2014 09:45:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
21-07-2014 02:00:07 Windows Backup
22-07-2014 10:20:54 Windows Update
25-07-2014 10:00:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {37F063FD-6504-4CDC-8D5D-BFDEEF075502} - System32\Tasks\Plus-HD-6.0-codedownloader => C:\Program Files (x86)\Plus-HD-6.0\Plus-HD-6.0-codedownloader.exe
Task: {3C16A19C-C524-4E4C-A32A-2927DEE4A20A} - System32\Tasks\Norton Security Scan for aaron => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-26] (Symantec Corporation)
Task: {3F1F7CBE-ABFC-4B53-A97D-974A55521713} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {416AAF8F-77B7-49A7-B6C9-B1445B0D9006} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {80E3B599-C681-471C-B129-3338F1C9E6DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {CB5BEA4E-5732-40C9-AD98-72B75DEE65C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Norton Security Scan for aaron.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Loaded Modules (whitelisted) =============

2014-06-24 19:39 - 2009-11-04 13:18 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-03-02 17:08 - 2012-03-02 17:08 - 00595840 _____ () C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
2011-08-22 16:19 - 2011-08-22 16:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 16:19 - 2010-12-15 16:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2014-06-24 19:29 - 2010-05-05 09:18 - 00770728 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
2014-06-24 19:29 - 2010-05-05 09:18 - 00148280 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
2012-02-24 15:35 - 2012-02-24 15:35 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-06-24 19:29 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
2014-06-24 19:29 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll
2014-06-24 19:29 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
2014-06-24 19:26 - 2009-02-20 01:48 - 00381440 _____ () C:\windows\system32\lxeasm.dll
2014-06-24 19:26 - 2009-02-20 01:48 - 00023552 _____ () C:\windows\system32\lxeasmr.dll
2014-06-24 19:29 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL
2014-06-24 19:29 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
2014-06-24 19:29 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL
2014-06-24 19:29 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL
2014-06-24 19:29 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL
2014-06-24 19:29 - 2010-04-05 06:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll
2014-06-24 19:29 - 2010-04-05 06:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
2014-06-24 19:29 - 2010-04-05 06:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll
2014-06-24 19:29 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
2014-06-24 19:29 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 13:28 - 2012-02-06 13:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 13:28 - 2012-02-06 13:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 13:28 - 2012-02-06 13:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 12:01 - 2011-05-10 12:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 11:17 - 2011-02-15 11:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 15:57 - 2010-11-22 15:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2013-11-20 17:05 - 2013-11-20 17:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\amdocl.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atigktxx.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiumdva.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiadlxy.dll
2010-11-22 15:57 - 2010-11-22 15:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 17:56 - 2014-06-17 17:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 11:17 - 2011-02-15 11:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 16:06 - 2010-11-22 16:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\aticfx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiuxpag.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atidxx32.dll
2008-05-21 19:27 - 2008-05-21 19:27 - 00372736 _____ () C:\Program Files\Lexmark Toolbar\toolband.dll
2008-05-21 19:28 - 2008-05-21 19:28 - 00389120 _____ () C:\Program Files\Lexmark Toolbar\resource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: UDisk Monitor => 2
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/25/2014 01:17:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TosReelTimeMonitor.exe, version: 1.7.9.0, time stamp: 0x4e093c79
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x000000000027a607
Faulting process id: 0x%9
Faulting application start time: 0xTosReelTimeMonitor.exe0
Faulting application path: TosReelTimeMonitor.exe1
Faulting module path: TosReelTimeMonitor.exe2
Report Id: TosReelTimeMonitor.exe3

Error: (07/25/2014 01:17:59 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF48554F6) (80131506)

Error: (07/25/2014 01:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ToshibaServiceStation.exe, version: 2.2.0.1, time stamp: 0x4e1b8d10
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x000000000027a607
Faulting process id: 0x%9
Faulting application start time: 0xToshibaServiceStation.exe0
Faulting application path: ToshibaServiceStation.exe1
Faulting module path: ToshibaServiceStation.exe2
Report Id: ToshibaServiceStation.exe3

Error: (07/25/2014 01:16:58 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF48554F6) (80131506)

Error: (07/25/2014 07:12:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TosReelTimeMonitor.exe, version: 1.7.9.0, time stamp: 0x4e093c79
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x000000000027a607
Faulting process id: 0x%9
Faulting application start time: 0xTosReelTimeMonitor.exe0
Faulting application path: TosReelTimeMonitor.exe1
Faulting module path: TosReelTimeMonitor.exe2
Report Id: TosReelTimeMonitor.exe3

Error: (07/25/2014 07:12:45 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF41C54F6) (80131506)

Error: (07/25/2014 07:11:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ToshibaServiceStation.exe, version: 2.2.0.1, time stamp: 0x4e1b8d10
Faulting module name: mscorwks.dll, version: 2.0.50727.5477, time stamp: 0x5265c8ee
Exception code: 0xc0000005
Fault offset: 0x000000000027a607
Faulting process id: 0x%9
Faulting application start time: 0xToshibaServiceStation.exe0
Faulting application path: ToshibaServiceStation.exe1
Faulting module path: ToshibaServiceStation.exe2
Report Id: ToshibaServiceStation.exe3

Error: (07/25/2014 07:11:51 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF41C54F6) (80131506)

Error: (07/25/2014 07:11:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 02:44:02 AM) (Source: TestWorker) (EventID: 1) (User: )
Description: TestWorkerError 0x80040300: pJob->Save()


System errors:
=============
Error: (07/25/2014 07:10:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (07/25/2014 07:10:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (07/25/2014 07:10:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:55:42 AM on &#8206;7/&#8206;25/&#8206;2014 was unexpected.

Error: (07/24/2014 10:19:28 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:19:24 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:19:17 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:19:12 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:19:08 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:19:04 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/24/2014 10:18:59 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (07/25/2014 01:17:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TosReelTimeMonitor.exe1.7.9.04e093c79mscorwks.dll2.0.50727.54775265c8eec0000005000000000027a607

Error: (07/25/2014 01:17:59 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF48554F6) (80131506)

Error: (07/25/2014 01:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ToshibaServiceStation.exe2.2.0.14e1b8d10mscorwks.dll2.0.50727.54775265c8eec0000005000000000027a607

Error: (07/25/2014 01:16:58 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF48554F6) (80131506)

Error: (07/25/2014 07:12:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TosReelTimeMonitor.exe1.7.9.04e093c79mscorwks.dll2.0.50727.54775265c8eec0000005000000000027a607

Error: (07/25/2014 07:12:45 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF41C54F6) (80131506)

Error: (07/25/2014 07:11:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ToshibaServiceStation.exe2.2.0.14e1b8d10mscorwks.dll2.0.50727.54775265c8eec0000005000000000027a607

Error: (07/25/2014 07:11:51 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5477 - Fatal Execution Engine Error (000007FEF41C54F6) (80131506)

Error: (07/25/2014 07:11:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 02:44:02 AM) (Source: TestWorker) (EventID: 1) (User: )
Description: TestWorkerError 0x80040300: pJob->Save()


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3681.33 MB
Available physical RAM: 2230.27 MB
Total Pagefile: 7360.84 MB
Available Pagefile: 5466.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (TI106412W0C) (Fixed) (Total:450.97 GB) (Free:405.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: F917D2DC)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=17)

==================== End Of Log ============================
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
Do I need to wait for Askey127 to help or can another tech help? just wondering
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
jammer1010,
We are volunteers, and have private lives in addition to our volunteer work here.
A single expert chooses and follows a particular post until it is done.
Most answers are within a day.
Please don't Install, Uninstall or scan with anything unless I ask, until we are through cleaning.

An observation: The graphics card on that machine will be stretched to the limit plus when you use it for gaming.
Is Raptr very important to you? It tracks your game usage.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Norton Security Scan

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------------------
Download the Norton removal Tool from Here and run it:
https://support.norton.com/sp/en/us...file_en_us?entsrc=redirect_pubweb&pvid=f-home
-----------------------------------------
Check hard Drive for Errors
Open Notepad... then copy and paste the following line into Notepad:
(Notepad is in Start, Programs, Accessories)
Code:
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"
Now Save the NotePad file like this:
  • Click on File from the top menu bar.
  • Select Save As, use Filename: testhd.bat and Save As Type: All Files.
  • Choose Desktop as the location
  • Click Save.
Right click on testhd.bat on your desktop and select Run As Administrator to run it. OK the UAC.
A Command Prompt box will pop up, then close after a couple minutes.
Please post the contents of the checkhd.txt file from your desktop.
If the file is very long, just copy and paste the LAST 20 or 30 lines into your reply.
-----------------------------------------------------------
Run a New Scan With the Farbar Scan Tool
  • Double click FRST.exe (or FRST64.exe) on your desktop to launch it.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, a log FRST.txt, will be saved on your Desktop and opened in Notepad.
  • Please post the contents in your next reply.

askey127
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
Sorry I wasn't trying to be disrespectful in any way, I haven't scanned or deleted anything. Raptor I don't care about at all it came when I updated my drivers , So I am little confused on the check hard drive for errors , which program and I using to do that with ?????
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Just follow the directions exactly and Notepad will create a batch file which you will save on your desktop, and when run will test your HD.
Please do the changes in the order given.
If you have trouble with something, stop and ask about it.
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
The type of the file system is NTFS.
Volume label is TI106412W0C.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
445 large file records processed.

0 bad file records processed.

0 EA records processed.

44 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
25503 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

472871935 KB total disk space.
47373884 KB in 115731 files.
76652 KB in 25504 indexes.
0 KB in bad sectors.
262223 KB in use by the system.
65536 KB occupied by the log file.
425159176 KB available on disk.

4096 bytes in each allocation unit.
118217983 total allocation units on disk.
106289794 allocation units available on disk.
 

Jammer1010

Thread Starter
Joined
Sep 7, 2002
Messages
144
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
Ran by aaron (administrator) on JOLENE on 26-07-2014 07:08:05
Running from C:\Users\aaron\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
( ) C:\Windows\System32\lxeacoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoHook.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-03-16] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-05-05] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [148280 2010-05-05] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2350155945-2762223346-1391456072-1000\...\MountPoints2: {d5d7b034-7f14-11e3-9ca9-00266c261eee} - E:\X501_ZTE.exe
Startup: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=45466c31-a8df-07c5-6842-bb40aa26ee5d&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
SearchScopes: HKLM - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {EE2A3F61-6C01-4D24-A98F-D155CA7B3F37} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS569
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {EE2A3F61-6C01-4D24-A98F-D155CA7B3F37} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS569
SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Lexmark Toolbar -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {644E432F-49D3-41A1-8DD5-E099162EEEC5} https://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\aaron\AppData\Roaming\Mozilla\Firefox\Profiles\fsnd0xom.default
FF Homepage: https://www.yahoo.com/
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: Free Games (4357) - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected] [2014-01-04]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: Speed Test (4354) - C:\Users\aaron\AppData\Roaming\Mozilla\Extensions\[email protected] [2014-01-04]

Chrome:
=======
CHR Extension: (Snap.Do ) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-01-15]
CHR Extension: (Docs) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (YouTube) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google Search) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Norton Identity Protection) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Gmail) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 lxeaCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [123320 2014-01-15] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [126392 2011-11-30] (Symantec Corporation)
R2 TosCoSrv; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [580608 2012-02-02] (TOSHIBA Corporation) [File not signed]
S4 UDisk Monitor; C:\Program Files (x86)\Froyo_Android_Driver\Bin\MonServiceUDisk.exe [517960 2012-04-20] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [128328 2012-04-20] (Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 07:08 - 2014-07-26 07:09 - 00018289 _____ () C:\Users\aaron\Desktop\FRST.txt
2014-07-26 07:01 - 2014-07-26 07:02 - 00001420 _____ () C:\Users\aaron\Desktop\checkhd.txt
2014-07-26 07:00 - 2014-07-26 07:00 - 00000081 _____ () C:\Users\aaron\Desktop\testhd.bat
2014-07-26 06:47 - 2014-07-26 06:47 - 00869456 _____ () C:\Users\aaron\Desktop\Norton_Removal_Tool (1).exe
2014-07-26 06:46 - 2014-07-26 06:46 - 00869456 _____ () C:\Users\aaron\Desktop\Norton_Removal_Tool.exe
2014-07-25 14:05 - 2014-07-26 07:08 - 00000000 ____D () C:\FRST
2014-07-25 14:03 - 2014-07-25 14:03 - 02093568 _____ (Farbar) C:\Users\aaron\Desktop\FRST64.exe
2014-07-25 13:37 - 2014-07-25 13:37 - 00001945 _____ () C:\windows\epplauncher.mif
2014-07-25 13:36 - 2014-07-25 13:36 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-25 13:33 - 2014-07-25 13:33 - 13829304 _____ (Microsoft Corporation) C:\Users\aaron\Desktop\mseinstall.exe
2014-07-25 02:29 - 2014-07-25 02:29 - 00313638 _____ () C:\Users\aaron\AppData\Local\census.cache
2014-07-25 02:29 - 2014-07-25 02:29 - 00157259 _____ () C:\Users\aaron\AppData\Local\ars.cache
2014-07-25 02:25 - 2014-07-25 02:25 - 00000010 _____ () C:\Users\aaron\AppData\Local\sponge.last.runtime.cache
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\sftldr_wow64.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiuxpag.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiumdva.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atigktxx.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atidxx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\aticfx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiadlxy.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\amdocl.dll
2014-07-25 02:15 - 2014-07-25 02:15 - 00000036 _____ () C:\Users\aaron\AppData\Local\housecall.guid.cache
2014-07-25 02:15 - 2013-09-02 00:58 - 00175528 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2014-07-25 01:58 - 2014-07-25 01:58 - 02044792 _____ (SafeInstall, LLC) C:\Users\aaron\Desktop\manualdownload.exe
2014-07-24 23:02 - 2014-07-24 23:02 - 00509440 _____ (Tech Support Guy System) C:\Users\aaron\SysInfo.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\aaron\HijackThis.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00011100 _____ () C:\Users\aaron\hijackthis.log
2014-07-20 03:06 - 2014-07-20 03:06 - 00000000 ____D () C:\Users\aaron\AppData\Local\AMD
2014-07-20 03:05 - 2014-07-20 03:05 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 02:51 - 2014-07-20 02:51 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\library_dir
2014-07-20 02:50 - 2014-07-26 06:39 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Raptr
2014-07-20 02:50 - 2014-07-26 06:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-07-20 02:50 - 2014-07-20 02:50 - 00067160 _____ () C:\windows\SysWOW64\CCCInstall_201407200250149083.log
2014-07-20 02:50 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 02:49 - 2014-07-20 02:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 02:48 - 2014-07-20 02:50 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 02:46 - 2014-07-20 02:46 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:49 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI
2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\AMD
2014-07-20 01:01 - 2014-07-20 01:01 - 00002272 _____ () C:\Users\Public\Desktop\Driver Support.lnk
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2014-07-15 19:11 - 2014-07-15 19:11 - 00779704 _____ (Symantec) C:\Users\aaron\Desktop\Setup.exe
2014-07-15 19:10 - 2014-07-15 19:10 - 00779704 _____ (Symantec) C:\Users\aaron\Downloads\Setup.exe
2014-07-15 01:40 - 2014-07-15 01:40 - 00645432 _____ () C:\windows\Minidump\071514-21964-01.dmp
2014-07-14 17:11 - 2014-07-14 17:11 - 00000000 ____D () C:\Users\aaron\AppData\Local\{7B549D41-0ECA-4980-9F52-B054FA772753}
2014-07-09 09:33 - 2014-07-09 09:34 - 00000000 ____D () C:\Users\aaron\Desktop\pis for cl
2014-07-09 01:52 - 2014-07-09 01:52 - 00000000 ____D () C:\Users\aaron\AppData\Local\{55AD2261-D3B4-4297-8EDB-7A8B3A8C44E4}
2014-07-08 18:10 - 2014-06-29 19:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-08 18:10 - 2014-06-29 19:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-08 18:09 - 2014-06-20 13:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-08 18:09 - 2014-06-20 12:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-08 18:09 - 2014-06-18 18:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-08 18:09 - 2014-06-18 18:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-08 18:09 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-08 18:09 - 2014-06-18 17:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-08 18:09 - 2014-06-18 17:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-08 18:09 - 2014-06-18 17:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-08 18:09 - 2014-06-18 17:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-08 18:09 - 2014-06-18 17:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-08 18:09 - 2014-06-18 17:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-08 18:09 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-08 18:09 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-08 18:09 - 2014-06-18 16:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 18:09 - 2014-06-18 16:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-08 18:09 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-08 18:09 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-08 18:09 - 2014-06-18 16:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-08 18:09 - 2014-06-18 16:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-08 18:09 - 2014-06-18 16:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-08 18:09 - 2014-06-18 16:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-08 18:09 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-08 18:09 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-08 18:09 - 2014-06-18 16:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-08 18:09 - 2014-06-18 16:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-08 18:09 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-08 18:09 - 2014-06-18 16:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-08 18:09 - 2014-06-18 16:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-08 18:09 - 2014-06-18 16:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-08 18:09 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-08 18:09 - 2014-06-18 16:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-08 18:09 - 2014-06-18 16:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-08 18:09 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-08 18:09 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-08 18:09 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-08 18:09 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-08 18:09 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-08 18:09 - 2014-06-18 15:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-08 18:09 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-08 18:09 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-08 18:09 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-08 18:09 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-08 18:09 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-08 18:09 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-08 18:09 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-08 18:09 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-08 18:09 - 2014-06-17 18:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-08 18:09 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-08 18:09 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-08 18:09 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-08 18:09 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-08 18:09 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-08 18:08 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-08 18:08 - 2014-06-18 17:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-08 18:08 - 2014-06-18 17:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-08 18:08 - 2014-06-18 17:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-08 18:08 - 2014-06-18 17:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-08 18:08 - 2014-06-18 17:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-08 18:08 - 2014-06-18 16:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-08 18:08 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-08 18:08 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-08 18:08 - 2014-06-18 16:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-08 18:08 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-08 18:08 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-08 18:08 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-08 18:08 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-08 18:08 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-07 16:43 - 2014-07-07 16:43 - 00000000 ____D () C:\Users\aaron\AppData\Local\{21D12364-47AA-4306-953B-258904FB1EC8}
2014-06-27 09:48 - 2014-06-27 09:49 - 00000000 ____D () C:\Users\aaron\AppData\Local\{0D168EF4-0BCE-477D-88D8-1212D5095D08}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 07:09 - 2014-07-26 07:08 - 00018289 _____ () C:\Users\aaron\Desktop\FRST.txt
2014-07-26 07:08 - 2014-07-25 14:05 - 00000000 ____D () C:\FRST
2014-07-26 07:02 - 2014-07-26 07:01 - 00001420 _____ () C:\Users\aaron\Desktop\checkhd.txt
2014-07-26 07:02 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 07:02 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 07:00 - 2014-07-26 07:00 - 00000081 _____ () C:\Users\aaron\Desktop\testhd.bat
2014-07-26 06:59 - 2009-07-13 22:13 - 00783360 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-26 06:55 - 2014-06-24 19:31 - 00013505 _____ () C:\ProgramData\lxeascan.log
2014-07-26 06:55 - 2014-05-28 01:03 - 00005780 _____ () C:\windows\setupact.log
2014-07-26 06:55 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-26 06:54 - 2013-11-08 18:05 - 01192552 _____ () C:\windows\WindowsUpdate.log
2014-07-26 06:54 - 2010-11-20 20:47 - 01194790 _____ () C:\windows\PFRO.log
2014-07-26 06:51 - 2012-04-16 02:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 06:48 - 2012-04-16 03:10 - 00000000 ____D () C:\ProgramData\Norton
2014-07-26 06:47 - 2014-07-26 06:47 - 00869456 _____ () C:\Users\aaron\Desktop\Norton_Removal_Tool (1).exe
2014-07-26 06:46 - 2014-07-26 06:46 - 00869456 _____ () C:\Users\aaron\Desktop\Norton_Removal_Tool.exe
2014-07-26 06:39 - 2014-07-20 02:50 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Raptr
2014-07-26 06:39 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-07-25 14:03 - 2014-07-25 14:03 - 02093568 _____ (Farbar) C:\Users\aaron\Desktop\FRST64.exe
2014-07-25 13:37 - 2014-07-25 13:37 - 00001945 _____ () C:\windows\epplauncher.mif
2014-07-25 13:36 - 2014-07-25 13:36 - 00002128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-25 13:36 - 2014-07-25 13:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-25 13:33 - 2014-07-25 13:33 - 13829304 _____ (Microsoft Corporation) C:\Users\aaron\Desktop\mseinstall.exe
2014-07-25 11:28 - 2014-03-29 13:10 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\Skype
2014-07-25 07:10 - 2014-03-30 03:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 07:10 - 2014-03-30 03:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 03:55 - 2014-03-28 01:49 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\SoftGrid Client
2014-07-25 03:04 - 2014-03-30 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 02:29 - 2014-07-25 02:29 - 00313638 _____ () C:\Users\aaron\AppData\Local\census.cache
2014-07-25 02:29 - 2014-07-25 02:29 - 00157259 _____ () C:\Users\aaron\AppData\Local\ars.cache
2014-07-25 02:25 - 2014-07-25 02:25 - 00000010 _____ () C:\Users\aaron\AppData\Local\sponge.last.runtime.cache
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\sftldr_wow64.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiuxpag.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiumdva.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atigktxx.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atidxx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\aticfx32.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\atiadlxy.dll
2014-07-25 02:22 - 2014-07-25 02:22 - 00000000 _____ () C:\windows\system32\amdocl.dll
2014-07-25 02:15 - 2014-07-25 02:15 - 00000036 _____ () C:\Users\aaron\AppData\Local\housecall.guid.cache
2014-07-25 01:58 - 2014-07-25 01:58 - 02044792 _____ (SafeInstall, LLC) C:\Users\aaron\Desktop\manualdownload.exe
2014-07-24 23:02 - 2014-07-24 23:02 - 00509440 _____ (Tech Support Guy System) C:\Users\aaron\SysInfo.exe
2014-07-24 23:02 - 2013-12-18 16:58 - 00000000 ____D () C:\Users\aaron
2014-07-24 22:53 - 2014-07-24 22:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\aaron\HijackThis.exe
2014-07-24 22:53 - 2014-07-24 22:53 - 00011100 _____ () C:\Users\aaron\hijackthis.log
2014-07-24 22:49 - 2013-12-18 17:00 - 00000000 ____D () C:\Users\aaron\AppData\Local\VirtualStore
2014-07-24 22:28 - 2014-05-16 03:20 - 00000000 ____D () C:\Users\aaron\downloaded pic
2014-07-20 03:06 - 2014-07-20 03:06 - 00000000 ____D () C:\Users\aaron\AppData\Local\AMD
2014-07-20 03:05 - 2014-07-20 03:05 - 00000000 ____D () C:\ProgramData\ATI
2014-07-20 02:51 - 2014-07-20 02:51 - 00000000 ____D () C:\Users\aaron\AppData\Roaming\library_dir
2014-07-20 02:50 - 2014-07-20 02:50 - 00067160 _____ () C:\windows\SysWOW64\CCCInstall_201407200250149083.log
2014-07-20 02:50 - 2014-07-20 02:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-20 02:50 - 2014-07-20 02:48 - 00000000 ____D () C:\ProgramData\AMD
2014-07-20 02:50 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-20 02:49 - 2014-07-20 02:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-20 02:49 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-20 02:47 - 2013-11-08 18:13 - 00000000 ____D () C:\Program Files\AMD
2014-07-20 02:46 - 2014-07-20 02:46 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-20 02:45 - 2014-07-20 02:45 - 00000000 ____D () C:\Program Files\ATI
2014-07-20 01:16 - 2014-07-20 01:16 - 00000000 ____D () C:\AMD
2014-07-20 01:01 - 2014-07-20 01:01 - 00002272 _____ () C:\Users\Public\Desktop\Driver Support.lnk
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\ProgramData\Driver Support
2014-07-20 01:01 - 2014-07-20 01:01 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2014-07-20 00:35 - 2014-06-24 00:53 - 00000000 ____D () C:\Users\aaron\AppData\Local\Unity
2014-07-19 21:16 - 2014-01-17 18:02 - 00000000 ____D () C:\Users\aaron\AppData\Local\CrashDumps
2014-07-18 20:35 - 2014-06-24 20:39 - 00000712 _____ () C:\ProgramData\lxeaDiagnostics.log
2014-07-15 19:11 - 2014-07-15 19:11 - 00779704 _____ (Symantec) C:\Users\aaron\Desktop\Setup.exe
2014-07-15 19:10 - 2014-07-15 19:10 - 00779704 _____ (Symantec) C:\Users\aaron\Downloads\Setup.exe
2014-07-15 01:40 - 2014-07-15 01:40 - 00645432 _____ () C:\windows\Minidump\071514-21964-01.dmp
2014-07-15 01:40 - 2014-06-11 01:07 - 361519420 _____ () C:\windows\MEMORY.DMP
2014-07-15 01:40 - 2014-02-16 19:07 - 00000000 ____D () C:\windows\Minidump
2014-07-14 17:11 - 2014-07-14 17:11 - 00000000 ____D () C:\Users\aaron\AppData\Local\{7B549D41-0ECA-4980-9F52-B054FA772753}
2014-07-09 13:24 - 2013-12-18 17:03 - 00058016 _____ () C:\Users\aaron\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-09 09:34 - 2014-07-09 09:33 - 00000000 ____D () C:\Users\aaron\Desktop\pis for cl
2014-07-09 08:02 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2014-07-09 07:25 - 2009-07-13 21:45 - 00275712 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-09 07:23 - 2014-05-07 03:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-09 07:23 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 07:23 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-09 07:23 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\Dism
2014-07-09 03:05 - 2014-05-28 01:46 - 00000000 ____D () C:\windows\system32\MRT
2014-07-09 03:03 - 2014-05-28 01:46 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-09 01:52 - 2014-07-09 01:52 - 00000000 ____D () C:\Users\aaron\AppData\Local\{55AD2261-D3B4-4297-8EDB-7A8B3A8C44E4}
2014-07-08 16:51 - 2012-04-16 02:58 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 16:51 - 2012-04-16 02:58 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 16:51 - 2012-04-16 02:58 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 16:43 - 2014-07-07 16:43 - 00000000 ____D () C:\Users\aaron\AppData\Local\{21D12364-47AA-4306-953B-258904FB1EC8}
2014-07-07 15:47 - 2014-05-16 02:48 - 00000000 ____D () C:\Users\aaron\pic to go thru
2014-07-06 06:26 - 2014-04-30 02:09 - 00000000 ____D () C:\Users\aaron\Downloads\books
2014-07-05 14:23 - 2014-05-07 17:15 - 00007609 _____ () C:\Users\aaron\AppData\Local\Resmon.ResmonCfg
2014-06-29 19:09 - 2014-07-08 18:10 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-29 19:04 - 2014-07-08 18:10 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-27 09:49 - 2014-06-27 09:48 - 00000000 ____D () C:\Users\aaron\AppData\Local\{0D168EF4-0BCE-477D-88D8-1212D5095D08}
2014-06-26 02:39 - 2014-05-07 21:07 - 00000000 ____D () C:\Users\aaron\Desktop\inspiraional E cards
2014-06-26 02:35 - 2014-05-16 02:54 - 00000000 ____D () C:\Users\aaron\Desktop\CNF

Files to move or delete:
====================
C:\Users\aaron\HijackThis.exe
C:\Users\aaron\SysInfo.exe


Some content of TEMP:
====================
C:\Users\aaron\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\aaron\AppData\Local\Temp\BackupSetup.exe
C:\Users\aaron\AppData\Local\Temp\install_helper.exe
C:\Users\aaron\AppData\Local\Temp\install_reader11_en_gtbd_chrd_dn_aaa_aih.exe
C:\Users\aaron\AppData\Local\Temp\newsetup.exe
C:\Users\aaron\AppData\Local\Temp\raptrpatch.exe
C:\Users\aaron\AppData\Local\Temp\raptr_stub.exe
C:\Users\aaron\AppData\Local\Temp\SCC.dll
C:\Users\aaron\AppData\Local\Temp\SymCCIS.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 03:44

==================== End Of Log ============================
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
jammer1010,
Your hard Drive looks OK.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click this Entry, if it exists, choose Uninstall, and give permission to Continue:

Raptr

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both the program (FRST.exe or FRST64.exe) and fixlist.txt be in the same location, or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to the operating system

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that, let the tool complete its run.
When finished, FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

askey127
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top