1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HP P7-1225 No Audio Output Device Is Installed Error

Discussion in 'Virus & Other Malware Removal' started by nickib622, Dec 11, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    So I'm having the same issue. I had this issue a month or so ago so I went to HP Recovery and reverted back to previous windows updates and viola! my sound was restored!

    Since then I've been having a lot of Internet issues, websites not available, DNS server issues (which I do not believe I am even USING a DNS server, but I'm not sure!), etc. So, I decided to reinstall Windows 7 updates and now I have the same annoying no sound issue. I read the previous posts and have attached a screenshot of my Device Manager.

    I've also installed Malware Bytes and it keeps showing something called "rock.turner.addon" but I haven't been able to remove this either. I removed this add-on for all browsers (Google Chrome, IE, Firefox), but it still won't delete from the list of fprogram files, even though I've "uninstalled" it from the control panel.

    think I've got some type of software issue here, but I have no idea where to start. I keep seeing "resolving host" on sites trying to load also.

    Any help is most appreciated! Thank you.
     

    Attached Files:

  2. etaf

    etaf Moderator

    Joined:
    Oct 2, 2003
    Messages:
    64,986
    First Name:
    Wayne
  3. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    So sorry Wayne! Thank you for moving this to the appropriate forum. So, anyone have any ideas for me? I am so frustrated with this because I am CERTAIN it is a software issue and NOT a hardware issue! That, plus the "weird" things that keep happening (like I had to refresh the screen twice just to post this reply) are making me crazy!

    Just as an FYI, I do use Avast! antivirus and no other antivirus program is on my computer. I had a Staples tech tell me once that having more than one antivirus program on your computer, even though one is disabled, is like having 4 bouncers at the front door and someone slipping in through their legs. Is that true? I have run the Avast! and the Malware Bytes. The rock.turner thing stopped showing up via Avast! but it now pops up via Malware Bytes (both alerting me that it blocked it).

    Thanks!
     
  4. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    So, I keep getting this error whenever I try to most anything on the Internet. I'm using Google Chrome, but I do not believe the issue is with Chrome. I get this error, hit reload (sometimes a couple of times) and finally the site loads.

    Thought this might help with my dilemma!
     

    Attached Files:

  5. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    So I installed - once again - the Realtek update. Attached is the info when I do troubleshooting. What is wrong here? Can anyone help me please?
     

    Attached Files:

  6. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    ~bump~ No suggestions? Please help!
     
  7. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    So if no one has any suggestions for my issues, can you please at least recommend somewhere else for me to look? Free software or a SAFE website to download something from . . . even another forum?

    I'm still having the no sound problem and the annoying this web page is not available (see attachment in earlier post) comes up nearly EVERY time.

    I've run Malware Bytes, but it hasn't seemed to resolve much. I've tried downloading the Realtek drivers, but I already have "updated" drivers, so the sound issue is still there.

    Would someone please suggest another site I can go to for help? It seems no one here even has any suggestions!

    Thank you.
     
  8. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
  9. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    Thank you askey127 for your clarification. I had no idea I HAD to read the link - I just thought it was a suggestion for future rules and regulations for the virus and other malware forum. Here is the information you requested.

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: AMD A8-3820 APU with Radeon(tm) HD Graphics, AMD64 Family 18 Model 1 Stepping 0
    Processor Count: 4
    RAM: 7666 Mb
    Graphics Card: AMD Radeon HD 6550D Graphics, 512 Mb
    Hard Drives: C: Total - 936557 MB, Free - 506339 MB; D: Total - 17208 MB, Free - 2107 MB; K: Total - 114472 MB, Free - 23470 MB;
    Motherboard: PEGATRON CORPORATION, 2ACF
    Antivirus: avast! Antivirus, Updated and Enabled
     
  10. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    nickin622,
    Good.
    In order to start, we need to lnow at least what 32/64 bit Operating System is used.
    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
  11. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    THANK YOU SO MUCH! Here is the first set of data . . .

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
    Ran by Nicki (administrator) on NICKI-HP on 19-12-2014 07:41:44
    Running from C:\Users\Nicki\Downloads
    Loaded Profile: Nicki (Available profiles: Nicki)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    () C:\Users\Nicki\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    () C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\videodl.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
    HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7177728 2013-03-12] (Broadcom Corporation)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
    HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-08] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
    HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-06] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-30] (RealNetworks, Inc.)
    HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-04-22] (Hewlett-Packard)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Run: [Amazon Cloud Player] => C:\Users\Nicki\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3109376 2013-07-21] ()
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-29] (Google Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Run: [GoogleChromeAutoLaunch_F152B0FD08282DC38A1D62C7F047CFE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2014-12-01] (Apple Inc.)
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\RunOnce: [Adobe Speed Launcher] => 1418820998
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
    ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    Startup: C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=odc228
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=odc228
    SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_coinis_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByEzyyB0C0FyDyD0CzyyCtN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzytBzzzyyE0FtCtGyCyEyE0EtGzyyByByEtGzytBtB0BtGyCyB0FzzyC0FtC0FtAyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0CtCyByE0BzytG0DtAzz0DtG0A0DtD0EtG0A0AtD0AtGtCzy0C0DyEyCyCyBzyzytC0F2Q&cr=1927420601&ir=
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {18475390-020D-403D-8219-09140A7086A3} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites02_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByEzyyB0C0FyDyD0CzyyCtN0D0Tzu0SzzzztBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StA0FyCyB0B0DzytDtGyD0Ezy0AtGzytC0FtBtG0AyDtCtBtGtC0F0C0A0C0ByE0EtDyEzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0CtCyByE0BzytG0DtAzz0DtG0A0DtD0EtG0A0AtD0AtGtCzy0C0DyEyCyCyBzyzytC0F2Q&cr=1065553307&ir=
    SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_coinis_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByEzyyB0C0FyDyD0CzyyCtN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzytBzzzyyE0FtCtGyCyEyE0EtGzyyByByEtGzytBtB0BtGyCyB0FzzyC0FtC0FtAyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0CtCyByE0BzytG0DtAzz0DtG0A0DtD0EtG0A0AtD0AtGtCzy0C0DyEyCyCyBzyzytC0F2Q&cr=1927420601&ir=
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {18475390-020D-403D-8219-09140A7086A3} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {18475390-020D-403D-8219-09140A7086A3} URL =
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites02_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByEzyyB0C0FyDyD0CzyyCtN0D0Tzu0SzzzztBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StA0FyCyB0B0DzytDtGyD0Ezy0AtGzytC0FtBtG0AyDtCtBtGtC0F0C0A0C0ByE0EtDyEzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0CtCyByE0BzytG0DtAzz0DtG0A0DtD0EtG0A0AtD0AtGtCzy0C0DyEyCyCyBzyzytC0F2Q&cr=1065553307&ir=
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_coinis_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByEzyyB0C0FyDyD0CzyyCtN0D0Tzu0SzyyDtDtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzytBzzzyyE0FtCtGyCyEyE0EtGzyyByByEtGzytBtB0BtGyCyB0FzzyC0FtC0FtAyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0CtCyByE0BzytG0DtAzz0DtG0A0DtD0EtG0A0AtD0AtGtCzy0C0DyEyCyCyBzyzytC0F2Q&cr=1927420601&ir=
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc228&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
    SearchScopes: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
    DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 4.2.2.2

    FireFox:
    ========
    FF ProfilePath: C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\msh6u6hx.default
    FF DefaultSearchEngine: Yahoo! (Avast)
    FF DefaultSearchUrl: https://search.yahoo.com/yhs/search
    FF SearchEngineOrder.1: Yahoo! (Avast)
    FF SelectedSearchEngine: Yahoo! (Avast)
    FF Homepage: https://www.yahoo.com?fr=hp-avast&type=odc228
    FF Keyword.URL: https://search.yahoo.com/yhs/search
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-4213591192-4114802443-2367686102-1000: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\Nicki\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll (SquareClock SAS)
    FF Plugin HKU\S-1-5-21-4213591192-4114802443-2367686102-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    FF SearchPlugin: C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\msh6u6hx.default\searchplugins\yahoo-avast.xml
    FF Extension: Gmail Notifier (restartless) - C:\Users\Nicki\AppData\Roaming\Mozilla\Firefox\Profiles\msh6u6hx.default\Extensions\[email protected] [2013-05-17]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14]
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-16]
    FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: No Name - {F003DA68-8256-4b37-A6C4-350FA04494DF} [Not Found]
    FF Extension: No Name - [email protected] [Not Found]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR StartupUrls: Default -> "https://mail.google.com/mail/u/0/?tab=wm#inbox", "https://www.facebook.com/", "hxxp://www.gsn.com/ChaChingo/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-21]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]
    CHR Extension: (Avast Online Security) - C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-03]
    CHR Extension: (Hangouts) - C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-03]
    CHR Extension: (Google Wallet) - C:\Users\Nicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
    CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Chrome\Extension: [jeedhehdfjahfpjhaedmaohbfcdkoolg] - C:\Users\Nicki\AppData\Local\CRE\jeedhehdfjahfpjhaedmaohbfcdkoolg.crx [2013-01-03]
    CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-23]
    CHR HKLM-x32\...\Chrome\Extension: [jeedhehdfjahfpjhaedmaohbfcdkoolg] - C:\Users\Nicki\AppData\Local\CRE\jeedhehdfjahfpjhaedmaohbfcdkoolg.crx [2013-01-03]
    CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [Not Found]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-10-28] (Adobe Systems) [File not signed]
    S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-07-31] () [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
    R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
    S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-06-17] ()
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
    R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-30] (RealNetworks, Inc.)
    R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
    S2 Update Rock Turner; C:\Program Files (x86)\Rock Turner\updateRockTurner.exe [524064 2014-12-11] ()
    R2 Util Rock Turner; C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe [524064 2014-12-11] ()
    R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5862400 2013-03-12] (Broadcom Corporation) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-23] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-23] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-23] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-23] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-23] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-23] ()
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-12-13] (GFI Software)
    R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-19] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-13] ()
    S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
    S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
    S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
    S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
    S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
    S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-19 07:41 - 2014-12-19 07:42 - 00036338 _____ () C:\Users\Nicki\Downloads\FRST.txt
    2014-12-19 07:41 - 2014-12-19 07:41 - 00000000 ____D () C:\FRST
    2014-12-19 07:40 - 2014-12-19 07:40 - 02121216 _____ (Farbar) C:\Users\Nicki\Downloads\FRST64.exe
    2014-12-18 21:07 - 2014-12-18 21:08 - 00509440 _____ (Tech Support Guy System) C:\Users\Nicki\Downloads\SysInfo.exe
    2014-12-18 05:41 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-18 05:41 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-14 09:43 - 2014-12-14 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2014-12-13 14:28 - 2014-12-13 14:28 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2014-12-13 14:28 - 2014-12-13 14:28 - 00000000 ____D () C:\Users\Nicki\AppData\Local\SlimWare Utilities Inc
    2014-12-13 14:27 - 2014-12-13 14:27 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2014-12-13 14:26 - 2014-12-13 14:27 - 00834424 _____ (SlimWare Utilities, Inc.) C:\Users\Nicki\Downloads\DriverUpdate-setup (1).exe
    2014-12-13 14:26 - 2014-12-13 14:26 - 00834424 _____ (SlimWare Utilities, Inc.) C:\Users\Nicki\Downloads\DriverUpdate-setup.exe
    2014-12-11 19:22 - 2014-12-11 19:22 - 00000008 __RSH () C:\ProgramData\ntuser.pol
    2014-12-11 18:59 - 2014-12-19 05:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-11 18:59 - 2014-12-11 18:59 - 00001142 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-11 18:59 - 2014-12-11 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-11 18:59 - 2014-12-11 18:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-11 18:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-12-11 18:59 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-12-11 18:53 - 2014-12-11 18:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nicki\Downloads\mbam-setup-2.0.4.1028.exe
    2014-12-11 07:38 - 2014-12-11 07:41 - 36904648 _____ (Microsoft Corporation) C:\Users\Nicki\Downloads\Windows-KB890830-x64-V5.19.exe
    2014-12-10 20:19 - 2011-09-27 02:34 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
    2014-12-10 19:06 - 2014-12-10 19:06 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
    2014-12-10 19:06 - 2014-12-10 19:06 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2014-12-10 19:06 - 2014-12-10 19:06 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2014-12-10 19:06 - 2014-12-10 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2014-12-10 18:58 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-12-10 18:58 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-12-10 18:57 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-12-10 18:57 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-12-10 18:52 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-12-10 18:52 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-10 18:52 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-10 18:52 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-12-10 18:52 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-12-10 18:52 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-12-10 18:52 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-12-10 18:52 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-12-10 18:52 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-12-10 18:52 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-12-10 18:52 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-12-10 18:52 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-12-10 18:52 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-12-10 18:52 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-12-10 18:51 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-12-10 18:51 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-12-10 18:51 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
    2014-12-10 18:51 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
    2014-12-10 18:51 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
    2014-12-10 18:37 - 2014-12-10 18:37 - 00162010 _____ () C:\Users\Nicki\Downloads\DIAG_MATS_NETWORK_global.DiagCab
    2014-12-10 18:37 - 2014-12-10 18:37 - 00162010 _____ () C:\Users\Nicki\Downloads\DIAG_MATS_NETWORK_global (1).DiagCab
    2014-12-10 18:35 - 2014-12-10 18:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Nicki\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.42341681695175715.1.1.Run.exe
    2014-12-10 03:33 - 2014-12-10 03:33 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-10 03:04 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-10 03:04 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-09 21:43 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-09 21:43 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-09 21:43 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2014-12-09 21:42 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-09 21:42 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-09 21:42 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-09 21:42 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-09 21:42 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-09 21:42 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-09 21:42 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-09 21:42 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-09 21:42 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-09 21:42 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-09 21:42 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-09 21:42 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-09 21:42 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-09 21:42 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-09 21:42 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-09 21:42 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-09 21:42 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-09 21:42 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-09 21:42 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-09 21:42 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-09 21:42 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-09 21:42 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-09 21:42 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-09 21:42 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-09 21:42 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-09 21:42 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-09 21:42 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-09 21:42 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-09 21:42 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-09 21:42 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-09 21:42 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-09 21:42 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-09 21:42 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-09 21:42 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-09 21:42 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-09 21:42 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-09 21:42 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-09 21:42 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-09 21:42 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-09 21:42 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-09 21:42 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-09 21:42 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-09 21:42 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-09 21:42 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-09 21:42 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-09 21:41 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-09 21:41 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-09 21:41 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-09 21:41 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-09 21:41 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-09 21:41 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-09 21:41 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-09 21:41 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-09 21:41 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-09 21:41 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-09 21:41 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-09 21:41 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-09 21:37 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-09 21:37 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-09 21:37 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-09 21:37 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-09 21:37 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-09 21:37 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-09 21:37 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-09 21:37 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-09 21:37 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-09 21:37 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-09 21:37 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-09 21:37 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-09 21:37 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-09 21:37 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-11-30 15:10 - 2014-11-30 15:09 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-11-30 15:09 - 2014-11-30 15:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-11-30 15:09 - 2014-11-30 15:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-11-30 15:09 - 2014-11-30 15:09 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-11-30 15:09 - 2014-11-30 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-11-30 15:09 - 2014-11-30 15:09 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-11-30 14:39 - 2014-11-30 14:39 - 00003424 _____ () C:\Windows\System32\Tasks\RealDownloader Update Check
    2014-11-30 14:24 - 2014-11-30 14:24 - 00000000 ____D () C:\ProgramData\RealNetworks
    2014-11-30 14:24 - 2014-11-30 14:24 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-11-30 14:24 - 2014-11-30 14:24 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
    2014-11-29 21:20 - 2014-11-29 21:20 - 00003110 _____ () C:\Windows\System32\Tasks\{04A01F86-A7C4-463D-9033-48E8C019AABF}
    2014-11-29 21:19 - 2005-06-14 17:59 - 08307200 _____ () C:\MicrosoftContentManagementServer2002SP1Aunpatch.msp
    2014-11-29 21:19 - 2005-06-14 17:55 - 08308736 _____ () C:\MicrosoftContentManagementServer2002SP1Apatch.msp
    2014-11-29 21:19 - 2005-06-14 17:49 - 00001547 _____ () C:\setup.xml
    2014-11-29 21:19 - 2005-01-27 12:29 - 00424960 _____ (Microsoft Corporation) C:\Setup.exe
    2014-11-29 21:16 - 2014-11-29 21:18 - 16457096 _____ () C:\Users\Nicki\Downloads\240634_ENU_i386_zip.exe
    2014-11-29 21:14 - 2014-11-29 21:14 - 00000000 __SHD () C:\Users\Nicki\AppData\Local\EmieUserList
    2014-11-29 21:14 - 2014-11-29 21:14 - 00000000 __SHD () C:\Users\Nicki\AppData\Local\EmieSiteList
    2014-11-29 21:14 - 2014-11-29 21:14 - 00000000 __SHD () C:\Users\Nicki\AppData\Local\EmieBrowserModeList
    2014-11-27 11:16 - 2014-12-17 07:55 - 00363008 ___SH () C:\Users\Nicki\Downloads\Thumbs.db
    2014-11-27 11:03 - 2014-11-27 11:09 - 23993200 _____ () C:\Users\Nicki\Downloads\Nickilinn Maier Equifax Dispute Letter.tif
    2014-11-24 19:58 - 2014-11-24 19:58 - 00000000 ____D () C:\Users\Nicki\AppData\Local\{C76DAC56-EE50-44BB-9CD3-49036090C85B}
    2014-11-23 19:36 - 2014-11-23 19:36 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-11-23 19:36 - 2014-11-23 19:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
    2014-11-19 01:05 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-19 01:05 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-19 01:05 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-19 01:05 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-19 07:36 - 2012-06-14 20:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-19 07:32 - 2012-04-15 17:12 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DB5433A1-26C2-4385-8EE8-D7FA7439CEA8}
    2014-12-19 06:53 - 2012-05-09 09:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-19 06:27 - 2012-04-15 17:01 - 01782042 _____ () C:\Windows\WindowsUpdate.log
    2014-12-19 03:05 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-19 03:05 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-19 01:53 - 2012-05-09 09:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-19 01:53 - 2012-05-09 09:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-19 01:53 - 2012-01-19 11:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-18 22:36 - 2012-06-14 20:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-17 18:10 - 2012-05-09 08:06 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNicki
    2014-12-17 18:10 - 2012-05-09 08:06 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForNicki.job
    2014-12-14 11:22 - 2012-01-19 11:34 - 00000000 ____D () C:\ProgramData\PDFC
    2014-12-13 10:14 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-13 10:09 - 2013-11-01 11:19 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\Dropbox
    2014-12-13 10:07 - 2014-11-15 13:18 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000
    2014-12-13 10:07 - 2013-07-13 20:51 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4213591192-4114802443-2367686102-1000
    2014-12-13 10:07 - 2013-06-02 00:00 - 00018551 _____ () C:\Windows\setupact.log
    2014-12-13 10:07 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-13 10:06 - 2013-03-13 02:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-12-13 10:06 - 2013-03-13 02:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-12-13 09:32 - 2013-03-13 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-12-13 09:28 - 2013-08-21 18:09 - 00516608 ___SH () C:\Users\Nicki\Desktop\Thumbs.db
    2014-12-13 09:09 - 2014-06-13 21:58 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2014-12-13 09:02 - 2012-01-19 11:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2014-12-13 08:58 - 2014-11-15 14:06 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4213591192-4114802443-2367686102-1000
    2014-12-13 08:58 - 2013-06-30 11:49 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000
    2014-12-13 03:17 - 2013-06-06 11:47 - 00911560 _____ () C:\Windows\PFRO.log
    2014-12-12 06:13 - 2012-11-20 10:51 - 00000000 ____D () C:\Users\Nicki\Desktop\Desktop Crap
    2014-12-11 22:50 - 2012-04-22 19:43 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\SoftGrid Client
    2014-12-11 21:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-11 19:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Vss
    2014-12-11 19:19 - 2014-05-31 08:14 - 00000000 ____D () C:\Program Files (x86)\Rock Turner
    2014-12-11 19:19 - 2013-07-13 14:21 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\DSite
    2014-12-11 19:19 - 2009-07-13 21:34 - 00000505 _____ () C:\Windows\win.ini
    2014-12-11 18:59 - 2012-11-20 13:07 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\Malwarebytes
    2014-12-11 18:59 - 2012-11-20 13:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-10 20:20 - 2012-01-19 11:15 - 00000000 ____D () C:\Program Files (x86)\Realtek
    2014-12-10 20:19 - 2012-01-19 11:15 - 00000000 ___HD () C:\Program Files (x86)\Temp
    2014-12-10 20:19 - 2012-01-19 11:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-12-10 19:11 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-12-10 19:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-10 19:06 - 2012-11-03 12:30 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
    2014-12-10 19:06 - 2012-06-19 19:03 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
    2014-12-10 19:06 - 2012-04-22 20:59 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
    2014-12-10 04:51 - 2014-05-31 08:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-12-10 03:33 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-10 03:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-10 03:17 - 2012-06-06 20:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-10 03:14 - 2013-08-15 02:02 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-10 03:07 - 2012-04-21 08:58 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-06 09:18 - 2012-07-08 22:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-11-30 15:10 - 2013-10-28 05:34 - 00000000 ____D () C:\ProgramData\Oracle
    2014-11-30 14:30 - 2012-10-18 19:51 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\Real
    2014-11-30 14:24 - 2012-12-18 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
    2014-11-30 14:24 - 2012-10-18 19:51 - 00000000 ____D () C:\Users\Nicki\AppData\Roaming\RealNetworks
    2014-11-30 14:23 - 2014-04-23 05:24 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
    2014-11-30 14:23 - 2014-04-23 05:24 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
    2014-11-30 14:23 - 2012-10-18 19:51 - 00000000 ____D () C:\Program Files (x86)\Real
    2014-11-30 14:23 - 2012-10-18 19:49 - 00000000 ____D () C:\ProgramData\Real
    2014-11-30 14:22 - 2014-04-23 05:24 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
    2014-11-30 14:22 - 2014-04-23 05:24 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
    2014-11-29 21:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-11-24 14:04 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-23 19:36 - 2014-05-03 09:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-11-23 19:36 - 2014-01-04 12:17 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
    2014-11-23 19:36 - 2013-03-17 06:07 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-11-23 19:36 - 2013-03-17 06:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-11-23 19:36 - 2012-06-14 20:28 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-11-23 19:36 - 2012-06-14 20:28 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-11-23 19:36 - 2012-06-14 20:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-11-23 19:36 - 2012-06-14 20:28 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-11-21 06:14 - 2012-11-20 13:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

    Some content of TEMP:
    ====================
    C:\Users\Nicki\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplh_nf4.dll
    C:\Users\Nicki\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-15 00:26

    ==================== End Of Log ============================
     
  12. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by Nicki at 2014-12-19 07:43:17
    Running from C:\Users\Nicki\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
    Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe® Photoshop® Album Starter Edition 3.0 (HKLM-x32\...\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}) (Version: 3.00.000 - Adobe Systems, Inc.)
    Amazon Cloud Player (HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Amazon Amazon Cloud Player) (Version: 1.1.0.337 - Amazon Services LLC)
    Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
    Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
    AMD Catalyst Install Manager (HKLM\...\{601B10F8-06B0-2EB1-CCAD-C3F7D7E32FD1}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
    BCL easyConverter Desktop 3 (Word Version) (HKLM-x32\...\{8C5845B5-729F-40E3-A945-4454E67F65F4}) (Version: 3.0.18 - BCL Technologies)
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
    Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8200 - Broadcom Corporation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.201 - Broadcom Corporation)
    Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.143 - Broadcom Corporation)
    Brother P-touch Editor 4.2 (HKLM-x32\...\InstallShield_{003447F5-0058-4B77-9C1E-50488F77C4A7}) (Version: 4.2 - Brother Industries, Ltd.)
    Brother P-touch Editor 4.2 (x32 Version: 4.2 - Brother Industries, Ltd.) Hidden
    Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
    CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
    Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
    Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
    Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
    Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: - NCH Software)
    Dropbox (HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
    Duplicate Sweeper (HKLM-x32\...\{86A3FB08-45A4-4FA9-90D8-B0291585405B}) (Version: 1.4.0 - Wide Angle Software)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Express Scribe (HKLM-x32\...\Scribe) (Version: - NCH Swift Sound)
    Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
    Fairway Solitaire: Tee to Play (HKLM-x32\...\BFG-Fairway Solitaire - Tee to Play) (Version: - )
    Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HomeByMe (HKU\S-1-5-21-4213591192-4114802443-2367686102-1000\...\SquareClock_Production_HBMV1) (Version: - SquareClock SAS)
    Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
    HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
    HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
    HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
    HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
    HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
    HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
    HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
    HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
    HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.8.0.002 - HTC Corporation)
    HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 2.0.7.016 - HTC Corporation)
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
    Las Vegas Casino (HKLM-x32\...\Product_Name) (Version: - )
    Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Lexmark Universal v2 Uninstaller (HKLM\...\Lexmark Universal v2) (Version: - Lexmark International, Inc.)
    Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
    Lost Photos version 1.1 (HKLM-x32\...\{6576B1CD-0CF5-4B5A-BC77-1921123A9CBC}_is1) (Version: 1.1 - Space Inch, LLC)
    Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Sounds (HKLM-x32\...\{10CE1EA2-12E9-11D3-825E-00C04F6843FE}) (Version: 1.0.0.0 - Microsoft Corp)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
    MPR - PC Edition (HKLM-x32\...\{DEDBCAAC-970F-4106-B17C-9E9BD6FAD522}) (Version: 1.01.01 - MPR)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
    OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
    [email protected] (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
    PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PENTAX USB DISK Device (HKLM-x32\...\{AEE9ABDF-CFFD-4CC2-8519-E8ECEB5A2AAF}) (Version: 1.02.0000 - PENTAX)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
    PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
    Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.10 - NCH Software)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
    Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
    RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C0F05}) (Version: 12.15.5.30 - APN, LLC) <==== ATTENTION
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SoundTaxi 4.4.5 (HKLM-x32\...\{8675BF55-B842-4E02-B3C8-7AA92C72D2C2}_is1) (Version: 4.4.5 - cyan soft ltd)
    Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
    Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
    TeleTech WB ISA (HKLM-x32\...\TeleTech ISA) (Version: 1.0.2 - TeleTech)
    The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
    TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
    Tune Sweeper (HKLM-x32\...\{E5B75EA5-CA66-407C-A11B-2E2AC494B164}) (Version: 3.06 - Wide Angle Software)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.55.0 - Verizon)
    WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
    Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
    Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4213591192-4114802443-2367686102-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicki\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    10-12-2014 18:49:04 Windows Update
    10-12-2014 19:04:42 DCInstallRestorePoint
    10-12-2014 19:37:43 Windows Update
    11-12-2014 03:00:13 Windows Update
    13-12-2014 03:00:17 Windows Update
    13-12-2014 09:00:58 Windows Update
    13-12-2014 09:30:06 Windows Update
    13-12-2014 14:32:05 Removed DriverUpdate
    13-12-2014 14:33:29 Removed DriverUpdate
    13-12-2014 14:33:48 Removed DriverUpdate
    16-12-2014 13:07:21 Windows Update
    19-12-2014 03:00:15 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {01BB7848-0DB4-4662-AD73-9A601157A363} - System32\Tasks\{503E5DD9-F112-4482-8EF6-A844D9F21E56} => C:\Program Files (x86)\NCH Swift Sound\Scribe\scribe.exe [2012-07-17] ()
    Task: {046332A2-252F-4517-B673-053D7C49A44D} - System32\Tasks\{5FCB9EDC-5590-40C9-873D-E75F1C13AC5E} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {049DC291-4AF6-4963-B15D-C87182AFB633} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {07F0E3CB-1876-4BFF-BCD2-CD44AEB3B88D} - System32\Tasks\{07E716B4-6E95-4CDA-BB52-9F22421C72DE} => pcalua.exe -a "C:\Remote Programs\7 Wonders 2\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=586350;name=7 Wonders II;dir=C:\Remote Programs\7 Wonders 2\;prvid=143;cmdid=1;prvdir=Default
    Task: {122D66D0-3172-4DA2-BC16-544610F20FDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
    Task: {1A241E63-6EBC-493A-8F84-FD650BA09DB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
    Task: {1E2047C9-9FD8-416D-A630-48352A1CB791} - System32\Tasks\{04A01F86-A7C4-463D-9033-48E8C019AABF} => pcalua.exe -a C:\Users\Nicki\Desktop\Setup.exe -d C:\Users\Nicki\Desktop
    Task: {2935A2DC-0C6B-4E39-BFC4-48A1C23DBD25} - System32\Tasks\HPCeeScheduleForNicki => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {2BD64F1C-CE1D-4B6C-9B77-B367E5CEE87F} - System32\Tasks\{494F6CC0-9229-437F-808C-8C43FB5AFC6D} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {2DC4EF21-6A21-45F6-88C3-DA96BC64DE43} - System32\Tasks\{1F1AB0EC-3E56-4DF5-8B55-D137154FD2F9} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {2E38373A-0583-4061-9F23-EB78B221B30E} - System32\Tasks\Amazon Music Helper => C:\Users\Nicki\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-07-21] ()
    Task: {2E95735F-38BF-491B-A72B-8715E97D5AA7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {326CBD15-D85E-4208-9478-B2223C6762E5} - System32\Tasks\{4EC9F090-12E5-414B-B943-78A759D89A3A} => pcalua.exe -a C:\pentaxsw14\SETUP.EXE -d C:\pentaxsw14
    Task: {340E39F7-691E-4404-B1ED-36710A9B9A1B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {34974286-15D5-4F0C-8BAB-363D4D0603C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {362B0AD7-DA9D-4B7F-BD5B-184D99FD56F6} - System32\Tasks\{88BD78BB-D422-4F1D-9115-8C2BE2EA61BE} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {3697ADC0-43D0-425D-A89B-CBB6BBA596BF} - System32\Tasks\{611DDE4E-AD46-4188-A68B-633380F3A9BE} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {3D621842-BD91-406F-8351-824DE6CE6E66} - System32\Tasks\{2A776B40-B699-4E66-BC87-46CFDA232481} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {418D6C07-F01B-4216-A3F0-A51F080BCC1A} - System32\Tasks\{CFA64ADA-83FB-47B3-869D-F53DC4155F0A} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {4B08BEA5-F903-4B79-8516-F3A52478BB7C} - System32\Tasks\{2C41F836-2314-4F9F-B033-EA8DE6936FB0} => pcalua.exe -a "J:\OLD HD FROM PC\Program Files\Express Scribe\essetup.exe" -d "J:\OLD HD FROM PC\Program Files\Express Scribe"
    Task: {4C64D37C-0B4A-4D75-89D9-49BA249A8D3C} - System32\Tasks\{C4340A4A-969F-4A31-B2C6-8B610A3B9C4E} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {4EEBFAB9-9132-431A-8F70-97BA8697474B} - System32\Tasks\{DA721FB1-58C9-4582-A43C-8896F7CAE021} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {52C506BF-ED9C-4E5C-8F8F-702BABB61A07} - System32\Tasks\{43136DE1-32D6-4C11-8E2A-9251FD2EB872} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {5324134D-A660-40CC-98FC-76D96C8537B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {5B728B32-69D2-4E70-A1FD-EB1CE006D5F9} - System32\Tasks\{B2C023F0-F13A-4227-8C49-C3412C8F0127} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {5D1E4575-EB1E-45CA-9615-2FA102ECC767} - System32\Tasks\{DC657975-7E88-4EE4-A2EC-92491510F7D4} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {61B4A15E-7ACA-43A4-960E-2E2B72953A88} - System32\Tasks\{8DFDA845-A519-4D29-AA11-66F001F1600B} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {6B71C824-5207-48FD-BC4D-86D14586C596} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.)
    Task: {6EF1E832-B63F-4917-A7D5-678294EC2F47} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {756CE202-F022-41DB-9475-7A285A1611EC} - System32\Tasks\{344903A3-919F-4A32-8709-FB8869611675} => C:\Users\Nicki\Downloads\essetup.exe
    Task: {85E9715F-8F70-4560-A37E-406E77391D70} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
    Task: {8757F1C6-F7AE-4347-A234-3664E71C1A33} - System32\Tasks\{E838059D-9CC6-41ED-BE92-977BF8852981} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {89B0EDF6-25C8-4C72-BF3A-87970189F3DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-23] (AVAST Software)
    Task: {9079E581-2E94-49A6-A4D7-876B3D1143D8} - System32\Tasks\{5188A5EC-EC01-441B-8B5C-2D41AF798857} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {9090C77C-68EB-411A-9192-D5092793EA4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
    Task: {A62D5902-0836-43B6-BBC6-2A8EBACBD89A} - System32\Tasks\{F40DD7A3-685E-497B-ABC9-A5454CFC86A2} => C:\Users\Nicki\Downloads\essetup.exe
    Task: {A7EE73E0-F809-47D7-9DDF-2772258ED2D9} - System32\Tasks\{A1113470-C457-4996-8226-AD1970C01DD2} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {AB3B83C2-815F-4199-9A5A-F012A105BA2C} - System32\Tasks\{E6D27F6F-8AE5-4022-A5E6-07EA0E348F9E} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {B17CED67-D41C-47C5-B7B3-09AE3CF4F9F9} - System32\Tasks\{6C10DF08-D6C5-4E56-ABC1-E4599E7EDD6E} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {B2EB9337-E230-4628-B483-39D0E05B0467} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {B3BE2F29-EB1F-48AD-A9B5-6511E6397527} - System32\Tasks\{EE91E611-ECB1-4812-94E7-2866349B5E2C} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {B44C32EE-87B6-45C2-A181-7FDC572B43BD} - System32\Tasks\{BB40B008-659E-4130-AB28-8319A571010B} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {B7EF8E66-28B6-4436-8F9C-46A0C7847A49} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {B95AE46F-E418-4BEB-8D9E-D0F5EF28D5CC} - System32\Tasks\{502557EA-85D4-4FAA-B017-6238A7F4B7A3} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {BCDEEF71-FA47-4334-BA90-F795E62FB4EB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {BE1CCC4F-A087-4E5C-97BD-5CE3C24124EA} - System32\Tasks\{F455AE30-0C3E-4442-A1FC-090685301CAC} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {BFF38D15-ED84-4C7C-8E4A-0B74D38110CD} - System32\Tasks\{5CBD4D2F-EDE4-4919-9A2F-F54273133C4F} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {C1054A24-3B61-4E14-A975-3DC1CE7C3EE7} - System32\Tasks\{896B832E-327B-47F5-934E-B2873D55D429} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {C34408D6-8E30-4D63-BB46-C29B0A00B7F6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-10-26] (RealNetworks, Inc.)
    Task: {C490A453-8D25-4FDC-891D-5837059A5DF1} - System32\Tasks\{EBF20479-9515-420A-B9F1-1A291278B409} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {C563C3AB-BD4C-4AE3-AA8C-DD81D028B75A} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
    Task: {C8433A74-9176-49F6-A6A9-5BCE64EF8A83} - System32\Tasks\{D04512F7-C175-4632-93BE-351074A654C4} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Scribe\uninst.exe"
    Task: {CACFD1D5-1DC0-4A21-9DF3-F685DD335675} - System32\Tasks\{42E0739B-38FD-4585-B565-D3BD15EB3255} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {D24A519F-FC75-4306-8468-17B68B836B94} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
    Task: {DC015BD7-5A99-46B0-9FE1-D0A8BEAFF289} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
    Task: {DDC6C1AC-15B5-4990-9299-CDF40CBB9A90} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {DE657D03-0C8F-490D-9168-6FB737A74101} - System32\Tasks\{1CD9227D-52E1-4DF0-9A66-C9D8C4D0AE24} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {E97698AE-EE4E-4687-A1C4-6E7A0541F621} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EA26E5F1-5F02-44F1-84C3-078169E1BE05} - System32\Tasks\{9B0FDB38-8B16-4EFA-AF80-B4D4C23F9838} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {EAEAC1F7-5226-4116-A579-97A7D58CBFF9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {ED00DB96-C9BC-494D-8B11-70EFE6DD74CD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {EE85E786-65FA-4AF5-BE0C-12A0759CC493} - System32\Tasks\{94A72A1E-7EEB-4545-A544-396F5EE5A3AE} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {EF5E2BCC-041B-434B-9B03-09C75E98D28C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
    Task: {F1929DEC-A8A9-444F-A113-F7BBA0F9CBAC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4213591192-4114802443-2367686102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {F30C3837-11D1-4FB2-AD55-35F330C81EED} - System32\Tasks\{E00D9F57-7789-4B40-8110-DE554A195431} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: {F55D050F-CA1B-4817-84E8-8626BB03129C} - System32\Tasks\{D283F5FF-165E-45CD-B1F7-CB1847E8B629} => C:\Users\Nicki\Downloads\essetup.exe
    Task: {FA7B1B79-8042-437F-8BD4-ECD7E325C00A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
    Task: {FB869FC4-114F-4D36-8913-7D7168CCEEC6} - System32\Tasks\{C08D3DFE-1F4A-4264-A887-C7206B0C8C50} => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForNicki.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-11-01 12:59 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    2013-08-02 06:48 - 2013-07-21 20:08 - 03109376 _____ () C:\Users\Nicki\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    2014-12-10 04:50 - 2014-12-11 16:36 - 00524064 _____ () C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe
    2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    2011-09-08 16:53 - 2011-09-08 16:53 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-08-02 15:41 - 2011-08-02 15:41 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2012-08-20 19:04 - 2012-03-28 00:48 - 00475136 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\LMUD1O4A.DLL
    2012-08-20 19:04 - 2012-03-28 00:48 - 00026112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\LMUD1O40.dll
    2014-10-29 19:02 - 2014-10-29 19:02 - 04851496 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\videodl.exe
    2014-12-13 03:25 - 2014-12-13 03:25 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121300\algo.dll
    2014-12-19 04:19 - 2014-12-19 04:19 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121900\algo.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-04-23 05:24 - 2014-11-30 14:23 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
    2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
    2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
    2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
    2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
    2014-11-23 19:36 - 2014-11-23 19:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-12-12 09:41 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-12 09:41 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
    2014-10-26 23:03 - 2014-10-26 23:03 - 00052296 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\OpenPref.dll
    2014-11-30 14:23 - 2014-11-30 14:23 - 00052808 _____ () c:\program files (x86)\real\realplayer\openrpc.dll
    2014-12-12 09:41 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-12 09:41 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-12 09:41 - 2014-12-05 20:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
    AlternateDataStreams: C:\ProgramData\Temp:E326D1D1

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-4213591192-4114802443-2367686102-500 - Administrator - Disabled)
    Guest (S-1-5-21-4213591192-4114802443-2367686102-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-4213591192-4114802443-2367686102-1002 - Limited - Enabled)
    Nicki (S-1-5-21-4213591192-4114802443-2367686102-1000 - Administrator - Enabled) => C:\Users\Nicki

    ==================== Faulty Device Manager Devices =============

    Name: SBRE
    Description: SBRE
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SBRE
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/19/2014 07:43:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 07:42:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 07:39:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 06:31:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 06:30:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 06:29:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 06:29:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 05:52:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 05:52:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

    Error: (12/19/2014 05:51:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.


    System errors:
    =============
    Error: (12/13/2014 10:09:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (12/13/2014 10:08:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Update Rock Turner service failed to start due to the following error:
    %%1053

    Error: (12/13/2014 10:08:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Update Rock Turner service to connect.

    Error: (12/13/2014 10:04:58 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

    Error: (12/13/2014 10:03:58 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

    Error: (12/13/2014 03:19:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (12/11/2014 07:22:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    SBRE

    Error: (12/11/2014 07:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Update Rock Turner service failed to start due to the following error:
    %%1053

    Error: (12/11/2014 07:21:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Update Rock Turner service to connect.

    Error: (12/11/2014 07:19:50 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {49F171DD-B51A-40D3-9A6C-52D674CC729D}


    Microsoft Office Sessions:
    =========================
    Error: (12/19/2014 07:43:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 07:42:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 07:39:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 06:31:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 06:30:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 06:29:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 06:29:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 05:52:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 05:52:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.

    Error: (12/19/2014 05:51:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
    Description: Access is denied.


    CodeIntegrity Errors:
    ===================================
    Date: 2014-11-06 16:38:58.955
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-11-06 16:38:58.881
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-11-06 16:37:25.134
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-11-06 16:37:25.055
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-11-06 16:37:10.755
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-11-06 16:37:10.681
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD A8-3820 APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 51%
    Total physical RAM: 7666.85 MB
    Available physical RAM: 3753.17 MB
    Total Pagefile: 15331.88 MB
    Available Pagefile: 10840.07 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:914.61 GB) (Free:493.81 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:16.81 GB) (Free:2.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive k: (Elements) (Fixed) (Total:111.79 GB) (Free:22.92 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C681E590)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=914.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=16.8 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 000BC320)
    Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    nickib622,
    Wow, what a pile of junk.
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    Search App by Ask
    Switch Sound File Converter
    Big Fish
    Coupon Printer for Windows
    Doxillion Document Converter
    Java 7 Update 71
    PDF Complete Special Edition

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    --------------------------------------------------------
    Run A Fix With FRST
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the Fix button just once and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    askey127
     

    Attached Files:

  14. nickib622

    nickib622 Thread Starter

    Joined:
    Jul 21, 2009
    Messages:
    193
    Askey127, I'm working on your fix, but I can't get the Search App by Ask to uninstall! It keeps telling me that I must close Google Chrome first and I've tried everything I can think of to make sure it's not running - but I can't get it to stop.

    I am going to do the rest of the steps, but I wanted to let you know, in case there is another way for me to get that to remove!

    Thanks - I know I have a "pile of junk" which is why I appreciate your help so much in getting my "pile-o-junk" cleaned up!
     
  15. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    Ask doesn't want you to uninstall.
    Just skip to the next item.
    We'll get it.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1139131

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice