Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014
Ran by ebahl_000 (ATTENTION: The logged in user is not administrator) on ZONPATHFINDER on 29-10-2014 18:20:10
Running from C:\Users\ebahl_000\Downloads
Loaded Profile: ebahl_000 (Available profiles: zon & ebahl_000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
( ) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Retrogamer Home Page Guard 64 bit] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\AppIntegrator64.exe [485960 2014-06-10] ( )
HKLM\...\Run: [TelevisionFanatic Home Page Guard 64 bit] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe [485960 2014-07-05] ( )
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [767600 2014-09-28] (Webroot)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB Optical Mouse] => C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe [245248 2010-03-30] ()
HKLM-x32\...\Run: [Retrogamer EPM Support] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wmedint.exe [12872 2014-06-10] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Retrogamer Search Scope Monitor] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrchMn.exe [55368 2014-06-10] (Mindspark)
HKLM-x32\...\Run: [Retrogamer_4w Browser Plugin Loader] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon.exe [61512 2014-06-10] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Retrogamer_4w Browser Plugin Loader 64] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon64.exe [71752 2014-06-10] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TelevisionFanatic EPM Support] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64medint.exe [12872 2014-07-05] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TelevisionFanatic Search Scope Monitor] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrchMn.exe [55368 2014-07-05] (Mindspark)
HKLM-x32\...\Run: [TelevisionFanatic Browser Plugin Loader] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe [61512 2014-07-05] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TelevisionFanatic Browser Plugin Loader 64] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe [71752 2014-07-05] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Run: [Google Update] => C:\Users\ebahl_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-23] (Google Inc.)
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {1a6df60b-53a7-11e4-82cd-ac7ba148f0c0} - "E:\TL_Bootstrap.exe"
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {4b315e66-b847-11e3-825d-ac7ba148f0c0} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {aa4305c4-4ff8-11e4-82cd-ac7ba148f0c0} - "E:\TL_Bootstrap.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe [810640 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
URLSearchHook: HKCU - (No Name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (Mindspark)
URLSearchHook: HKCU - (No Name) - {4cff1016-c2e2-4fdd-9c67-e32200c25ff9} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (Mindspark)
SearchScopes: HKLM - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S10228^us&si=CMSksf_Zr78CFS0YMgodi0IAmg&ptb=447F 88BB-92BA-4EBF-86B1-1FEACDE088D5&psa=&ind=2014080710&st=sb&n=780c6ec6&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^RG^xdm907^YYA^us&ptb=B0189651-73D6-40DF-94B4-1AEC81168BE7&ind=2014080710&n=780c6ec6&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL =
SearchScopes: HKCU - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL =
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S10228^us&si=CMSksf_Zr78CFS0YMgodi0IAmg&ptb=447F 88BB-92BA-4EBF-86B1-1FEACDE088D5&psa=&ind=2014080710&st=sb&n=780c6ec6&searchfor={searchTerms}
SearchScopes: HKCU - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^RG^xdm907^YYA^us&ptb=B0189651-73D6-40DF-94B4-1AEC81168BE7&ind=2014080710&n=780c6ec6&psa=&st=sb&searchfor={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Toolbar BHO -> {03123bb6-a811-407e-b323-66cf0be510b1} -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Search Assistant BHO -> {5d79f641-c168-40df-a32f-bacea7509e75} -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (Mindspark)
BHO-x32: ArcadeYum Addon -> {651CA263-4157-4AC5-B7C2-03A7C1C00457} -> C:\Users\zon\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {b4a89cd3-c5f5-49c4-abcf-5f26d636476f} -> No File
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Toolbar BHO -> {cb41fc95-f1b3-4797-8bb6-1012ff62abba} -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {d757dbfc-1494-4647-a8b3-abd654988dd8} -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (Mindspark)
BHO-x32: WeCareReminder Class -> {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} -> C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Retrogamer - {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
Toolbar: HKLM-x32 - TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - Retrogamer - {3392CFEC-56F8-41EE-BDB4-4E301EFD2C93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
Toolbar: HKCU - TelevisionFanatic - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\ebahl_000\AppData\Roaming\Mozilla\Firefox\Profiles\6dys65sy.defaul t
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Retrogamer_4w.com/Plugin -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll (Mindspark)
FF Plugin-x32: @TelevisionFanatic.com/Plugin -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\ebahl_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\ebahl_000\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ebahl_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ebahl_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ebahl_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ebahl_000\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Webroot Password Manager - C:\Users\ebahl_000\AppData\Roaming\Mozilla\Firefox\Profiles\6dys65sy.defaul t\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2014-10-08]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-03-27]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-07]
CHR Extension: (YouTube) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Google Search) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-10-13]
CHR Extension: (Webroot Filtering Extension) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-08-07]
CHR Extension: (Hangouts) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07]
CHR Extension: (Webroot Password Manager) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-08-07]
CHR Extension: (Gmail) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [jmfmbeipcnbmgifkjkhppnjiffmpmpga] - C:\ProgramData\WeCareReminder\\wecarereminderro.crx [2013-09-27]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-24] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-07-29] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 Retrogamer_4wService; C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbarsvc.exe [88648 2014-06-10] (COMPANYVERS_NAME)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R2 TelevisionFanaticService; C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe [88648 2014-07-05] (COMPANYVERS_NAME)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [767600 2014-09-28] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3668208 2013-07-29] (Intel® Corporation)
S2 Update Laflurla; "C:\Program Files (x86)\Laflurla\updateLaflurla.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-09-28] (Webroot)
S3 iscFlash; \??\C:\Windows\Temp\ArchesP10SP10SG_BIOS_V150_WIN\x64\iscflashx64.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-29 18:18 - 2014-10-29 18:18 - 00031353 _____ () C:\Users\ebahl_000\Downloads\Addition.txt
2014-10-29 18:17 - 2014-10-29 18:20 - 00033514 _____ () C:\Users\ebahl_000\Downloads\FRST.txt
2014-10-29 18:16 - 2014-10-29 18:20 - 00000000 ____D () C:\FRST
2014-10-29 18:16 - 2014-10-29 18:16 - 02113536 _____ (Farbar) C:\Users\ebahl_000\Downloads\FRST64.exe
2014-10-29 18:14 - 2014-10-29 18:14 - 01105408 _____ (Farbar) C:\Users\ebahl_000\Desktop\FRST.exe
2014-10-28 22:23 - 2014-10-28 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-28 20:00 - 2014-10-28 20:00 - 00004163 _____ () C:\Users\ebahl_000\Downloads\TheKingdomKeepers.odm
2014-10-28 19:16 - 2014-10-28 19:16 - 00004522 _____ () C:\Users\ebahl_000\Downloads\20thCenturyGhosts9781415945988(1).odm
2014-10-28 19:15 - 2014-10-28 19:16 - 00004522 _____ () C:\Users\ebahl_000\Downloads\20thCenturyGhosts9781415945988.odm
2014-10-28 10:09 - 2014-10-28 10:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-28 10:09 - 2014-10-28 10:09 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-10-28 10:09 - 2014-10-28 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-27 21:59 - 2014-10-27 21:59 - 00002438 _____ () C:\Users\ebahl_000\Desktop\WirelessDiagLog.csv
2014-10-24 17:47 - 2014-10-24 17:47 - 00968642 _____ () C:\Users\ebahl_000\Downloads\rent documents.zip
2014-10-23 23:57 - 2014-10-23 23:57 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Secunia PSI
2014-10-20 15:44 - 2014-10-20 15:44 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-20 15:44 - 2014-10-20 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-20 15:42 - 2014-10-26 13:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-20 15:42 - 2014-10-20 15:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-20 15:42 - 2014-10-20 15:43 - 00000000 ____D () C:\Program Files\iTunes
2014-10-20 15:42 - 2014-10-20 15:42 - 00000000 ____D () C:\Program Files\iPod
2014-10-19 14:54 - 2014-10-24 19:44 - 00151040 ___SH () C:\Users\ebahl_000\Downloads\Thumbs.db
2014-10-19 14:54 - 2014-10-19 14:54 - 00015872 ___SH () C:\Users\ebahl_000\Documents\Thumbs.db
2014-10-18 17:51 - 2014-10-18 17:51 - 00000363 _____ () C:\Users\ebahl_000\Documents\Aiala, Cortus, and Gaius (4).lnk
2014-10-15 08:43 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 08:43 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-15 08:43 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-15 08:43 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-15 08:42 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 08:42 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 08:42 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 08:42 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-15 08:42 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-15 08:42 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-15 08:42 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-15 08:42 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-15 08:42 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-15 08:42 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 08:42 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-15 08:42 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-15 08:42 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-15 08:42 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-15 08:42 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-15 08:42 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-15 08:42 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-15 08:41 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 08:41 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 08:41 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 08:41 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 08:41 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 08:41 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 08:41 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 08:41 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 08:41 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 08:41 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 08:41 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 08:41 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 08:41 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 08:41 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 08:41 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 08:41 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 08:41 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 08:41 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 08:41 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 08:41 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 08:41 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 08:41 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 08:41 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 08:41 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 08:41 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 08:41 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 08:41 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 08:41 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 08:41 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 08:41 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 08:41 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 08:41 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-15 08:41 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-15 08:41 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-15 08:41 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-15 08:41 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-15 08:41 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-15 08:41 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-15 08:41 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-15 08:41 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-15 08:41 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-15 08:41 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-15 08:41 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 08:41 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-15 08:41 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-15 08:41 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-15 08:41 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-15 08:41 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-15 08:41 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-15 08:41 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-15 08:41 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:41 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-15 08:41 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 08:41 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-15 08:41 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:41 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-15 08:41 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 08:41 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-15 08:41 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-15 08:41 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-15 08:41 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 08:41 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-15 08:41 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-15 08:35 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 08:35 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 08:35 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 08:35 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 08:35 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 08:35 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-15 08:35 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-15 08:35 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 08:26 - 2014-10-15 08:26 - 00006381 _____ () C:\Users\ebahl_000\Downloads\NOS4A29780062237743.odm
2014-10-13 19:00 - 2014-10-13 19:00 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Yahoo!
2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 ____D () C:\Users\zon\AppData\Roaming\Yahoo!
2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-10-13 18:54 - 2014-10-13 18:55 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-13 18:54 - 2014-10-13 18:54 - 00001168 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-10-13 18:54 - 2014-10-13 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-10-13 18:51 - 2014-10-13 18:55 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-10-13 18:45 - 2014-10-13 18:45 - 00691576 _____ (Yahoo! Inc.) C:\Users\ebahl_000\Downloads\msgr11us.exe
2014-10-02 14:23 - 2014-10-02 14:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2014-10-02 14:23 - 2014-10-02 14:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-29 18:20 - 2014-07-16 23:18 - 01302382 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 18:17 - 2014-03-27 00:00 - 00000000 ____D () C:\ProgramData\WRData
2014-10-29 18:15 - 2014-08-07 09:47 - 00000000 ___DO () C:\Users\ebahl_000\OneDrive
2014-10-29 18:13 - 2014-08-07 11:15 - 00000000 ___RD () C:\Users\ebahl_000\Google Drive
2014-10-29 18:11 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 18:10 - 2014-09-21 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 18:10 - 2014-07-17 03:19 - 01867462 _____ () C:\Windows\PFRO.log
2014-10-29 18:10 - 2013-11-05 05:48 - 00000000 ____D () C:\ProgramData\Norton
2014-10-29 18:09 - 2013-08-22 10:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-29 18:07 - 2014-08-07 17:57 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1004UA.job
2014-10-29 18:03 - 2014-08-07 09:48 - 00000000 __SHD () C:\Users\ebahl_000\AppData\Local\EmieSiteList
2014-10-29 18:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-29 17:49 - 2014-09-21 17:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 17:47 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Packages
2014-10-29 17:47 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-29 17:24 - 2014-02-25 22:33 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 13:32 - 2014-05-08 13:27 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1001UA.job
2014-10-29 13:32 - 2014-05-08 13:27 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1001Core.job
2014-10-29 13:27 - 2014-07-14 12:32 - 00000442 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-10-29 07:24 - 2014-08-07 11:58 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 00:07 - 2014-08-07 17:57 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1004Core.job
2014-10-28 20:08 - 2014-08-07 17:57 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Mozilla
2014-10-28 09:54 - 2014-07-27 20:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 22:50 - 2014-03-27 00:08 - 00002213 ____N () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-10-27 22:50 - 2013-11-05 05:32 - 00002495 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-10-27 22:50 - 2013-11-05 05:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-27 22:19 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-27 22:00 - 2014-03-26 23:23 - 00000000 __RDO () C:\Users\zon\SkyDrive
2014-10-27 21:07 - 2014-03-31 15:52 - 00000000 ____D () C:\ProgramData\Hero Lab
2014-10-24 23:18 - 2013-11-05 05:32 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-10-22 13:51 - 2014-08-12 07:26 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Skype
2014-10-22 13:47 - 2014-03-27 17:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-22 13:47 - 2014-03-27 17:58 - 00000000 ____D () C:\ProgramData\Skype
2014-10-22 12:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-10-20 15:42 - 2014-09-15 14:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-20 15:42 - 2014-05-08 12:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-20 08:36 - 2014-07-17 03:19 - 00362680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-19 14:19 - 2014-02-25 22:33 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 00:57 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-19 00:41 - 2014-04-18 17:43 - 00000000 ____D () C:\Program Files (x86)\Laflurla
2014-10-19 00:33 - 2014-08-10 14:54 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Adobe
2014-10-19 00:23 - 2014-07-09 10:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-19 00:23 - 2014-03-29 14:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 00:21 - 2014-03-29 14:37 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 13:06 - 2014-03-27 00:00 - 00000000 ____D () C:\Program Files\Webroot
2014-10-17 12:23 - 2014-08-07 09:45 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Apple Computer
2014-10-14 14:29 - 2013-11-05 04:53 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 18:59 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\VirtualStore
2014-10-13 18:51 - 2014-08-13 18:14 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\CrashDumps
2014-10-11 17:24 - 2014-04-27 12:34 - 00000000 ___RD () C:\Users\zon\Google Drive
2014-10-08 21:17 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000
2014-10-08 17:52 - 2014-03-27 00:00 - 00154760 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-10-08 17:52 - 2014-03-27 00:00 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-10-08 17:51 - 2014-08-11 07:23 - 859112956 _____ () C:\Windows\MEMORY.DMP
2014-10-08 17:51 - 2014-06-22 19:14 - 00000000 ____D () C:\Windows\Minidump
2014-10-08 16:04 - 2014-08-07 17:09 - 00001948 _____ () C:\Windows\setupact.log
2014-10-02 19:37 - 2014-03-26 23:17 - 00000000 ____D () C:\Users\zon
2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
==================== End Of Log ============================
Ran by ebahl_000 (ATTENTION: The logged in user is not administrator) on ZONPATHFINDER on 29-10-2014 18:20:10
Running from C:\Users\ebahl_000\Downloads
Loaded Profile: ebahl_000 (Available profiles: zon & ebahl_000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
( ) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\AppIntegrator64.exe
( ) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon64.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Retrogamer Home Page Guard 64 bit] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\AppIntegrator64.exe [485960 2014-06-10] ( )
HKLM\...\Run: [TelevisionFanatic Home Page Guard 64 bit] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe [485960 2014-07-05] ( )
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [767600 2014-09-28] (Webroot)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB Optical Mouse] => C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe [245248 2010-03-30] ()
HKLM-x32\...\Run: [Retrogamer EPM Support] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wmedint.exe [12872 2014-06-10] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Retrogamer Search Scope Monitor] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrchMn.exe [55368 2014-06-10] (Mindspark)
HKLM-x32\...\Run: [Retrogamer_4w Browser Plugin Loader] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon.exe [61512 2014-06-10] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Retrogamer_4w Browser Plugin Loader 64] => C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon64.exe [71752 2014-06-10] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TelevisionFanatic EPM Support] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64medint.exe [12872 2014-07-05] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [TelevisionFanatic Search Scope Monitor] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrchMn.exe [55368 2014-07-05] (Mindspark)
HKLM-x32\...\Run: [TelevisionFanatic Browser Plugin Loader] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe [61512 2014-07-05] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TelevisionFanatic Browser Plugin Loader 64] => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe [71752 2014-07-05] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Run: [Google Update] => C:\Users\ebahl_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-23] (Google Inc.)
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {1a6df60b-53a7-11e4-82cd-ac7ba148f0c0} - "E:\TL_Bootstrap.exe"
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {4b315e66-b847-11e3-825d-ac7ba148f0c0} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2139192759-2354198401-3335630422-1004\...\MountPoints2: {aa4305c4-4ff8-11e4-82cd-ac7ba148f0c0} - "E:\TL_Bootstrap.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe [810640 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
URLSearchHook: HKCU - (No Name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (Mindspark)
URLSearchHook: HKCU - (No Name) - {4cff1016-c2e2-4fdd-9c67-e32200c25ff9} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (Mindspark)
SearchScopes: HKLM - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S10228^us&si=CMSksf_Zr78CFS0YMgodi0IAmg&ptb=447F 88BB-92BA-4EBF-86B1-1FEACDE088D5&psa=&ind=2014080710&st=sb&n=780c6ec6&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^RG^xdm907^YYA^us&ptb=B0189651-73D6-40DF-94B4-1AEC81168BE7&ind=2014080710&n=780c6ec6&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {145163FA-AA60-4A4C-869B-7066FCCE6680} URL =
SearchScopes: HKCU - {145163FA-AA60-4A4C-869B-7066FCCE6680} URL =
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S10228^us&si=CMSksf_Zr78CFS0YMgodi0IAmg&ptb=447F 88BB-92BA-4EBF-86B1-1FEACDE088D5&psa=&ind=2014080710&st=sb&n=780c6ec6&searchfor={searchTerms}
SearchScopes: HKCU - {ef80d754-fb77-4a7f-be75-489beebb20c9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^RG^xdm907^YYA^us&ptb=B0189651-73D6-40DF-94B4-1AEC81168BE7&ind=2014080710&n=780c6ec6&psa=&st=sb&searchfor={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Toolbar BHO -> {03123bb6-a811-407e-b323-66cf0be510b1} -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Search Assistant BHO -> {5d79f641-c168-40df-a32f-bacea7509e75} -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (Mindspark)
BHO-x32: ArcadeYum Addon -> {651CA263-4157-4AC5-B7C2-03A7C1C00457} -> C:\Users\zon\AppData\Local\ArcadeYum\ArcadeYumIEHelper.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {b4a89cd3-c5f5-49c4-abcf-5f26d636476f} -> No File
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Toolbar BHO -> {cb41fc95-f1b3-4797-8bb6-1012ff62abba} -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
BHO-x32: Search Assistant BHO -> {d757dbfc-1494-4647-a8b3-abd654988dd8} -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (Mindspark)
BHO-x32: WeCareReminder Class -> {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} -> C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Retrogamer - {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
Toolbar: HKLM-x32 - TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - Retrogamer - {3392CFEC-56F8-41EE-BDB4-4E301EFD2C93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll (Mindspark)
Toolbar: HKCU - TelevisionFanatic - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (Mindspark)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\ebahl_000\AppData\Roaming\Mozilla\Firefox\Profiles\6dys65sy.defaul t
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Retrogamer_4w.com/Plugin -> C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\NP4wStub.dll (Mindspark)
FF Plugin-x32: @TelevisionFanatic.com/Plugin -> C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (Mindspark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\ebahl_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\ebahl_000\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ebahl_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ebahl_000\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ebahl_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ebahl_000\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Webroot Password Manager - C:\Users\ebahl_000\AppData\Roaming\Mozilla\Firefox\Profiles\6dys65sy.defaul t\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2014-10-08]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-03-27]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-07]
CHR Extension: (YouTube) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Google Search) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-10-13]
CHR Extension: (Webroot Filtering Extension) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-08-07]
CHR Extension: (Hangouts) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07]
CHR Extension: (Webroot Password Manager) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-08-07]
CHR Extension: (Gmail) - C:\Users\ebahl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [jmfmbeipcnbmgifkjkhppnjiffmpmpga] - C:\ProgramData\WeCareReminder\\wecarereminderro.crx [2013-09-27]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-03-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-24] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-07-29] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 Retrogamer_4wService; C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbarsvc.exe [88648 2014-06-10] (COMPANYVERS_NAME)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R2 TelevisionFanaticService; C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe [88648 2014-07-05] (COMPANYVERS_NAME)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [767600 2014-09-28] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3668208 2013-07-29] (Intel® Corporation)
S2 Update Laflurla; "C:\Program Files (x86)\Laflurla\updateLaflurla.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2014-09-28] (Webroot)
S3 iscFlash; \??\C:\Windows\Temp\ArchesP10SP10SG_BIOS_V150_WIN\x64\iscflashx64.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-29 18:18 - 2014-10-29 18:18 - 00031353 _____ () C:\Users\ebahl_000\Downloads\Addition.txt
2014-10-29 18:17 - 2014-10-29 18:20 - 00033514 _____ () C:\Users\ebahl_000\Downloads\FRST.txt
2014-10-29 18:16 - 2014-10-29 18:20 - 00000000 ____D () C:\FRST
2014-10-29 18:16 - 2014-10-29 18:16 - 02113536 _____ (Farbar) C:\Users\ebahl_000\Downloads\FRST64.exe
2014-10-29 18:14 - 2014-10-29 18:14 - 01105408 _____ (Farbar) C:\Users\ebahl_000\Desktop\FRST.exe
2014-10-28 22:23 - 2014-10-28 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-28 20:00 - 2014-10-28 20:00 - 00004163 _____ () C:\Users\ebahl_000\Downloads\TheKingdomKeepers.odm
2014-10-28 19:16 - 2014-10-28 19:16 - 00004522 _____ () C:\Users\ebahl_000\Downloads\20thCenturyGhosts9781415945988(1).odm
2014-10-28 19:15 - 2014-10-28 19:16 - 00004522 _____ () C:\Users\ebahl_000\Downloads\20thCenturyGhosts9781415945988.odm
2014-10-28 10:09 - 2014-10-28 10:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-28 10:09 - 2014-10-28 10:09 - 00001868 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-10-28 10:09 - 2014-10-28 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-27 21:59 - 2014-10-27 21:59 - 00002438 _____ () C:\Users\ebahl_000\Desktop\WirelessDiagLog.csv
2014-10-24 17:47 - 2014-10-24 17:47 - 00968642 _____ () C:\Users\ebahl_000\Downloads\rent documents.zip
2014-10-23 23:57 - 2014-10-23 23:57 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Secunia PSI
2014-10-20 15:44 - 2014-10-20 15:44 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-20 15:44 - 2014-10-20 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-20 15:42 - 2014-10-26 13:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-20 15:42 - 2014-10-20 15:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-20 15:42 - 2014-10-20 15:43 - 00000000 ____D () C:\Program Files\iTunes
2014-10-20 15:42 - 2014-10-20 15:42 - 00000000 ____D () C:\Program Files\iPod
2014-10-19 14:54 - 2014-10-24 19:44 - 00151040 ___SH () C:\Users\ebahl_000\Downloads\Thumbs.db
2014-10-19 14:54 - 2014-10-19 14:54 - 00015872 ___SH () C:\Users\ebahl_000\Documents\Thumbs.db
2014-10-18 17:51 - 2014-10-18 17:51 - 00000363 _____ () C:\Users\ebahl_000\Documents\Aiala, Cortus, and Gaius (4).lnk
2014-10-15 08:43 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 08:43 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-15 08:43 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-15 08:43 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-15 08:42 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 08:42 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 08:42 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 08:42 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-15 08:42 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-15 08:42 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-15 08:42 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-15 08:42 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-15 08:42 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-15 08:42 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 08:42 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-15 08:42 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-15 08:42 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-15 08:42 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-15 08:42 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-15 08:42 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-15 08:42 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-15 08:41 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 08:41 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 08:41 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 08:41 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 08:41 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 08:41 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 08:41 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 08:41 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 08:41 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 08:41 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 08:41 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 08:41 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 08:41 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 08:41 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 08:41 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 08:41 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 08:41 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 08:41 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 08:41 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 08:41 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 08:41 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 08:41 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 08:41 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 08:41 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 08:41 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 08:41 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 08:41 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 08:41 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 08:41 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 08:41 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 08:41 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 08:41 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-15 08:41 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-15 08:41 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-15 08:41 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-15 08:41 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-15 08:41 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-15 08:41 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-15 08:41 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-15 08:41 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-15 08:41 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-15 08:41 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-15 08:41 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 08:41 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-15 08:41 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-15 08:41 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-15 08:41 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-15 08:41 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-15 08:41 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-15 08:41 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-15 08:41 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:41 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-15 08:41 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 08:41 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-15 08:41 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:41 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-15 08:41 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 08:41 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-15 08:41 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-15 08:41 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-15 08:41 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-15 08:41 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 08:41 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-15 08:41 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-15 08:35 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 08:35 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 08:35 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 08:35 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 08:35 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 08:35 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-15 08:35 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-15 08:35 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 08:26 - 2014-10-15 08:26 - 00006381 _____ () C:\Users\ebahl_000\Downloads\NOS4A29780062237743.odm
2014-10-13 19:00 - 2014-10-13 19:00 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Yahoo!
2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 ____D () C:\Users\zon\AppData\Roaming\Yahoo!
2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-10-13 18:54 - 2014-10-13 18:55 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-13 18:54 - 2014-10-13 18:54 - 00001168 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-10-13 18:54 - 2014-10-13 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-10-13 18:51 - 2014-10-13 18:55 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-10-13 18:45 - 2014-10-13 18:45 - 00691576 _____ (Yahoo! Inc.) C:\Users\ebahl_000\Downloads\msgr11us.exe
2014-10-02 14:23 - 2014-10-02 14:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2014-10-02 14:23 - 2014-10-02 14:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-29 18:20 - 2014-07-16 23:18 - 01302382 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 18:17 - 2014-03-27 00:00 - 00000000 ____D () C:\ProgramData\WRData
2014-10-29 18:15 - 2014-08-07 09:47 - 00000000 ___DO () C:\Users\ebahl_000\OneDrive
2014-10-29 18:13 - 2014-08-07 11:15 - 00000000 ___RD () C:\Users\ebahl_000\Google Drive
2014-10-29 18:11 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 18:10 - 2014-09-21 16:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 18:10 - 2014-07-17 03:19 - 01867462 _____ () C:\Windows\PFRO.log
2014-10-29 18:10 - 2013-11-05 05:48 - 00000000 ____D () C:\ProgramData\Norton
2014-10-29 18:09 - 2013-08-22 10:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-29 18:07 - 2014-08-07 17:57 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1004UA.job
2014-10-29 18:03 - 2014-08-07 09:48 - 00000000 __SHD () C:\Users\ebahl_000\AppData\Local\EmieSiteList
2014-10-29 18:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-29 17:49 - 2014-09-21 17:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 17:47 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Packages
2014-10-29 17:47 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-29 17:24 - 2014-02-25 22:33 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 13:32 - 2014-05-08 13:27 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1001UA.job
2014-10-29 13:32 - 2014-05-08 13:27 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1001Core.job
2014-10-29 13:27 - 2014-07-14 12:32 - 00000442 _____ () C:\Windows\Tasks\ArcadeYum.job
2014-10-29 07:24 - 2014-08-07 11:58 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 00:07 - 2014-08-07 17:57 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2139192759-2354198401-3335630422-1004Core.job
2014-10-28 20:08 - 2014-08-07 17:57 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Mozilla
2014-10-28 09:54 - 2014-07-27 20:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-27 22:50 - 2014-03-27 00:08 - 00002213 ____N () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-10-27 22:50 - 2013-11-05 05:32 - 00002495 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-10-27 22:50 - 2013-11-05 05:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-27 22:19 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-27 22:00 - 2014-03-26 23:23 - 00000000 __RDO () C:\Users\zon\SkyDrive
2014-10-27 21:07 - 2014-03-31 15:52 - 00000000 ____D () C:\ProgramData\Hero Lab
2014-10-24 23:18 - 2013-11-05 05:32 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-10-22 13:51 - 2014-08-12 07:26 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Skype
2014-10-22 13:47 - 2014-03-27 17:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-22 13:47 - 2014-03-27 17:58 - 00000000 ____D () C:\ProgramData\Skype
2014-10-22 12:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-10-20 15:42 - 2014-09-15 14:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-20 15:42 - 2014-05-08 12:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-20 08:36 - 2014-07-17 03:19 - 00362680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-20 08:31 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-19 14:19 - 2014-02-25 22:33 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 00:57 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-19 00:41 - 2014-04-18 17:43 - 00000000 ____D () C:\Program Files (x86)\Laflurla
2014-10-19 00:33 - 2014-08-10 14:54 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\Adobe
2014-10-19 00:23 - 2014-07-09 10:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-19 00:23 - 2014-03-29 14:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 00:21 - 2014-03-29 14:37 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 13:06 - 2014-03-27 00:00 - 00000000 ____D () C:\Program Files\Webroot
2014-10-17 12:23 - 2014-08-07 09:45 - 00000000 ____D () C:\Users\ebahl_000\AppData\Roaming\Apple Computer
2014-10-14 14:29 - 2013-11-05 04:53 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 18:59 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\VirtualStore
2014-10-13 18:51 - 2014-08-13 18:14 - 00000000 ____D () C:\Users\ebahl_000\AppData\Local\CrashDumps
2014-10-11 17:24 - 2014-04-27 12:34 - 00000000 ___RD () C:\Users\zon\Google Drive
2014-10-08 21:17 - 2014-08-07 09:36 - 00000000 ____D () C:\Users\ebahl_000
2014-10-08 17:52 - 2014-03-27 00:00 - 00154760 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-10-08 17:52 - 2014-03-27 00:00 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2014-10-08 17:51 - 2014-08-11 07:23 - 859112956 _____ () C:\Windows\MEMORY.DMP
2014-10-08 17:51 - 2014-06-22 19:14 - 00000000 ____D () C:\Windows\Minidump
2014-10-08 16:04 - 2014-08-07 17:09 - 00001948 _____ () C:\Windows\setupact.log
2014-10-02 19:37 - 2014-03-26 23:17 - 00000000 ____D () C:\Users\zon
2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
==================== End Of Log ============================