New advertising malware?

[jhrowehl]

I have some advertising malware that loads false Iexplore processes after approximately 1 minute after opening either Firefox or Internet Explorer. Here are the logs from Farbar and aswMBR:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Henry (administrator) on ELSERVICE13 on 21-02-2015 11:09:26
Running from C:\Users\Henry\Documents\Downloads\Spybot
Loaded Profiles: Henry (Available profiles: Henry)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
(EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\nsmservice.exe
(Visioneer Inc.) C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Visioneer Inc.) C:\Program Files\Visioneer\RWAR3\RWAR3HV_0002_0.EXE
(Visioneer Inc.) C:\Program Files\Visioneer\RWAR3\RWAR3Monitor.exe
(TheGreenBow) C:\Windows\SysWOW64\TgbStarter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(Microsoftware) C:\Program Files (x86)\YouTube-Downloader\A3\youtubeserv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
(EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebToolkitHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Ilja Herlein) C:\Program Files (x86)\NetSetMan\netsetman.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpAgent.exe
(Canon Electronics Inc.) C:\Program Files (x86)\Canon Electronics\P215II\TouchDR.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtect64.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SandboxRpcSs.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SandboxDcomLaunch.exe
(Invincea, Inc.) C:\ProgramData\Invincea\Enterprise\Bin\x64\InvProtectAgent64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\winsxs\wow64_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.1.7601.17514_none_78dd6e4cd6655603\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
() C:\ProgramData\BOINC\projects\http://www.enigmaathome.net\wrapper_...s_intelx86.exe
() C:\ProgramData\BOINC\slots\6\enigma_0.76.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-30] (Waves Audio Ltd.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents.exe [396496 2014-08-15] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876528 2014-05-29] (Intel(R) Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [CSFTrayApp] => C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [232288 2014-09-11] ()
HKLM\...\Run: [InvProtect] => C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtect64.exe [6779592 2015-02-12] (Invincea, Inc.)
HKLM\...\Run: [CANON P-215II SVC] => rundll32.exe P215IISvc.dll,EntryPointUserMessage
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [67056 2014-12-11] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [9639920 2014-12-11] (Space Sciences Laboratory)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetSetMan] => C:\Program Files (x86)\NetSetMan\netsetman.exe [5414056 2014-06-03] (Ilja Herlein)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [36168 2013-04-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-04-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe [141160 2012-02-17] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641384 2012-02-17] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe [1893224 2012-02-23] (TODO: <Company name>)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [P-215II CaptureOnTouch] => C:\Program Files (x86)\Canon Electronics\P215II\TouchDR.exe [2251056 2014-03-30] (Canon Electronics Inc.)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2010-01-07] (CyberLink Corp.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-04-02] (AMD)
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-02-19] (SlySoft, Inc.)
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Run: [DellSystemDetect] => C:\Users\Henry\AppData\Local\Apps\2.0\NAYH0GJE.AQP\Z389LM6C.22Q\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.1.lnk
ShortcutTarget: OpenOffice 4.1.1.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1310488628-551009281-1505269296-1005\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1310488628-551009281-1505269296-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.excite.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1310488628-551009281-1505269296-1000 -> {09B51FB5-BBE0-487A-81B4-F16DC548B604} URL =
BHO: Invincea Web Redirector -> {1C52FA7C-51B7-4621-9D5A-11101BA13134} -> C:\Program Files (x86)\Invincea\Enterprise\X64\InvRedirHostIE64.dll (Invincea, Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Invincea Web Redirector -> {1C52FA7C-51B7-4621-9D5A-11101BA13134} -> C:\Program Files (x86)\Invincea\Enterprise\InvRedirHostIE.dll (Invincea, Inc.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\pkmcdo.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.222.220 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668
FF Homepage: www.excite.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll (Zeon Corporation)
FF user.js: detected! => C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\user.js
FF Extension: Ant Video Downloader - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\Extensions\anttoolbar@ant.com [2015-01-17]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\Extensions\artur.dubovoy@gmail.com [2015-02-15]
FF Extension: Garmin Communicator - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-12-26]
FF Extension: QuickJava - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-12-26]
FF Extension: Invincea Web Redirector - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\webredirector@invincea.com [2015-02-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-01]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome
FF Extension: Dell Data Protection | Security Tools - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2014-11-01]
FF Extension: PDF Converter 7.1 - C:\Program Files (x86)\Nuance\PDF Professional 7\FireFox [2014-11-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx [2014-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., Ltd.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [73072 2014-11-10] (Dell)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2542288 2014-08-13] (Dell Inc.)
S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [199888 2014-08-13] (Dell Inc.)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [255328 2014-09-11] (Dell Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2014-09-11] ()
R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2014-09-11] (Dell, Inc.)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472912 2014-03-19] (DigitalPersona, Inc.)
R2 Emc.Captiva.WebCaptureService; C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [46400 2013-03-25] (EMC Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-06] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2150088 2015-02-12] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [335872 2003-03-19] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 nsmService; C:\Program Files (x86)\NetSetMan\nsmservice.exe [1277608 2014-06-02] (Ilja Herlein)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [232448 2014-09-30] (Visioneer Inc.) [File not signed]
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2012-02-17] (Nuance Communications, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-04-19] (Nuance Communications, Inc.)
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [721104 2014-08-15] (Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [312016 2014-08-15] (Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [645328 2014-08-16] (Dell Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-12-06] (Realtek Semiconductor)
R2 RWAR3HV_0002_0; C:\Program Files\Visioneer\RWAR3\RWAR3HV_0002_0.EXE [430592 2013-08-14] (Visioneer Inc.)
R2 RWAR3Monitor; C:\Program Files\Visioneer\RWAR3\RWAR3Monitor.exe [223744 2014-11-11] (Visioneer Inc.) [File not signed]
R2 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [174792 2015-02-12] (Invincea, Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
R2 TgbIke Starter; C:\Windows\SysWOW64\TgbStarter.exe [239280 2012-03-21] (TheGreenBow)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-10-26] (Microsoft Corporation)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_A3; C:\Program Files (x86)\YouTube-Downloader\A3\youtubeserv.exe [2971224 2015-02-12] (Microsoftware)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\SysWOW64\dllhost.exe /Processid:{B72A21F9-6C42-44BF-BEBD-DD11EDF0E075}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1423160 2014-04-18] (Motorola Solutions, Inc.)
R0 CredFltL; C:\Windows\System32\DRIVERS\CredFltL.sys [37120 2014-09-11] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2014-08-13] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2014-08-13] (Dell Computer Corporation)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-06-12] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-05-02] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [199624 2014-06-06] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2310488 2014-02-13] (Realtek Semiconductor Corp.)
R3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [52232 2015-02-12] (Invincea, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3442144 2014-06-18] (Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (BayHubTech/O2Micro )
R3 POADrvr; C:\Windows\System32\drivers\POADrvr.sys [21264 2014-08-15] (Dell Computer Corporation)
R3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [183816 2015-02-12] (Invincea, Inc.)
R0 SEDFilter; C:\Windows\System32\DRIVERS\SEDFilter.sys [61184 2014-09-11] (Dell Inc.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [75976 2013-08-06] (STMicroelectronics)
R3 TGBMPEnum; C:\Windows\System32\DRIVERS\TGBMPEnum.sys [40624 2012-03-21] (TheGreenBow)
S3 TGBVPNVirtM; C:\Windows\System32\DRIVERS\TGBVPNVirtM.sys [140976 2012-03-21] (TheGreenBow)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [204184 2014-03-04] (Windows (R) Win 7 DDK provider)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [35840 2009-07-14] (Microsoft Corporation) [File not signed]
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2014-08-02] ()
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [107008 2006-11-22] (WIBU-SYSTEMS AG)
S3 Wibukey2_64; C:\Windows\System32\drivers\wibukey2_64.sys [16896 2006-11-09] (WIBU-SYSTEMS AG)
S3 cpuz134; \??\C:\Users\Henry\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 11:06 - 2015-02-21 11:06 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ELSERVICE13-Windows-7-Professional-(64-bit).dat
2015-02-20 18:26 - 2015-02-20 18:26 - 00000560 __RSH () C:\ProgramData\ntuser.pol
2015-02-19 20:29 - 2015-02-19 20:29 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2015-02-19 20:29 - 2015-02-19 20:29 - 00001850 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-02-16 16:26 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-16 16:26 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-16 16:26 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 16:26 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-15 14:01 - 2015-02-15 14:01 - 00000000 ____D () C:\Program Files (x86)\YouTube-Downloader
2015-02-12 21:42 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 21:42 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 21:42 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 21:42 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 11:05 - 2015-02-20 14:20 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-11 11:05 - 2015-02-11 11:05 - 00004036 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-11 11:05 - 2015-02-11 11:05 - 00003224 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-11 11:04 - 2015-02-11 11:04 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-11 11:04 - 2015-02-11 11:04 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-10 16:42 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 16:42 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 16:42 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 16:42 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 16:42 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 16:42 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 16:42 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 16:42 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 16:42 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 16:42 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 16:42 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 16:42 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 16:42 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 16:42 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 16:42 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 16:42 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 16:42 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 16:42 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 16:42 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 16:42 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 16:42 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 16:42 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 16:42 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 16:42 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 16:42 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 16:42 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 16:42 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 16:42 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 16:42 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 16:42 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 16:42 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 16:42 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 16:42 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 16:42 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 16:42 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 16:42 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 16:42 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 16:42 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 16:42 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 16:42 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 16:42 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 16:42 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 16:42 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 16:42 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 16:42 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 16:42 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 16:42 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 16:42 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 16:42 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 16:42 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 16:42 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 16:42 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 16:42 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 16:42 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 16:41 - 2015-02-16 16:55 - 00025260 _____ () C:\Windows\system32\ScanResults.xml
2015-02-10 16:41 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 16:41 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 16:41 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 16:41 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 16:41 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 16:41 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 16:41 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 16:41 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 16:41 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 16:41 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 16:41 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 16:41 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 16:41 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 16:41 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 16:41 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 16:41 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 16:41 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 16:41 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 16:41 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 16:41 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 16:41 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 16:41 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 16:41 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 16:41 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 16:41 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 16:41 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 16:41 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 16:41 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 16:41 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 16:41 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 16:41 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 16:41 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 16:41 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 16:41 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 16:41 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 16:41 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 16:41 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 16:40 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 16:34 - 2015-02-16 16:48 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-08 12:18 - 2015-02-08 19:00 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-07 09:20 - 2015-02-07 09:20 - 00000000 ____D () C:\Users\Henry\AppData\Local\GARMIN_Corp
2015-02-03 22:09 - 2015-02-21 11:09 - 00000000 ____D () C:\FRST
2015-02-03 22:07 - 2015-02-03 22:07 - 00000000 ____D () C:\RegBackup
2015-01-27 17:02 - 2015-01-27 17:02 - 00001017 _____ () C:\Users\Henry\Desktop\AVIGenerator.lnk
2015-01-27 17:02 - 2015-01-27 17:02 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVIGenerator
2015-01-27 17:02 - 2015-01-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVIGenerator
2015-01-27 17:02 - 2015-01-27 17:02 - 00000000 ____D () C:\Program Files (x86)\AVIGenerator
2015-01-27 17:01 - 2015-01-27 17:04 - 00000000 ____D () C:\Users\Henry\VideoPlayer Picture
2015-01-27 17:01 - 2015-01-27 17:01 - 00001079 _____ () C:\Users\Public\Desktop\LorexPlayer11.exe.lnk
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\VideoPlayer
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lorex Player 11
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Program Files (x86)\Lorex
2015-01-26 17:35 - 2015-02-20 18:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 11:06 - 2014-11-02 11:06 - 00000000 ____D () C:\ProgramData\BOINC
2015-02-21 10:56 - 2014-10-26 17:06 - 00058338 _____ () C:\Windows\SysWOW64\Gms.log
2015-02-21 10:28 - 2014-10-26 16:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 10:20 - 2014-11-15 13:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 08:45 - 2014-11-02 00:09 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-20 22:20 - 2014-11-15 13:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 20:56 - 2015-01-03 09:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-20 18:31 - 2014-10-26 17:08 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-02-20 18:31 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 18:31 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 18:26 - 2014-10-26 17:07 - 00001974 _____ () C:\Users\Public\Desktop\Protected Workspace.lnk
2015-02-20 18:26 - 2014-10-26 17:07 - 00000000 ____D () C:\Program Files (x86)\Invincea
2015-02-20 18:25 - 2014-10-26 16:38 - 01932833 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 18:23 - 2014-11-29 16:32 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-02-20 18:23 - 2014-11-01 11:51 - 00131072 ___SH () C:\CredSED.dat
2015-02-20 18:22 - 2015-01-11 15:06 - 00005564 _____ () C:\Windows\setupact.log
2015-02-20 18:22 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 17:32 - 2009-07-14 00:13 - 00798530 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 13:15 - 2014-11-02 00:27 - 00000227 _____ () C:\Users\Henry\AppData\Roaming\RmUserCfg.ini
2015-02-20 13:11 - 2014-11-02 00:27 - 00000048 _____ () C:\Users\Henry\AppData\Roaming\IpAndPort.fig
2015-02-20 13:08 - 2014-11-14 22:26 - 00001063 _____ () C:\Users\Public\Desktop\AnyDVD.lnk
2015-02-19 22:17 - 2014-11-03 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-19 21:31 - 2014-11-01 12:58 - 00000000 ____D () C:\Users\Henry\Documents\Garmin Data
2015-02-19 20:40 - 2014-11-01 15:59 - 00000000 ____D () C:\Users\Henry\Documents\D
2015-02-19 20:30 - 2014-11-03 20:35 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-19 20:29 - 2014-11-03 20:33 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-19 20:29 - 2014-10-26 16:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-18 19:49 - 2014-11-18 17:09 - 00000184 _____ () C:\Windows\setscan.ini
2015-02-18 19:48 - 2014-11-01 20:20 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\.oit
2015-02-18 07:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-02-16 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\tracing
2015-02-14 22:53 - 2015-01-14 16:53 - 00002678 _____ () C:\Windows\PFRO.log
2015-02-13 21:01 - 2014-11-01 19:09 - 00000000 ____D () C:\Users\Henry\Documents\Garmin
2015-02-13 20:50 - 2014-11-03 20:32 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\GARMIN
2015-02-13 20:38 - 2014-11-03 20:35 - 00000000 ____D () C:\Users\Henry\AppData\Local\Garmin
2015-02-12 17:17 - 2009-07-13 23:45 - 00316800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 17:16 - 2014-11-01 13:28 - 00000000 ____D () C:\Users\Henry\AppData\Local\CrashDumps
2015-02-12 17:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 16:46 - 2014-11-01 11:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 16:41 - 2014-11-01 11:00 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-12 16:37 - 2014-11-02 12:58 - 00000000 ____D () C:\Program Files (x86)\NetSetMan
2015-02-11 13:17 - 2014-11-01 13:31 - 00000000 ____D () C:\Users\Henry\Documents\AGFM
2015-02-11 11:04 - 2014-11-05 18:35 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-11 11:04 - 2014-10-26 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-11 11:04 - 2014-10-26 16:40 - 00000000 ____D () C:\Program Files\Dell
2015-02-09 21:22 - 2014-11-01 19:10 - 00000000 ____D () C:\Users\Henry\Documents\Humor
2015-02-09 05:38 - 2014-11-17 06:06 - 00000576 _____ () C:\wifi-debug.xml
2015-02-07 12:17 - 2014-11-01 20:09 - 00000000 ____D () C:\Users\Henry\Documents\Product Manuals
2015-02-05 16:21 - 2014-11-05 18:33 - 00000000 ____D () C:\Users\Henry\AppData\Local\Deployment
2015-02-05 12:28 - 2014-10-26 16:38 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 12:28 - 2014-10-26 16:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 12:28 - 2014-10-26 16:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 22:15 - 2014-11-15 13:03 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 22:15 - 2014-11-15 13:03 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 09:30 - 2014-11-01 10:31 - 00000000 ____D () C:\Users\Henry
2015-02-04 09:27 - 2014-12-26 13:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-04 09:27 - 2014-12-04 22:11 - 00000000 ____D () C:\ProgramData\Windows VXM
2015-02-04 09:27 - 2014-12-04 22:10 - 00000000 ____D () C:\ProgramData\Optimizer
2015-02-04 09:27 - 2014-11-08 17:45 - 00000000 ____D () C:\ProgramData\Ulead Systems
2015-02-04 09:27 - 2014-11-03 20:39 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\IrfanView
2015-02-04 09:27 - 2014-11-01 15:06 - 00000000 ____D () C:\Users\Henry\AppData\Roaming\GHISLER
2015-02-04 09:27 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-04 09:27 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2015-02-04 09:26 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-04 09:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2015-02-02 09:58 - 2014-11-03 16:33 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-01-27 16:01 - 2014-11-01 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 16:33 - 2014-11-02 00:27 - 00000000 ____D () C:\DVR
2015-01-24 10:22 - 2014-11-09 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2014-12-25 11:45 - 2015-01-19 21:59 - 0000263 _____ () C:\Users\Henry\AppData\Roaming\Binary Clock_Settings.ini
2014-11-02 00:27 - 2015-02-20 13:11 - 0000048 _____ () C:\Users\Henry\AppData\Roaming\IpAndPort.fig
2014-11-02 00:27 - 2015-02-20 13:15 - 0000227 _____ () C:\Users\Henry\AppData\Roaming\RmUserCfg.ini
2014-11-05 20:40 - 2014-12-31 10:37 - 0072704 _____ () C:\Users\Henry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-01 17:45 - 2014-11-01 17:45 - 0000093 _____ () C:\Users\Henry\AppData\Local\fusioncache.dat
2014-11-04 06:34 - 2014-12-28 23:19 - 0007597 _____ () C:\Users\Henry\AppData\Local\Resmon.ResmonCfg
2014-11-12 21:31 - 2014-11-12 21:31 - 0000040 ___SH () C:\ProgramData\.zreglib

Some content of TEMP:
====================
C:\Users\Henry\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Henry\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 00:48

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Henry at 2015-02-21 11:10:16
Running from C:\Users\Henry\Documents\Downloads\Spybot
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.10 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced IP Scanner v1.5 (HKLM-x32\...\Advanced IP Scanner v1.5) (Version: - )
Advanced LAN Scanner v1.0 BETA 1 (HKLM-x32\...\Advanced LAN Scanner v1.0 BETA 1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{BF728146-387A-B1FE-28F1-F25B5363D5EA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.8.0 - SlySoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4293 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVIGenerator 1.8.0.0 (HKLM-x32\...\AVIGenerator) (Version: 1.8.0.0 - )
BOINC (HKLM\...\{0DF28429-855F-4BDC-B264-058D2785965E}) (Version: 7.4.36 - Space Sciences Laboratory, U.C. Berkeley)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Canon driver for P-215II (x64) (HKLM\...\{29365D7E-86E6-4828-AFE5-0BDBE73A39F6}) (Version: 1.0.5197 - Canon Electronics Inc.)
CaptureOnTouch plug-in for Application (HKLM-x32\...\{2F5ED7FC-EB58-41C8-ACBD-094362D6DA4F}) (Version: 1.0.5200 - Canon Electronics Inc.)
CaptureOnTouch plug-in for Mail (HKLM-x32\...\{B6ADDC04-4138-490A-80B6-7D874008F281}) (Version: 1.0.5200 - Canon Electronics Inc.)
CaptureOnTouch plug-in for PaperPort 14 (HKLM-x32\...\{1458CC10-F280-4D16-A791-B72893FC1DA1}) (Version: 1.0.5200 - Canon Electronics Inc.)
CaptureOnTouch plug-in for Presto! BizCard 6 (HKLM-x32\...\{8662E3EE-8811-4CDE-9B4C-2B75A3746DA8}) (Version: 1.0.5200 - Canon Electronics Inc.)
CaptureOnTouch plug-in for Printer (HKLM-x32\...\{BDFF5BF0-2949-450D-8030-E6892B0DB03C}) (Version: 1.0.5200 - Canon Electronics Inc.)
CmgMasterPrerequisites (x32 Version: 1.4.1.777 - Credant Technologies Inc.) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.0.0 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{AB904BBA-B274-44E7-9FDD-E96E5D69F9D3}) (Version: 2.3.440.224 - Broadcom Corporation)
Dell Data Protection | Client Security Framework (HKLM\...\{05FDD00D-1C45-44D1-AB3F-C24D45C39457}) (Version: 8.4.1.1717 - Dell, Inc.)
Dell Data Protection | Security Tools (HKLM-x32\...\InstallShield_{812AA6D3-5BEB-4577-88B1-00998B91AB41}) (Version: 1.4.1.777 - Dell, Inc.)
Dell Data Protection | Security Tools (x32 Version: 1.4.1.777 - Dell, Inc.) Hidden
Dell Data Protection | Security Tools Authentication (HKLM\...\{0B72160B-9F67-47C0-858F-5A0074162148}) (Version: 1.3.1.433 - DigitalPersona, Inc.)
Dell Data Vault (Version: 4.0.8.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{0D2426EF-A4D1-403B-B78B-2897D6AD3021}) (Version: 1.1.333.0 - Dell Inc.)
Dell Precision Optimizer (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 02.00.07 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.5.19821 - Invincea, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.110 - ALPS ELECTRIC CO., LTD.)
DraftSight (HKLM-x32\...\{87A003CE-22FD-4952-9B0F-B98304A13427}) (Version: 8.1.398 - Dassault Systemes)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin BaseCamp (HKLM-x32\...\{31A67F6C-D79D-47B9-9F0B-13C0FCF3C3A8}) (Version: 4.4.6 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2015.20 (HKLM-x32\...\{74699736-87EB-49E7-8B71-7527A45C35C6}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2015.30 (HKLM-x32\...\{0F0E68E9-9463-4087-B211-E80FAC5F9BC6}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}) (Version: 2.5.3.0 - Garmin Ltd or its subsidiaries)
Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Network Connections 19.2.104.00 (HKLM\...\PROSetDX) (Version: 19.2.104.00 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0466 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{9C798E99-094E-4289-A6C8-1D5EE63AFFE3}) (Version: 4.2.29.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b398ef6-924b-4943-ae2d-e8feb143622a}) (Version: 17.0.5 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Learn Microsoft Visual Basic 6.0 Now (HKLM-x32\...\Learn Microsoft Visual Basic 6.0 Now) (Version: - )
Lorex Client 10 (HKLM-x32\...\Lorex Client) (Version: 10 - )
Lorex Player 11 (HKLM-x32\...\{CA8CEEE3-8F1B-4A27-80A4-A1A00A3AE3F5}) (Version: 1.2.14 - Lorex)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio for Enterprise Architects SR-1 [English] (HKLM-x32\...\{90560409-6D54-11D4-BEE3-00C04F990354}) (Version: 10.1.3313 - Microsoft Corporation)
Microsoft Visual Basic 6.0 Learning Edition (HKLM-x32\...\Visual Basic 6.0 Learning Edition) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio .NET Enterprise Architect 2003 - English (HKLM-x32\...\Visual Studio .NET Enterprise Architect 2003 - English) (Version: - Microsoft)
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version: - )
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Mozilla Sunbird (0.9) (HKLM-x32\...\Mozilla Sunbird (0.9)) (Version: 0.9 (en-US) - Mozilla)
MSDN Library - April 2003 (HKLM-x32\...\{8F729180-4934-49B5-8DAF-9320F5AAEE95}) (Version: 7.40.3085 - Microsoft)
MSDN Library - Visual Studio 6.0 (HKLM-x32\...\Microsoft Developer Network - Visual Studio 6.0) (Version: - )
NETGEAR VPN Client Lite (HKLM-x32\...\NETGEAR VPN Client Lite) (Version: - NETGEAR)
NetSetMan Pro 3.7.3 (HKLM-x32\...\NetSetMan_is1) (Version: 3.7.3 - Ilja Herlein)
Nuance OmniPage 18 (HKLM-x32\...\{10FD521E-11D1-4A08-A497-BB49B701C6D8}) (Version: 18.1.0000 - Nuance Communications, Inc.)
Nuance PaperPort 14 (HKLM-x32\...\{43A4BB54-C319-4207-8948-42E79E66F47F}) (Version: 14.5.0000 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 7 (HKLM\...\{D117E04F-3FF8-45E2-8C1A-3E173C3111FE}) (Version: 7.30.6212 - Nuance Communications, Inc.)
OneTouch 4 ScanSoft OmniPage 16.2 OCR Module (HKLM-x32\...\{F80376CE-BB27-4757-B2A1-F3873F7FC457}) (Version: 2.0.0 - Visioneer)
OneTouch 4.6 (HKLM-x32\...\{AF8B1525-17EF-4D2E-A018-8D79CE260BA8}) (Version: 4.6.2014.9305 - Visioneer Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
P-215II CaptureOnTouch (HKLM-x32\...\{21FE8257-EF7A-46A9-B4A0-C50E4E55795E}) (Version: 3.0 - Canon Electronics Inc.)
P-215II UserManual (HKLM-x32\...\{AA1A23EF-80B0-4F98-A0A5-603D2441657B}) (Version: 1.05.0000 - Canon Electronics Inc.)
PLI Viewer (HKLM-x32\...\PLI Viewer_is1) (Version: - Henry Rowehl)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6107 - CyberLink Corp.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6023 - Realtek Semiconductor Corp.)
Roxio Activation Module (HKLM-x32\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{AAE78E39-FAAF-4C19-A63E-BDED7428FDE1}) (Version: 9.1 - Roxio)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM-x32\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
Scansoft PDF Professional (x32 Version: - ) Hidden
Scope (HKLM-x32\...\{F4070264-6752-4B25-82CD-451356E80E3C}) (Version: 5.23.0.0 - )
Scope (x32 Version: 5.23.0.0 - GFM GmbH, Austria) Hidden
Scope (x32 Version: 5.6.3.0 - GFM GmbH, Austria) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 2.00.00.00 - Xerox Ltd.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0051 - ST Microelectronics)
Ulead Photo Express 4.0 SE (HKLM-x32\...\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}) (Version: - )
Ulead VideoStudio 7 SE Basic (HKLM-x32\...\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}) (Version: 7.0 - Ulead Systems, Inc.)
Visioneer Acuity Assets V1 (HKLM-x32\...\{8D4A39B4-5D75-462C-89A2-81C1D887B9B5}) (Version: 5.1.812.11295 - Visioneer)
Visioneer Acuity Assets V1 (HKLM-x32\...\{B18BA00A-8857-4A54-B1CF-82BBB33CBF96}) (Version: 5.1.1114.7042 - Visioneer Inc.)
Visioneer RoadWarrior 3 Driver (HKLM-x32\...\{518D2CF0-1451-4A51-B420-FA9C19ED9599}) (Version: 5.1.13.8153 - Visioneer Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{79966948-BECF-4CB1-A79F-E76C830A17D2}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{7AE43D6C-B3F1-448D-AD84-1CDC7AC6EBC7}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WIBU-KEY Setup (WIBU-KEY Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 5.20b of 2007-Apr-18 (Setup) - WIBU-SYSTEMS AG)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Xerox WorkCentre 3315 (HKLM-x32\...\Xerox WorkCentre 3315) (Version: - Xerox Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1310488628-551009281-1505269296-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

15-02-2015 19:28:27 Windows Backup
16-02-2015 16:27:01 Windows Update
19-02-2015 20:27:48 Garmin Express
19-02-2015 20:29:06 Garmin Express
20-02-2015 18:24:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-23 09:56 - 2014-12-26 17:06 - 00992043 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 mfr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 static.a-ads.com
127.0.0.1 abcstats.com
127.0.0.1 ad4.abradio.cz
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 csh.actiondesk.com
127.0.0.1 ads.activepower.net
127.0.0.1 app.activetrail.com
127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
127.0.0.1 traffic.acwebconnecting.com
127.0.0.1 office.ad1.ru
127.0.0.1 cms.ad2click.nl
127.0.0.1 ad2games.com
127.0.0.1 ads.ad2games.com
127.0.0.1 content.ad20.net

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01CDA079-E77B-421B-90B9-75C2DAAF2326} - System32\Tasks\{77EC7949-2166-4C99-A482-47664618375C} => C:\Garmin\PoiLoader.exe [2008-07-15] (GARMIN Corp.)
Task: {0E57CEDD-C6BA-479E-824F-9D9FB0182642} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {1B687C82-5794-4AEF-9227-5C5F2A0BDE02} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {26894EDA-0EB2-4937-B448-CD4DF445DD75} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {28B4D76D-CFC1-4BAF-A663-74CC919672C3} - System32\Tasks\{B43AC92C-8F82-4E72-883E-4A0B25F47BF4} => C:\Garmin\PoiLoader.exe [2008-07-15] (GARMIN Corp.)
Task: {3C1EFCB7-E81C-4EAA-95D3-D8A1A6D12A6F} - System32\Tasks\{321E17FF-DD87-4263-80FD-AD992F7D62E1} => C:\Garmin\PoiLoader.exe [2008-07-15] (GARMIN Corp.)
Task: {403103E9-5857-43F7-A4A4-C9F3B1691BB6} - System32\Tasks\Dell\PPO SM Manual Update => C:\Program Files\Dell\PPO\DcsuWrap.exe [2014-08-15] (Dell Inc.)
Task: {4B573AF8-25FE-49CC-AD1C-6ABE3F9FB781} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {571D3241-AEDC-4FA5-95E4-FF50179E65E6} - System32\Tasks\NetSetMan => C:\Program Files (x86)\NetSetMan\netsetman.exe [2014-06-03] (Ilja Herlein)
Task: {68D5D6E6-27B2-46DC-A690-A49805D6FCF5} - System32\Tasks\{18C23A6D-5405-41EE-8CBF-019CDF144345} => C:\totalcmd\TOTALCMD.EXE [2012-08-03] (Ghisler Software GmbH)
Task: {6E5BD55F-4A0A-4D72-9B2B-551C35D8517C} - System32\Tasks\{E5774B80-584C-477F-BDD4-089CE253FC27} => pcalua.exe -a C:\Users\Henry\Documents\Downloads\Visioneer\HiddenDevices.exe -d C:\Users\Henry\Documents\Downloads\Visioneer
Task: {7BD388DD-3811-4416-BF3B-F40C41F0A149} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {8C04DBAF-00AC-4F7E-AA99-AB71337B4664} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {94179557-D46C-4493-A857-704EA6934870} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A22AFACB-6E1C-43DB-9A40-4BA28C01CBF0} - System32\Tasks\{76300760-610E-4F6A-871B-95BDAA2C3F34} => D:\SETUP.EXE
Task: {A3910C73-9DED-42CC-86EB-38687AD85BC2} - System32\Tasks\{BB86F365-1D4E-482E-AC11-BF302E1FD6F7} => C:\Program Files (x86)\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe [2003-03-19] (Microsoft Corporation)
Task: {BFF99A1F-B2E1-4E8B-8889-FB37398862B9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C24C108D-795C-499C-B91C-B46713D3ABE2} - System32\Tasks\{F0E1B53D-B723-4DE0-BCFC-7E82834E305A} => C:\Program Files (x86)\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe [2003-03-19] (Microsoft Corporation)
Task: {DC3082F6-F77F-460C-BABB-0256D4299225} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {DE7DE3E1-7DDA-42B8-BDED-247F8E2BBEBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {E2244DBB-385A-4C62-B727-9E65B19AEB08} - System32\Tasks\{665DC180-863A-496B-857C-BC8F4F3B89FD} => C:\Program Files (x86)\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe [2003-03-19] (Microsoft Corporation)
Task: {EC53F16E-BE76-4247-86BD-646CA3DAB8A5} - System32\Tasks\{62BE403F-5535-4C72-A461-AE9059E0B730} => D:\SETUP.EXE
Task: {F4D39289-4BC2-4A70-8FF9-12990900D3E3} - System32\Tasks\{9CF71E80-E39E-4CEA-9770-D5981D522BF6} => D:\SETUP.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-09-11 17:59 - 2014-09-11 17:59 - 00303968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\authproxy.dll
2014-11-01 12:58 - 2011-07-28 11:55 - 00034304 _____ () C:\Windows\System32\sxr2mlm.dll
2014-11-01 12:58 - 2012-11-06 06:48 - 01214464 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sxr2mdu.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00026464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
2014-09-11 17:59 - 2014-09-11 17:59 - 02172768 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Resources.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00027488 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Interfaces.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00082272 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Objects.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00062816 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.AuthProxy.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00079200 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.PBA.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00036192 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.SED.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00129376 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredSEDProxy.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00666464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredCommon.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00879456 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CryptoProvider.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00707424 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DBManager.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00353632 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\OPALProvider.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 01507680 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\ConnectionProvider.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00047968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\FVEProvider.dll
2014-10-26 17:08 - 2014-06-04 15:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-10-26 17:08 - 2014-06-04 15:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2007-07-23 15:05 - 2007-07-23 15:05 - 00066544 _____ () C:\Program Files\Roxio\Drag-to-Disc\DLAAPI_W.DLL
2014-10-26 17:08 - 2014-06-04 15:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-09-11 17:59 - 2014-09-11 17:59 - 00232288 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
2014-09-11 17:59 - 2014-09-11 17:59 - 00360800 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.UXLib.dll
2014-09-29 19:51 - 2014-09-29 19:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2013-10-15 12:31 - 2013-10-15 12:31 - 00106496 _____ () C:\Program Files\BOINC\zlib1.dll
2015-02-12 18:19 - 2015-02-12 18:19 - 00615112 _____ () C:\Program Files (x86)\Invincea\Enterprise\X64\SqlliteICD.dll
2014-10-26 17:08 - 2014-07-02 21:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-11-02 11:13 - 2014-11-02 11:18 - 28693504 _____ () C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.52_windows_x86_64.exe
2014-11-02 11:46 - 2014-11-02 11:46 - 00510976 _____ () C:\ProgramData\BOINC\projects\http://www.enigmaathome.net\wrapper_...s_intelx86.exe
2015-02-20 12:37 - 2014-11-02 11:46 - 00057856 _____ () C:\ProgramData\BOINC\slots\6\enigma_0.76.exe
2013-03-25 12:42 - 2013-03-25 12:42 - 00021824 _____ () C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\SSLSupport.dll
2014-08-13 08:27 - 2014-08-13 08:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2014-07-29 12:34 - 2014-07-29 12:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2014-07-29 12:34 - 2014-07-29 12:34 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2014-07-29 12:34 - 2014-07-29 12:34 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-26 17:08 - 2014-07-30 17:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-10-26 17:08 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-10-26 17:08 - 2012-11-25 23:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-12-26 13:20 - 2008-06-19 17:35 - 00333288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
2014-12-26 13:16 - 2008-03-04 15:52 - 00790392 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
2014-12-26 13:16 - 2008-03-05 10:34 - 00795520 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
2014-12-26 13:16 - 2008-02-26 12:04 - 00717176 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
2014-12-26 13:11 - 2008-12-24 18:23 - 00121344 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
2015-01-26 17:35 - 2015-01-26 17:35 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-27 12:46 - 2014-12-27 12:46 - 00133120 _____ () C:\Users\Henry\AppData\Roaming\xaeojhej\colers.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:151
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:154
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:273
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:276
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3538
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3590
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3691
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:95

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1310488628-551009281-1505269296-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.222.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

ACTUser (S-1-5-21-1310488628-551009281-1505269296-1005 - Limited - Enabled)
Administrator (S-1-5-21-1310488628-551009281-1505269296-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1310488628-551009281-1505269296-1003 - Limited - Enabled)
Guest (S-1-5-21-1310488628-551009281-1505269296-501 - Limited - Enabled)
Henry (S-1-5-21-1310488628-551009281-1505269296-1000 - Administrator - Enabled) => C:\Users\Henry
HomeGroupUser$ (S-1-5-21-1310488628-551009281-1505269296-1011 - Limited - Enabled)
SQLDebugger (S-1-5-21-1310488628-551009281-1505269296-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Visioneer RoadWarrior 3
Description: Visioneer RoadWarrior 3
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Visioneer Incorporated
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/21/2015 11:10:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong


System errors:
=============
Error: (02/21/2015 10:55:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (02/20/2015 06:21:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/20/2015 05:23:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/19/2015 08:28:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Garmin Core Update Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/19/2015 08:25:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (02/19/2015 08:25:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (02/19/2015 08:25:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (02/19/2015 08:25:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (02/18/2015 03:26:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

Error: (02/18/2015 03:25:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (02/21/2015 11:10:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (02/21/2015 11:10:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong


CodeIntegrity Errors:
===================================
Date: 2014-11-09 16:43:42.493
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 12:46:22.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 12:36:23.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 11:55:27.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 11:30:57.431
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 11:08:00.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 10:52:31.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 10:44:27.439
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 10:39:25.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-09 10:21:17.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 16289.21 MB
Available physical RAM: 8701.4 MB
Total Pagefile: 32576.6 MB
Available Pagefile: 22761.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.74 GB) (Free:620.07 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:3.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================


aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-02-03 22:19:21
-----------------------------
22:19:21.866 OS Version: Windows x64 6.1.7601 Service Pack 1
22:19:21.866 Number of processors: 8 586 0x3C03
22:19:21.867 ComputerName: ELSERVICE13 UserName: Henry
22:19:26.400 Initialize success
22:19:26.548 VM: initialized successfully
22:19:26.549 VM: Intel CPU supported
22:19:47.886 VM: disk I/O iaStorA.sys
22:21:36.322 AVAST engine defs: 15020300
22:21:44.138 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d
22:21:44.141 Disk 0 Vendor: Size: 0MB BusType: 0
22:21:44.227 Disk 0 MBR read successfully
22:21:44.229 Disk 0 MBR scan
22:21:44.233 Disk 0 Windows VISTA default MBR code
22:21:44.235 Disk 0 MBR hidden
22:21:44.250 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
22:21:44.264 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12014 MB offset 81920
22:21:44.272 Disk 0 Boot: NTFS code=1
22:21:44.284 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 941814 MB offset 24686592
22:21:44.323 Disk 0 scanning C:\Windows\system32\drivers
22:21:54.190 Service scanning
22:22:10.965 Modules scanning
22:22:10.969 Disk 0 trace - called modules:
22:22:10.976 ntoskrnl.exe CLASSPNP.SYS disk.sys Wdf01000.sys SEDFilter.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
22:22:10.980 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d825790]
22:22:10.984 3 CLASSPNP.SYS[fffff880015b143f] -> nt!IofCallDriver -> [0xfffffa800d743b90]
22:22:10.988 5 Wdf01000.sys[fffff88000ef2fe9] -> nt!IofCallDriver -> [0xfffffa800d741cb0]
22:22:10.992 7 stdcfltn.sys[fffff880019cdd12] -> nt!IofCallDriver -> [0xfffffa800d740ab0]
22:22:10.996 9 iaStorF.sys[fffff880019f4f84] -> nt!IofCallDriver -> \Device\0000006d[0xfffffa800d7179c0]
22:22:14.783 AVAST engine scan C:\Windows
22:22:18.296 AVAST engine scan C:\Windows\system32
22:27:03.108 AVAST engine scan C:\Windows\system32\drivers
22:27:13.412 AVAST engine scan C:\Users\Henry
22:34:59.390 Disk 0 MBR has been saved successfully to "C:\Users\Henry\Documents\Downloads\Spybot\MBR.dat"
22:34:59.407 The log file has been saved successfully to "C:\Users\Henry\Documents\Downloads\Spybot\aswMBR.txt"

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-02-21 11:13:01
-----------------------------
11:13:01.894 OS Version: Windows x64 6.1.7601 Service Pack 1
11:13:01.894 Number of processors: 8 586 0x3C03
11:13:01.895 ComputerName: ELSERVICE13 UserName: Henry
11:13:05.158 Initialize success
11:13:05.220 VM: initialized successfully
11:13:05.221 VM: Intel CPU supported
11:13:08.961 VM: disk I/O iaStorA.sys
11:14:50.672 AVAST engine defs: 15022100
11:15:03.264 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006f
11:15:03.266 Disk 0 Vendor: Size: 0MB BusType: 0
11:15:03.292 Disk 0 MBR read successfully
11:15:03.295 Disk 0 MBR scan
11:15:03.300 Disk 0 Windows VISTA default MBR code
11:15:03.303 Disk 0 MBR hidden
11:15:03.316 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
11:15:03.325 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12014 MB offset 81920
11:15:03.329 Disk 0 Boot: NTFS code=1
11:15:03.335 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 941814 MB offset 24686592
11:15:03.352 Disk 0 scanning C:\Windows\system32\drivers
11:15:14.939 Service scanning
11:15:33.201 Modules scanning
11:15:33.206 Disk 0 trace - called modules:
11:15:33.212 ntoskrnl.exe CLASSPNP.SYS disk.sys Wdf01000.sys SEDFilter.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
11:15:33.215 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d732790]
11:15:33.219 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa800d68ee10]
11:15:33.223 5 Wdf01000.sys[fffff88000e2bfe9] -> nt!IofCallDriver -> [0xfffffa800d68b8c0]
11:15:33.226 7 stdcfltn.sys[fffff880019cfd12] -> nt!IofCallDriver -> [0xfffffa800d68bc50]
11:15:33.229 9 iaStorF.sys[fffff880019f6f84] -> nt!IofCallDriver -> \Device\0000006f[0xfffffa800d6629c0]
11:15:36.806 AVAST engine scan C:\Windows
11:15:41.498 AVAST engine scan C:\Windows\system32
11:21:26.337 AVAST engine scan C:\Windows\system32\drivers
11:22:01.485 AVAST engine scan C:\Users\Henry
11:24:01.934 Disk 0 MBR has been saved successfully to "C:\Users\Henry\Documents\Downloads\Spybot\MBR.dat"
11:24:01.943 The log file has been saved successfully to "C:\Users\Henry\Documents\Downloads\Spybot\aswMBR.txt"