TheJDawg
2014-09-15, 15:05
Hi
I've at the very least got a problem with Instashare pop up ads. Tried to uninstall. Failed. Used RevoUninstall and that appears to have just hidden it. Ran Malwarebytes but hasn't removed it nor has Spybot. Would appreciate some help.
Farber Logs below. Trying to get aswMBR log but keeps stalling. Will post when obtained. Thanks:D:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Jonesboy (administrator) on JONESBOY-PC on 15-09-2014 21:26:40
Running from C:\Users\Jonesboy\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\DCService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Interesting Solutions) C:\ProgramData\myXaturuft\ZGtfxyv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
() C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Suunto) C:\Users\Jonesboy\AppData\Local\Apps\2.0\J3GJB57M.PLP\OXTB5DWT.DJK\move..tion_3ccae3cb2a36e2f5_0001.0002_a975bf06beb701f6\Moveslink2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Windows\system\cm106eye.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
() C:\Program Files (x86)\Star Downloader\stardown.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_start.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_7_8_2008_2012_64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_pause.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663976 2010-12-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2396968 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-03-16] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7069088 2010-09-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Cm106Sound] => C:\windows\syswow64\RunDll32.exe C:\windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-06-23] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Moveslink2] => C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [GoogleChromeAutoLaunch_7A6E0EABF593F225B7774D26E405CDFD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Viber] => C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe [936656 2014-06-10] ()
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {845efb99-e39f-11e1-8326-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {845efbab-e39f-11e1-8326-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {dfefbe99-e45d-11e1-bbcb-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {ff38db40-789b-11e1-aaf9-ec55f9ebde21} - E:\win\setup.exe -phs
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - {175023C8-9E2B-4397-A1BB-D91BB93ABDAD} URL = http://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///F:/activeX/DCP.cab
DPF: HKLM-x32 {7191F0AC-D686-46A8-BFCC-EA61778C74DD} file:///F:/activeX/aplugLiteDL.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{34375D8E-2FCE-430B-A5D5-23777D7BACBF}: [NameServer] 198.142.0.51 61.88.88.88
Tcpip\..\Interfaces\{8D2B2EC0-232F-416C-9E7E-477645E64688}: [NameServer] 198.142.0.51 61.88.88.88
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: reconinstruments.com/Recon -> C:\Users\Jonesboy\AppData\Roaming\ReconInstruments\ReconUplink\1.0.2.1\npReconUplink.dll (Recon Instruments)
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> FB2353EF818E000C9EC1B1DDDF8F147F6788363B76B7D4A4E3563D81BDDA2FD4
CHR DefaultSearchURL: Default -> 3A93E825D69222AF67266526206B5617EC1F7F2100BD65E5D18A6E7AD7FEA498
CHR Profile: C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-02]
CHR Extension: (Google Drive) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-02]
CHR Extension: (Google Search) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-02]
CHR Extension: (iCloud Bookmarks) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2013-09-24]
CHR Extension: (Skype Click to Call) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-03]
CHR Extension: (OneDrive) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Desktop Client for Viber™) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\olamheimegmegknankiijehcgocchdph [2014-06-13]
CHR Extension: (Gmail) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-02]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [hfimfliilbabfohebppnfomgjljicpdm] - C:\Program Files (x86)\MP3 Rocket\MP3RocketDownloader.crx [2013-03-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [915232 2010-06-14] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8988048 2013-04-03] (DisplayLink Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438104 2014-07-10] (Garmin Ltd or its subsidiaries)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-15] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2014-07-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2014-07-12] (Microsoft Corporation)
R2 ZGtfxyv; C:\ProgramData\myXaturuft\ZGtfxyv.exe [2319728 2014-09-14] (Interesting Solutions)
S2 HPSLPSVC; C:\Users\Jonesboy\AppData\Local\Temp\7zS51CF\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.2.47157.0.sys [44944 2013-04-10] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-06] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [57072 2010-04-24] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31344 2010-04-24] (JMicron Technology Corp.)
S3 massfilter_lte; C:\windows\system32\drivers\massfilter_lte.sys [18456 2011-08-09] (HandSet Incorporated)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-07-21] (Sierra Wireless Incorporated) [File not signed]
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-07-21] (Sierra Wireless Inc.) [File not signed]
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [249344 2011-07-21] (Sierra Wireless Inc.) [File not signed]
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [199552 2009-07-22] (Sierra Wireless Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
U0 xgjbae; C:\Windows\System32\drivers\hnnhhmec.sys [79064 2014-09-15] (Malwarebytes Corporation)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
S3 swmsflt; system32\DRIVERS\swmsflt.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 21:26 - 2014-09-15 21:27 - 00035571 _____ () C:\Users\Jonesboy\Desktop\FRST.txt
2014-09-15 21:25 - 2014-09-15 21:26 - 00000000 ____D () C:\FRST
2014-09-15 21:25 - 2014-09-15 21:25 - 05185536 _____ (AVAST Software) C:\Users\Jonesboy\Desktop\aswMBR.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 02105856 _____ (Farbar) C:\Users\Jonesboy\Desktop\FRST64.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 00000207 _____ () C:\windows\tweaking.com-regbackup-JONESBOY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-15 21:23 - 2014-09-15 21:23 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\RegBackup
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 21:22 - 2014-09-15 21:22 - 04057608 _____ () C:\Users\Jonesboy\Desktop\tweaking.com_registry_backup_setup.exe
2014-09-15 21:00 - 2014-09-15 21:00 - 00079064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\hnnhhmec.sys
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-15 20:59 - 2014-09-15 21:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-15 20:46 - 2014-09-15 20:49 - 11194928 _____ (SurfRight B.V.) C:\Users\Jonesboy\Downloads\HitmanPro_x64.exe
2014-09-15 20:32 - 2014-09-15 20:32 - 00000056 _____ () C:\windows\setupact.log
2014-09-15 20:32 - 2014-09-15 20:32 - 00000000 _____ () C:\windows\setuperr.log
2014-09-15 19:26 - 2014-09-15 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonesboy\Downloads\revosetup.exe
2014-09-15 19:26 - 2014-09-15 19:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 18:45 - 2014-09-15 18:45 - 00002096 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-09-15 17:02 - 2014-09-15 17:02 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\speed browser
2014-09-15 17:01 - 2014-09-15 17:01 - 01482656 _____ () C:\ProgramData\Setup.exe
2014-09-15 15:32 - 2014-09-15 15:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-14 08:41 - 2014-09-14 08:42 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\CutePDF Writer
2014-09-14 08:32 - 2014-09-14 08:32 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-09-14 08:31 - 2014-09-14 08:32 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup (1).exe
2014-09-14 08:30 - 2014-09-15 19:14 - 00000000 ____D () C:\Program Files\Common Files\PicRec
2014-09-14 08:30 - 2014-09-15 19:03 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-09-14 08:30 - 2014-09-14 08:30 - 03608126 _____ (Word-Pdf-Convert Software, Inc. ) C:\Users\Jonesboy\Downloads\power_word_to_pdf_converter.exe
2014-09-14 08:30 - 2014-08-25 12:14 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\netmon_wfp.sys
2014-09-14 08:29 - 2014-09-15 20:41 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\InstaShare
2014-09-14 08:29 - 2014-09-14 08:29 - 02003352 _____ (Acro Software Inc. ) C:\Users\Jonesboy\Downloads\CuteWriter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 00000000 ____D () C:\ProgramData\myXaturuft
2014-09-14 08:27 - 2014-09-14 08:27 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup.exe
2014-09-13 17:52 - 2014-09-13 18:14 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Systweak
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\Program Files\iTunes
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-13 17:51 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 15:54 - 2014-08-20 04:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-10 15:54 - 2014-08-20 03:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-10 15:54 - 2014-08-19 09:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-10 15:54 - 2014-08-19 08:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-10 15:54 - 2014-08-19 08:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-10 15:54 - 2014-08-19 08:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-10 15:54 - 2014-08-19 08:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-10 15:54 - 2014-08-19 08:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-10 15:54 - 2014-08-19 08:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-10 15:54 - 2014-08-19 08:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-10 15:54 - 2014-08-19 08:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-10 15:54 - 2014-08-19 08:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-10 15:54 - 2014-08-19 08:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-10 15:54 - 2014-08-19 08:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-10 15:54 - 2014-08-19 08:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-10 15:54 - 2014-08-19 07:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-10 15:54 - 2014-08-19 07:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-10 15:54 - 2014-08-19 07:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-10 15:54 - 2014-08-19 07:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-10 15:54 - 2014-08-19 07:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 15:54 - 2014-08-19 07:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-10 15:54 - 2014-08-19 07:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-10 15:54 - 2014-08-19 07:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-10 15:54 - 2014-08-19 07:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-10 15:54 - 2014-08-19 07:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-10 15:54 - 2014-08-19 07:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-10 15:54 - 2014-08-19 07:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-10 15:54 - 2014-08-19 07:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-10 15:54 - 2014-08-19 07:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-10 15:54 - 2014-08-19 07:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-10 15:54 - 2014-08-19 07:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-10 15:54 - 2014-08-19 07:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-10 15:54 - 2014-08-19 07:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 15:54 - 2014-08-19 07:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-10 15:54 - 2014-08-19 07:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-10 15:54 - 2014-08-19 07:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-10 15:54 - 2014-08-19 07:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-10 15:54 - 2014-08-19 07:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-10 15:54 - 2014-08-19 06:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-10 15:54 - 2014-08-19 06:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-10 15:53 - 2014-08-19 08:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-10 15:53 - 2014-08-19 08:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-10 15:53 - 2014-08-19 08:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-10 15:53 - 2014-08-19 08:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-10 15:53 - 2014-08-19 07:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-10 15:53 - 2014-08-19 07:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-10 15:53 - 2014-08-19 07:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-10 15:53 - 2014-08-19 07:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-10 15:53 - 2014-08-19 07:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-10 15:53 - 2014-08-19 07:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-10 15:53 - 2014-08-19 06:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-10 15:53 - 2014-08-19 06:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-10 15:53 - 2014-08-19 06:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-10 15:43 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-10 15:43 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 15:41 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-10 15:41 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-10 15:41 - 2014-07-07 12:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-10 15:41 - 2014-07-07 12:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-10 15:41 - 2014-07-07 11:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-10 15:41 - 2014-07-07 11:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-10 15:41 - 2014-07-07 11:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-10 15:41 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-10 15:41 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-10 15:40 - 2014-09-05 12:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-10 15:40 - 2014-09-05 12:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 09:13 - 2014-09-04 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 12:38 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-29 12:38 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-29 12:38 - 2014-08-23 10:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 01:54 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-22 01:54 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-22 01:54 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-22 01:54 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-22 01:53 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-22 01:53 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-22 01:53 - 2014-05-14 12:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-22 01:53 - 2014-05-14 12:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-22 01:53 - 2014-05-14 12:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-22 01:53 - 2014-05-14 12:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-20 01:05 - 2014-08-20 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-18 18:54 - 2014-09-13 17:22 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 21:27 - 2014-09-15 21:26 - 00035571 _____ () C:\Users\Jonesboy\Desktop\FRST.txt
2014-09-15 21:26 - 2014-09-15 21:25 - 00000000 ____D () C:\FRST
2014-09-15 21:25 - 2014-09-15 21:25 - 05185536 _____ (AVAST Software) C:\Users\Jonesboy\Desktop\aswMBR.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 02105856 _____ (Farbar) C:\Users\Jonesboy\Desktop\FRST64.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 00000207 _____ () C:\windows\tweaking.com-regbackup-JONESBOY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-15 21:23 - 2014-09-15 21:23 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\RegBackup
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 21:22 - 2014-09-15 21:22 - 04057608 _____ () C:\Users\Jonesboy\Desktop\tweaking.com_registry_backup_setup.exe
2014-09-15 21:14 - 2014-09-15 20:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-15 21:13 - 2012-02-27 00:51 - 00000000 ____D () C:\Users\Jonesboy\Documents\Outlook Files
2014-09-15 21:09 - 2012-04-22 20:24 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Files
2014-09-15 21:00 - 2014-09-15 21:00 - 00079064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\hnnhhmec.sys
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-15 20:59 - 2013-07-02 18:28 - 00004996 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonesboy-PC-Jonesboy Jonesboy-PC
2014-09-15 20:49 - 2014-09-15 20:46 - 11194928 _____ (SurfRight B.V.) C:\Users\Jonesboy\Downloads\HitmanPro_x64.exe
2014-09-15 20:43 - 2014-05-25 22:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 20:43 - 2009-07-14 14:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:43 - 2009-07-14 14:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:41 - 2014-09-14 08:29 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\InstaShare
2014-09-15 20:39 - 2014-05-18 12:32 - 01415212 _____ () C:\windows\WindowsUpdate.log
2014-09-15 20:38 - 2014-06-13 13:55 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\ViberPC
2014-09-15 20:37 - 2012-07-28 18:09 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Deployment
2014-09-15 20:36 - 2014-06-13 13:40 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Viber
2014-09-15 20:36 - 2012-04-02 21:34 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 20:35 - 2013-01-22 11:01 - 00000354 _____ () C:\windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-09-15 20:35 - 2013-01-10 18:25 - 00000342 _____ () C:\windows\Tasks\spmonitor.job
2014-09-15 20:35 - 2013-01-10 18:25 - 00000264 _____ () C:\windows\Tasks\SpeedUpMyPC.job
2014-09-15 20:35 - 2012-02-15 21:17 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 20:35 - 2012-02-15 21:17 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 20:33 - 2009-07-14 15:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-15 20:32 - 2014-09-15 20:32 - 00000056 _____ () C:\windows\setupact.log
2014-09-15 20:32 - 2014-09-15 20:32 - 00000000 _____ () C:\windows\setuperr.log
2014-09-15 19:55 - 2012-02-22 14:09 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-09-15 19:55 - 2011-03-16 04:31 - 00000000 ____D () C:\ProgramData\Temp
2014-09-15 19:53 - 2012-11-22 09:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-15 19:48 - 2012-02-22 17:45 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\PhotoScape
2014-09-15 19:26 - 2014-09-15 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonesboy\Downloads\revosetup.exe
2014-09-15 19:26 - 2014-09-15 19:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 19:15 - 2009-07-14 13:20 - 00000000 ____D () C:\windows\IME
2014-09-15 19:14 - 2014-09-14 08:30 - 00000000 ____D () C:\Program Files\Common Files\PicRec
2014-09-15 19:03 - 2014-09-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-09-15 18:56 - 2012-06-19 17:53 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Skype
2014-09-15 18:46 - 2012-02-15 00:12 - 00002038 _____ () C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 18:45 - 2014-09-15 18:45 - 00002096 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-09-15 18:45 - 2012-07-07 17:13 - 00002038 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 18:45 - 2012-02-15 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-15 17:02 - 2014-09-15 17:02 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\speed browser
2014-09-15 17:01 - 2014-09-15 17:01 - 01482656 _____ () C:\ProgramData\Setup.exe
2014-09-15 15:32 - 2014-09-15 15:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 12:07 - 2012-08-10 15:22 - 00000000 ____D () C:\Program Files (x86)\Hubb Investor
2014-09-15 11:33 - 2012-07-07 21:50 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-14 08:42 - 2014-09-14 08:41 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\CutePDF Writer
2014-09-14 08:32 - 2014-09-14 08:32 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-09-14 08:32 - 2014-09-14 08:31 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup (1).exe
2014-09-14 08:30 - 2014-09-14 08:30 - 03608126 _____ (Word-Pdf-Convert Software, Inc. ) C:\Users\Jonesboy\Downloads\power_word_to_pdf_converter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 02003352 _____ (Acro Software Inc. ) C:\Users\Jonesboy\Downloads\CuteWriter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 00000000 ____D () C:\ProgramData\myXaturuft
2014-09-14 08:27 - 2014-09-14 08:27 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup.exe
2014-09-13 22:10 - 2012-02-23 20:36 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\vlc
2014-09-13 21:39 - 2012-02-19 08:58 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Anti Virus
2014-09-13 21:23 - 2012-03-04 23:33 - 00001999 _____ () C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-09-13 20:49 - 2009-07-14 15:32 - 00000000 ____D () C:\windows\Performance
2014-09-13 18:20 - 2014-03-29 00:37 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Tax Docs
2014-09-13 18:14 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Systweak
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iTunes
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-13 17:51 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-09-13 17:22 - 2014-08-18 18:54 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Adobe
2014-09-11 19:14 - 2009-07-14 13:20 - 00000000 ____D () C:\windows\rescache
2014-09-10 19:36 - 2012-04-02 21:34 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 19:36 - 2012-04-02 21:34 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 19:36 - 2012-03-05 22:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 16:58 - 2012-02-19 08:56 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Adobe
2014-09-10 15:51 - 2013-07-15 18:18 - 00000000 ____D () C:\windows\system32\MRT
2014-09-10 15:44 - 2012-02-15 16:56 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-10 15:42 - 2014-04-24 19:45 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-08 22:15 - 2012-10-18 22:44 - 00000000 ____D () C:\Users\Jonesboy\Downloads\YTD
2014-09-08 18:41 - 2012-08-10 10:38 - 00000000 ___RD () C:\Users\Jonesboy\SkyDrive
2014-09-08 15:25 - 2009-07-14 15:13 - 00006620 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-05 12:10 - 2014-09-10 15:40 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 12:05 - 2014-09-10 15:40 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 09:14 - 2012-06-19 17:53 - 00000000 ____D () C:\ProgramData\Skype
2014-09-04 09:13 - 2014-09-04 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-04 09:13 - 2012-06-19 17:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-31 21:51 - 2014-03-28 23:44 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Pt Cook
2014-08-29 12:54 - 2009-07-14 14:45 - 00437128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-29 10:29 - 2014-06-22 00:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 11:55 - 2012-02-22 17:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 12:14 - 2014-09-14 08:30 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\netmon_wfp.sys
2014-08-23 22:20 - 2013-10-18 01:15 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2014-08-23 22:20 - 2013-10-18 01:15 - 00000000 ____D () C:\Program Files\Java
2014-08-23 22:16 - 2012-03-04 17:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-23 22:14 - 2013-10-01 20:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-23 12:07 - 2014-08-29 12:38 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 11:45 - 2014-08-29 12:38 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 10:59 - 2014-08-29 12:38 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 01:50 - 2012-02-15 21:03 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Apple
2014-08-20 22:02 - 2012-03-05 09:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Windows Live
2014-08-20 04:05 - 2014-09-10 15:54 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-20 03:39 - 2014-09-10 15:54 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-20 01:05 - 2014-08-20 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-19 22:03 - 2014-01-26 21:30 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Run Swim Ride
2014-08-19 09:01 - 2014-09-10 15:54 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-19 08:29 - 2014-09-10 15:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-19 08:29 - 2014-09-10 15:54 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-19 08:26 - 2014-09-10 15:53 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-19 08:20 - 2014-09-10 15:53 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-19 08:19 - 2014-09-10 15:53 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-19 08:15 - 2014-09-10 15:54 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-19 08:15 - 2014-09-10 15:54 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-19 08:14 - 2014-09-10 15:54 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-19 08:14 - 2014-09-10 15:54 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-19 08:08 - 2014-09-10 15:54 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-19 08:08 - 2014-09-10 15:54 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-19 08:08 - 2014-09-10 15:53 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-19 08:05 - 2014-09-10 15:54 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-19 08:03 - 2014-09-10 15:54 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-19 08:03 - 2014-09-10 15:54 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-19 08:03 - 2014-09-10 15:54 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-19 07:57 - 2014-09-10 15:54 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-19 07:56 - 2014-09-10 15:54 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-19 07:51 - 2014-09-10 15:54 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-19 07:46 - 2014-09-10 15:54 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-19 07:45 - 2014-09-10 15:54 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 07:45 - 2014-09-10 15:54 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-19 07:44 - 2014-09-10 15:54 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-19 07:44 - 2014-09-10 15:54 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-19 07:42 - 2014-09-10 15:53 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-19 07:40 - 2014-09-10 15:54 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-19 07:38 - 2014-09-10 15:54 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-19 07:37 - 2014-09-10 15:54 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-19 07:36 - 2014-09-10 15:54 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-19 07:35 - 2014-09-10 15:54 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-19 07:27 - 2014-09-10 15:54 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-19 07:25 - 2014-09-10 15:54 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-19 07:25 - 2014-09-10 15:54 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-19 07:23 - 2014-09-10 15:54 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-19 07:23 - 2014-09-10 15:53 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-19 07:22 - 2014-09-10 15:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 07:19 - 2014-09-10 15:54 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-19 07:17 - 2014-09-10 15:54 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-19 07:17 - 2014-09-10 15:54 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-19 07:16 - 2014-09-10 15:53 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-19 07:15 - 2014-09-10 15:53 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-19 07:15 - 2014-09-10 15:53 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-19 07:09 - 2014-09-10 15:54 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-19 07:08 - 2014-09-10 15:53 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-19 07:07 - 2014-09-10 15:54 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-19 06:55 - 2014-09-10 15:53 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-19 06:46 - 2014-09-10 15:53 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-19 06:38 - 2014-09-10 15:54 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-19 06:38 - 2014-09-10 15:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-19 06:36 - 2014-09-10 15:54 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-18 00:39 - 2014-07-12 18:14 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Go Pro
Files to move or delete:
====================
C:\ProgramData\Setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-07 22:57
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-15 21:27:37
Running from C:\Users\Jonesboy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AceBackup 3 (HKLM-x32\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{26D103BC-A153-B74C-CA98-8F0A66EF6041}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AX88772A & AX88772 Vista 64-bit Driver (HKLM-x32\...\InstallShield_{663451CD-7556-46FF-9EDA-45A50AEA658C}) (Version: 3.10.234.13 - ASIX Electronics Corporation)
AX88772A & AX88772 Vista 64-bit Driver (x32 Version: 3.10.234.13 - ASIX Electronics Corporation) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
Business Contact Manager for Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.52.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.3.1 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0727.2126.36625 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help English (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help French (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help German (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
ccc-utility64 (Version: 2010.0727.2126.36625 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2603 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2603 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{A0A51EB5-5C6C-4588-816A-D6990B79F298}) (Version: 7.2.47157.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{B76E347A-DFF5-4CD7-88D5-7F947BC75D41}) (Version: 7.0.43577.0 - DisplayLink Corp.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
dynadock Utility_II (HKLM\...\{F6D91449-5BB1-4F5D-9565-CA1E7EB961CD}) (Version: 2.1.1.0.64 - TOSHIBA Corporation)
Elevated Installer (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.2.2 - Lenovo)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FileHippo Update Checker Packages (HKCU\...\FileHippo Update Checker Packages) (Version: - ) <==== ATTENTION
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
Full DVD Ripper 9 Free (HKLM-x32\...\{DA5931FD-7F75-49CA-A405-85D230DE29D8}_is1) (Version: - Full DVD Studio)
Garmin BaseCamp (HKLM-x32\...\{F487FEEC-AE9F-4E68-82F2-300F49A8C435}) (Version: 4.2.2 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{ac22014a-a254-43b9-9cc0-e87cf9c7e18a}) (Version: 3.2.13.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GDR 5520 for SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Hubb Investor (HKLM-x32\...\Hubb Investor) (Version: - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.4.6 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.6 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2400 - Broadcom Corporation)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{F5608FF7-17C0-440A-80C7-29C48363BD87}) (Version: 1.0.9.4 - Suyin Optronics Corp.)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo MuteSync (HKLM-x32\...\InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}) (Version: 1.0.0.2 - Lenovo)
Lenovo MuteSync (x32 Version: 1.0.0.2 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo SlideNav (HKLM-x32\...\Lenovo SlideNav2) (Version: 2.0.1230.0003 - Lenovo)
Lenovo SplitScreen (HKLM-x32\...\Lenovo SplitScreen) (Version: 1.00.1823.0001 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{5D60AB1A-2409-4829-83D4-0972856D885A}) (Version: 10.3.5520.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
More Add-in (HKLM-x32\...\{F522CEC8-CBF8-4733-9344-563D322E25E1}) (Version: 4.2.0 - MoreAddin)
Moveslink2 (HKCU\...\ad9740b1426036fe) (Version: 1.2.9.4693 - Suunto)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.6 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.6 - Lenovo) Hidden
Optus Mobile Broadband (HKLM-x32\...\Optus Mobile Broadband) (Version: 16.002.10.01.432 - Huawei Technologies Co.,Ltd)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 2.24 - NCH Software)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.6903 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6265 - Realtek Semiconductor Corp.)
ReconUplink (HKLM-x32\...\{D2EBF10F-4746-4994-BF85-5964ED9AB9A5}) (Version: 1.0.2.1 - Recon Instruments)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.20.53 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TOSHIBA dynadock (HKLM\...\{3933FB5F-85F6-4D24-A663-0D376CA05D90}) (Version: 4.5.14974.0 - TOSHIBA Corporation)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
USB Multi-Channel Audio Device (HKLM-x32\...\Generic USB 106 Sound) (Version: - )
Viber (HKCU\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-09-2014 00:12:31 Windows Update
07-09-2014 11:21:30 Windows Update
08-09-2014 11:11:51 Installed Samsung Kies3
10-09-2014 05:42:19 Windows Update
14-09-2014 07:02:39 Windows Update
15-09-2014 08:46:31 Removed PicRec (x86)
15-09-2014 08:48:21 Removed PicRec (x86)
15-09-2014 09:28:01 Revo Uninstaller's restore point - InstaShare
15-09-2014 09:49:20 Revo Uninstaller's restore point - Bing Desktop
15-09-2014 11:13:34 Checkpoint by HitmanPro
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 12:34 - 2014-09-15 21:08 - 00450770 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com (http://www.007guard.com)
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com (http://www.008k.com)
127.0.0.1 008k.com
127.0.0.1 www.00hq.com (http://www.00hq.com)
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com (http://www.032439.com)
127.0.0.1 032439.com
127.0.0.1 www.0scan.com (http://www.0scan.com)
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com (http://www.1000gratisproben.com)
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com (http://www.1001namen.com)
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com (http://www.100888290cs.com)
127.0.0.1 www.100sexlinks.com (http://www.100sexlinks.com)
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com (http://www.10sek.com)
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com (http://www.1-2005-search.com)
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info (http://www.123fporn.info)
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com (http://www.123haustiereundmehr.com)
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E565558-BC0D-4DA0-AD83-1F6E717DAC64} - System32\Tasks\{8653835D-03A1-4CC8-909A-285E036CB7AD} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=0
Task: {24A6AB29-40C9-40A1-8FEE-389792A623C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2E2818CD-D83C-47C2-BEFE-6DBFACC268ED} - System32\Tasks\SpeedUpMyPC => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: {2EBD4A33-07B1-41EC-A28F-79ED90CB1848} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-10] ()
Task: {345CC3E1-A5D3-4F6F-A4A4-70BC03338845} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {3CA9C9C8-8A3E-4BA5-B121-B596EE02C559} - System32\Tasks\{4D9FBE05-3A90-4892-A19A-CEF2CED8137F} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {453218D4-6179-4C01-8C1B-4AFF7774811E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonesboy-PC-Jonesboy Jonesboy-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-27] (Microsoft Corporation)
Task: {49399536-52DB-486E-AF9C-41E909330979} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-27] (Microsoft Corporation)
Task: {4D20A384-F7F7-4028-B7D5-D4FA2C72242B} - System32\Tasks\{4109FCE8-B55C-4BD3-9B73-CD0BF3B4C7D6} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {5F3EBEE2-5768-4836-8667-DD87DA02646B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {615899FB-6231-44E4-8883-FC4FD8B31CBB} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {672D6D2C-0BA4-4A6C-8EE2-018289B8602C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {68D0EB38-394E-4C96-B903-575D24E114AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6A1803A4-EB8A-49F3-A864-F35B32CD8201} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {7D96CFB1-CBDA-49E0-801C-58D922F2F1DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {7DBB66B2-B6BC-4792-9D06-49441D499C16} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {7E7B4D0B-B2EC-4AE4-AE60-4196E6847FD4} - System32\Tasks\{5C69CC98-2842-4857-B783-164F24FC0344} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {81754E45-FFF8-4866-9A32-B2FDA551E27D} - System32\Tasks\{E90617FB-07C0-4AB6-9D0E-10E6146971EE} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {9760B92A-420C-48CA-B7B9-54074AE48896} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {9E1E0B6F-CE97-4D06-9DE1-FBA233A528C3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {A5CA1764-E513-408D-A3E4-F93809AE8189} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE2A720F-EE38-4928-82F0-852934809CB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {BC042629-8A25-4F0F-BD78-CBC955EDC851} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C85C4CA9-A503-4158-88E9-0D58220FF9A8} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {F89B0AAF-30A9-477D-AE3A-E08EAA057CED} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: {FEAFB85C-231B-4DFF-B67B-28050E562C09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BCK1 7 July 2013.job => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: C:\windows\Tasks\BCK2 13 07 13.job => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\windows\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
==================== Loaded Modules (whitelisted) =============
2014-06-22 00:30 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-08-19 18:52 - 2010-08-19 18:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2010-10-19 00:50 - 2010-10-19 00:50 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-10-19 00:52 - 2010-10-19 00:52 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2014-08-27 10:48 - 2014-08-27 10:48 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-16 10:43 - 2012-03-31 23:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2011-03-16 04:44 - 2009-07-16 01:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-03-16 04:44 - 2009-07-16 01:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2011-03-16 04:28 - 2011-03-16 04:28 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2014-06-13 13:55 - 2014-06-10 14:25 - 00936656 _____ () C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe
2012-03-04 09:58 - 2008-05-20 20:18 - 00221184 _____ () C:\windows\system\Cm106eye.exe
2010-08-26 23:47 - 2010-08-26 23:47 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-28 06:25 - 2010-07-28 06:25 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-15 20:36 - 2014-09-15 20:36 - 01389936 _____ () C:\ProgramData\myXaturuft\dat\cHmAzL.dll
2014-06-14 13:50 - 2006-02-25 19:02 - 01785344 _____ () C:\Program Files (x86)\Star Downloader\stardown.exe
2014-07-04 18:20 - 2014-07-04 18:20 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-15 11:33 - 2014-09-15 11:33 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091401\algo.dll
2014-01-20 12:17 - 2014-01-20 12:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 12:16 - 2014-01-20 12:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-04 19:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-04 19:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-04 19:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-04 19:40 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-04 19:40 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-27 10:48 - 2014-08-27 10:48 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-10-19 00:46 - 2010-10-19 00:46 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-10-19 00:49 - 2010-10-19 00:49 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 22593536 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libViber.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00737280 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libGLESv2.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00098304 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\qfacebook.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00049152 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libEGL.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00860160 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\platforms\qwindows.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00024576 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qgif.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00024576 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qico.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00204800 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qjpeg.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00221184 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qmng.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qsvg.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qtga.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00311296 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qtiff.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qwbmp.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00622592 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\sqldrivers\qsqlite.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00032768 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\iconengines\qsvgicon.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-09-04 09:12 - 2014-09-04 09:12 - 07248384 _____ () C:\Users\Jonesboy\AppData\Local\Apps\2.0\J3GJB57M.PLP\OXTB5DWT.DJK\move..tion_3ccae3cb2a36e2f5_0001.0002_a975bf06beb701f6\BLLWrapper.DLL
2012-03-04 09:58 - 2006-09-13 15:08 - 00491520 _____ () C:\windows\system\CmAu106.dll
2014-07-04 18:20 - 2014-07-04 18:20 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-22 00:32 - 2014-06-22 00:32 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2012-09-24 13:19 - 2011-05-27 10:17 - 01372160 ____N () C:\Program Files (x86)\Infotriever\Agent\ifboutlook.dll
2014-08-27 10:44 - 2014-08-27 10:47 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-06-14 13:50 - 2006-02-26 17:44 - 00135680 _____ () C:\Program Files (x86)\Star Downloader\SDIEInt.dll
2014-09-15 20:36 - 2014-09-15 20:36 - 01186160 _____ () C:\ProgramData\myXaturuft\dat\czsVqsmU.dll
2014-06-14 13:50 - 2004-02-18 02:05 - 00133632 _____ () C:\Program Files (x86)\Star Downloader\SDIE55Int.dll
2014-06-14 13:50 - 2004-02-04 22:53 - 00139264 _____ () C:\Program Files (x86)\Star Downloader\NSHelper.dll
2014-06-14 13:50 - 2004-02-04 22:53 - 00032768 _____ () C:\Program Files (x86)\Star Downloader\SDExt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^My Place.lnk => C:\windows\pss\My Place.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7A6E0EABF593F225B7774D26E405CDFD => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Moveslink2 => C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: ooVoo.exe => C:\program files (x86)\oovoo\oovoo.exe /minimized
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: TosDockApp => C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
MSCONFIG\startupreg: TRUUpdater => "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: Viber => "C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: YouCam Mirror Tray icon => "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2014 08:36:28 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 07:39:24 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 07:36:58 PM) (Source: Garmin Core Update Service) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (09/15/2014 07:21:18 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 06:57:36 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 06:47:14 PM) (Source: MsiInstaller) (EventID: 11001) (User: Jonesboy-PC)
Description: Product: PicRec (x86) -- Error 1001. Error 1001. An exception occurred while uninstalling. This exception will be ignored and the uninstall will continue. However, the application might not be fully uninstalled after the uninstall is complete. --> You canceled uninstallation(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:29:24 AM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/14/2014 07:20:20 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
System errors:
=============
Error: (09/15/2014 08:37:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (09/15/2014 08:36:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The SQL Server (MSSMLBIZ) service terminated with service-specific error %%3414.
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (09/15/2014 08:36:28 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 07:39:24 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 07:36:58 PM) (Source: Garmin Core Update Service) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (09/15/2014 07:21:18 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 06:57:36 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 06:47:14 PM) (Source: MsiInstaller) (EventID: 11001) (User: Jonesboy-PC)
Description: Product: PicRec (x86) -- Error 1001. Error 1001. An exception occurred while uninstalling. This exception will be ignored and the uninstall will continue. However, the application might not be fully uninstalled after the uninstall is complete. --> You canceled uninstallation(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:29:24 AM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/14/2014 07:20:20 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
CodeIntegrity Errors:
===================================
Date: 2014-09-15 20:37:19.315
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:37:18.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:37:02.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:36:59.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:39:15.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:39:15.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:38:50.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:38:49.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:21:22.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:21:20.377
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 8172.58 MB
Available physical RAM: 4387.63 MB
Total Pagefile: 16343.34 MB
Available Pagefile: 11812.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive b: () (RAMDisk) (Total:653 GB) (Free:56.16 GB) NTFS
Drive c: () (Fixed) (Total:653 GB) (Free:55.33 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:30.69 GB) (Free:28.52 GB) NTFS
Drive e: (Seagate Expansion Drive) (Fixed) (Total:2794.51 GB) (Free:2140.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5EE4C6C4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=653 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End Of Log ============================
Finally got the aswMBR log. attached.
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-09-15 22:03:20
-----------------------------
22:03:20.698 OS Version: Windows x64 6.1.7601 Service Pack 1
22:03:20.698 Number of processors: 8 586 0x2A07
22:03:20.699 ComputerName: JONESBOY-PC UserName: Jonesboy
22:03:22.375 Initialize success
22:03:22.376 VM: initialized successfully
22:03:22.392 VM: Intel CPU supported
22:03:24.327 VM: supported disk I/O iaStor.sys
22:03:27.182 AVAST engine defs: 14091401
22:03:32.522 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:03:32.529 Disk 0 Vendor: WDC_WD75 02.0 Size: 715404MB BusType: 3
22:03:32.777 Disk 0 MBR read successfully
22:03:32.781 Disk 0 MBR scan
22:03:32.784 Disk 0 Windows 7 default MBR code
22:03:32.798 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
22:03:32.813 Disk 0 default boot code
22:03:32.818 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 668670 MB offset 411648
22:03:32.822 Disk 0 Partition - 00 0F Extended LBA 31425 MB offset 1369847808
22:03:32.859 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 1434206208
22:03:32.923 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31424 MB offset 1369849856
22:03:33.189 Disk 0 scanning C:\windows\system32\drivers
22:03:51.859 Service scanning
22:04:21.789 Modules scanning
22:04:21.805 Disk 0 trace - called modules:
22:04:21.835 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:04:21.847 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c6c790]
22:04:21.860 3 CLASSPNP.SYS[fffff88000dbf43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800765c050]
22:04:23.599 AVAST engine scan C:\windows
22:04:30.055 AVAST engine scan C:\windows\system32
22:08:25.063 AVAST engine scan C:\windows\system32\drivers
22:08:43.897 AVAST engine scan C:\Users\Jonesboy
22:45:56.956 AVAST engine scan C:\ProgramData
22:55:26.997 Scan finished successfully
22:57:45.747 Disk 0 MBR has been saved successfully to "C:\Users\Jonesboy\Desktop\MBR.dat"
22:57:45.752 The log file has been saved successfully to "C:\Users\Jonesboy\Desktop\aswMBR 1.txt"
I've at the very least got a problem with Instashare pop up ads. Tried to uninstall. Failed. Used RevoUninstall and that appears to have just hidden it. Ran Malwarebytes but hasn't removed it nor has Spybot. Would appreciate some help.
Farber Logs below. Trying to get aswMBR log but keeps stalling. Will post when obtained. Thanks:D:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Jonesboy (administrator) on JONESBOY-PC on 15-09-2014 21:26:40
Running from C:\Users\Jonesboy\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\DCService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Interesting Solutions) C:\ProgramData\myXaturuft\ZGtfxyv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
() C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Suunto) C:\Users\Jonesboy\AppData\Local\Apps\2.0\J3GJB57M.PLP\OXTB5DWT.DJK\move..tion_3ccae3cb2a36e2f5_0001.0002_a975bf06beb701f6\Moveslink2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Windows\system\cm106eye.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
() C:\Program Files (x86)\Star Downloader\stardown.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_start.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_7_8_2008_2012_64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_pause.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663976 2010-12-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2396968 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-03-16] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7069088 2010-09-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Cm106Sound] => C:\windows\syswow64\RunDll32.exe C:\windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] => C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [778592 2010-06-23] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] => c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Moveslink2] => C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [GoogleChromeAutoLaunch_7A6E0EABF593F225B7774D26E405CDFD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Viber] => C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe [936656 2014-06-10] ()
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\RunOnce: [Uninstall C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {845efb99-e39f-11e1-8326-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {845efbab-e39f-11e1-8326-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {dfefbe99-e45d-11e1-bbcb-ec55f9ebde21} - E:\AutoRun.exe
HKU\S-1-5-21-3601747211-198960775-3737481478-1001\...\MountPoints2: {ff38db40-789b-11e1-aaf9-ec55f9ebde21} - E:\win\setup.exe -phs
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - {175023C8-9E2B-4397-A1BB-D91BB93ABDAD} URL = http://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {FFFFFEF0-5B30-21D4-945D-000000000000} -> C:\Program Files (x86)\Star Downloader\SDIEInt.dll ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {12193C65-F0E1-4DD1-AD4E-DB73C6911011} file:///F:/activeX/DCP.cab
DPF: HKLM-x32 {7191F0AC-D686-46A8-BFCC-EA61778C74DD} file:///F:/activeX/aplugLiteDL.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{34375D8E-2FCE-430B-A5D5-23777D7BACBF}: [NameServer] 198.142.0.51 61.88.88.88
Tcpip\..\Interfaces\{8D2B2EC0-232F-416C-9E7E-477645E64688}: [NameServer] 198.142.0.51 61.88.88.88
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: reconinstruments.com/Recon -> C:\Users\Jonesboy\AppData\Roaming\ReconInstruments\ReconUplink\1.0.2.1\npReconUplink.dll (Recon Instruments)
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> FB2353EF818E000C9EC1B1DDDF8F147F6788363B76B7D4A4E3563D81BDDA2FD4
CHR DefaultSearchURL: Default -> 3A93E825D69222AF67266526206B5617EC1F7F2100BD65E5D18A6E7AD7FEA498
CHR Profile: C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-02]
CHR Extension: (Google Drive) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-02]
CHR Extension: (Google Search) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-02]
CHR Extension: (iCloud Bookmarks) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2013-09-24]
CHR Extension: (Skype Click to Call) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-03]
CHR Extension: (OneDrive) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Desktop Client for Viber™) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\olamheimegmegknankiijehcgocchdph [2014-06-13]
CHR Extension: (Gmail) - C:\Users\Jonesboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-02]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [hfimfliilbabfohebppnfomgjljicpdm] - C:\Program Files (x86)\MP3 Rocket\MP3RocketDownloader.crx [2013-03-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [915232 2010-06-14] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8988048 2013-04-03] (DisplayLink Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438104 2014-07-10] (Garmin Ltd or its subsidiaries)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-15] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2014-07-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2014-07-12] (Microsoft Corporation)
R2 ZGtfxyv; C:\ProgramData\myXaturuft\ZGtfxyv.exe [2319728 2014-09-14] (Interesting Solutions)
S2 HPSLPSVC; C:\Users\Jonesboy\AppData\Local\Temp\7zS51CF\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.2.47157.0.sys [44944 2013-04-10] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-06] (JMicron Technology Corp.)
R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [57072 2010-04-24] (JMicron Technology Corp.)
R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31344 2010-04-24] (JMicron Technology Corp.)
S3 massfilter_lte; C:\windows\system32\drivers\massfilter_lte.sys [18456 2011-08-09] (HandSet Incorporated)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-09-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-07-21] (Sierra Wireless Incorporated) [File not signed]
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-07-21] (Sierra Wireless Inc.) [File not signed]
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [249344 2011-07-21] (Sierra Wireless Inc.) [File not signed]
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [199552 2009-07-22] (Sierra Wireless Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
U0 xgjbae; C:\Windows\System32\drivers\hnnhhmec.sys [79064 2014-09-15] (Malwarebytes Corporation)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
S3 swmsflt; system32\DRIVERS\swmsflt.sys [X]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 21:26 - 2014-09-15 21:27 - 00035571 _____ () C:\Users\Jonesboy\Desktop\FRST.txt
2014-09-15 21:25 - 2014-09-15 21:26 - 00000000 ____D () C:\FRST
2014-09-15 21:25 - 2014-09-15 21:25 - 05185536 _____ (AVAST Software) C:\Users\Jonesboy\Desktop\aswMBR.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 02105856 _____ (Farbar) C:\Users\Jonesboy\Desktop\FRST64.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 00000207 _____ () C:\windows\tweaking.com-regbackup-JONESBOY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-15 21:23 - 2014-09-15 21:23 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\RegBackup
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 21:22 - 2014-09-15 21:22 - 04057608 _____ () C:\Users\Jonesboy\Desktop\tweaking.com_registry_backup_setup.exe
2014-09-15 21:00 - 2014-09-15 21:00 - 00079064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\hnnhhmec.sys
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-15 20:59 - 2014-09-15 21:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-15 20:46 - 2014-09-15 20:49 - 11194928 _____ (SurfRight B.V.) C:\Users\Jonesboy\Downloads\HitmanPro_x64.exe
2014-09-15 20:32 - 2014-09-15 20:32 - 00000056 _____ () C:\windows\setupact.log
2014-09-15 20:32 - 2014-09-15 20:32 - 00000000 _____ () C:\windows\setuperr.log
2014-09-15 19:26 - 2014-09-15 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonesboy\Downloads\revosetup.exe
2014-09-15 19:26 - 2014-09-15 19:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 18:45 - 2014-09-15 18:45 - 00002096 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-09-15 17:02 - 2014-09-15 17:02 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\speed browser
2014-09-15 17:01 - 2014-09-15 17:01 - 01482656 _____ () C:\ProgramData\Setup.exe
2014-09-15 15:32 - 2014-09-15 15:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-14 08:41 - 2014-09-14 08:42 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\CutePDF Writer
2014-09-14 08:32 - 2014-09-14 08:32 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-09-14 08:31 - 2014-09-14 08:32 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup (1).exe
2014-09-14 08:30 - 2014-09-15 19:14 - 00000000 ____D () C:\Program Files\Common Files\PicRec
2014-09-14 08:30 - 2014-09-15 19:03 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-09-14 08:30 - 2014-09-14 08:30 - 03608126 _____ (Word-Pdf-Convert Software, Inc. ) C:\Users\Jonesboy\Downloads\power_word_to_pdf_converter.exe
2014-09-14 08:30 - 2014-08-25 12:14 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\netmon_wfp.sys
2014-09-14 08:29 - 2014-09-15 20:41 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\InstaShare
2014-09-14 08:29 - 2014-09-14 08:29 - 02003352 _____ (Acro Software Inc. ) C:\Users\Jonesboy\Downloads\CuteWriter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 00000000 ____D () C:\ProgramData\myXaturuft
2014-09-14 08:27 - 2014-09-14 08:27 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup.exe
2014-09-13 17:52 - 2014-09-13 18:14 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Systweak
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\Program Files\iTunes
2014-09-13 17:51 - 2014-09-13 17:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-13 17:51 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 15:54 - 2014-08-20 04:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-10 15:54 - 2014-08-20 03:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-10 15:54 - 2014-08-19 09:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-10 15:54 - 2014-08-19 08:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-10 15:54 - 2014-08-19 08:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-10 15:54 - 2014-08-19 08:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-10 15:54 - 2014-08-19 08:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-10 15:54 - 2014-08-19 08:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-10 15:54 - 2014-08-19 08:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-10 15:54 - 2014-08-19 08:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-10 15:54 - 2014-08-19 08:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-10 15:54 - 2014-08-19 08:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-10 15:54 - 2014-08-19 08:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-10 15:54 - 2014-08-19 08:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-10 15:54 - 2014-08-19 08:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-10 15:54 - 2014-08-19 07:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-10 15:54 - 2014-08-19 07:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-10 15:54 - 2014-08-19 07:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-10 15:54 - 2014-08-19 07:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-10 15:54 - 2014-08-19 07:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 15:54 - 2014-08-19 07:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-10 15:54 - 2014-08-19 07:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-10 15:54 - 2014-08-19 07:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-10 15:54 - 2014-08-19 07:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-10 15:54 - 2014-08-19 07:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-10 15:54 - 2014-08-19 07:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-10 15:54 - 2014-08-19 07:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-10 15:54 - 2014-08-19 07:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-10 15:54 - 2014-08-19 07:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-10 15:54 - 2014-08-19 07:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-10 15:54 - 2014-08-19 07:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-10 15:54 - 2014-08-19 07:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-10 15:54 - 2014-08-19 07:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-10 15:54 - 2014-08-19 07:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 15:54 - 2014-08-19 07:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-10 15:54 - 2014-08-19 07:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-10 15:54 - 2014-08-19 07:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-10 15:54 - 2014-08-19 07:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-10 15:54 - 2014-08-19 07:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-10 15:54 - 2014-08-19 06:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-10 15:54 - 2014-08-19 06:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-10 15:53 - 2014-08-19 08:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-10 15:53 - 2014-08-19 08:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-10 15:53 - 2014-08-19 08:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-10 15:53 - 2014-08-19 08:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-10 15:53 - 2014-08-19 07:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-10 15:53 - 2014-08-19 07:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-10 15:53 - 2014-08-19 07:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-10 15:53 - 2014-08-19 07:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-10 15:53 - 2014-08-19 07:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-10 15:53 - 2014-08-19 07:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-10 15:53 - 2014-08-19 06:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-10 15:53 - 2014-08-19 06:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-10 15:53 - 2014-08-19 06:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-10 15:43 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-10 15:43 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 15:41 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-10 15:41 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-09-10 15:41 - 2014-07-07 12:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-10 15:41 - 2014-07-07 12:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-10 15:41 - 2014-07-07 11:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-10 15:41 - 2014-07-07 11:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-10 15:41 - 2014-07-07 11:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-10 15:41 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-10 15:41 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-10 15:40 - 2014-09-05 12:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-10 15:40 - 2014-09-05 12:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 09:13 - 2014-09-04 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-29 12:38 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-29 12:38 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-29 12:38 - 2014-08-23 10:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 01:54 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-22 01:54 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-22 01:54 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-22 01:54 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-22 01:53 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-22 01:53 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-22 01:53 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-22 01:53 - 2014-05-14 12:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-22 01:53 - 2014-05-14 12:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-22 01:53 - 2014-05-14 12:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-22 01:53 - 2014-05-14 12:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-20 01:05 - 2014-08-20 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-18 18:54 - 2014-09-13 17:22 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-15 21:27 - 2014-09-15 21:26 - 00035571 _____ () C:\Users\Jonesboy\Desktop\FRST.txt
2014-09-15 21:26 - 2014-09-15 21:25 - 00000000 ____D () C:\FRST
2014-09-15 21:25 - 2014-09-15 21:25 - 05185536 _____ (AVAST Software) C:\Users\Jonesboy\Desktop\aswMBR.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 02105856 _____ (Farbar) C:\Users\Jonesboy\Desktop\FRST64.exe
2014-09-15 21:24 - 2014-09-15 21:24 - 00000207 _____ () C:\windows\tweaking.com-regbackup-JONESBOY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-09-15 21:23 - 2014-09-15 21:23 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\RegBackup
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-15 21:23 - 2014-09-15 21:23 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-15 21:22 - 2014-09-15 21:22 - 04057608 _____ () C:\Users\Jonesboy\Desktop\tweaking.com_registry_backup_setup.exe
2014-09-15 21:14 - 2014-09-15 20:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-15 21:13 - 2012-02-27 00:51 - 00000000 ____D () C:\Users\Jonesboy\Documents\Outlook Files
2014-09-15 21:09 - 2012-04-22 20:24 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Files
2014-09-15 21:00 - 2014-09-15 21:00 - 00079064 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\hnnhhmec.sys
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-15 21:00 - 2014-09-15 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-15 20:59 - 2013-07-02 18:28 - 00004996 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonesboy-PC-Jonesboy Jonesboy-PC
2014-09-15 20:49 - 2014-09-15 20:46 - 11194928 _____ (SurfRight B.V.) C:\Users\Jonesboy\Downloads\HitmanPro_x64.exe
2014-09-15 20:43 - 2014-05-25 22:18 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 20:43 - 2009-07-14 14:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:43 - 2009-07-14 14:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:41 - 2014-09-14 08:29 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\InstaShare
2014-09-15 20:39 - 2014-05-18 12:32 - 01415212 _____ () C:\windows\WindowsUpdate.log
2014-09-15 20:38 - 2014-06-13 13:55 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\ViberPC
2014-09-15 20:37 - 2012-07-28 18:09 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Deployment
2014-09-15 20:36 - 2014-06-13 13:40 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Viber
2014-09-15 20:36 - 2012-04-02 21:34 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 20:35 - 2013-01-22 11:01 - 00000354 _____ () C:\windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-09-15 20:35 - 2013-01-10 18:25 - 00000342 _____ () C:\windows\Tasks\spmonitor.job
2014-09-15 20:35 - 2013-01-10 18:25 - 00000264 _____ () C:\windows\Tasks\SpeedUpMyPC.job
2014-09-15 20:35 - 2012-02-15 21:17 - 00000902 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 20:35 - 2012-02-15 21:17 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 20:33 - 2009-07-14 15:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-15 20:32 - 2014-09-15 20:32 - 00000056 _____ () C:\windows\setupact.log
2014-09-15 20:32 - 2014-09-15 20:32 - 00000000 _____ () C:\windows\setuperr.log
2014-09-15 19:55 - 2012-02-22 14:09 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-09-15 19:55 - 2011-03-16 04:31 - 00000000 ____D () C:\ProgramData\Temp
2014-09-15 19:53 - 2012-11-22 09:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-15 19:48 - 2012-02-22 17:45 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\PhotoScape
2014-09-15 19:26 - 2014-09-15 19:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonesboy\Downloads\revosetup.exe
2014-09-15 19:26 - 2014-09-15 19:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 19:15 - 2009-07-14 13:20 - 00000000 ____D () C:\windows\IME
2014-09-15 19:14 - 2014-09-14 08:30 - 00000000 ____D () C:\Program Files\Common Files\PicRec
2014-09-15 19:03 - 2014-09-14 08:30 - 00000000 ____D () C:\Program Files (x86)\Acro Software
2014-09-15 18:56 - 2012-06-19 17:53 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Skype
2014-09-15 18:46 - 2012-02-15 00:12 - 00002038 _____ () C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 18:45 - 2014-09-15 18:45 - 00002096 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-09-15 18:45 - 2012-07-07 17:13 - 00002038 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 18:45 - 2012-02-15 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-15 17:02 - 2014-09-15 17:02 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\speed browser
2014-09-15 17:01 - 2014-09-15 17:01 - 01482656 _____ () C:\ProgramData\Setup.exe
2014-09-15 15:32 - 2014-09-15 15:32 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 12:07 - 2012-08-10 15:22 - 00000000 ____D () C:\Program Files (x86)\Hubb Investor
2014-09-15 11:33 - 2012-07-07 21:50 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-14 08:42 - 2014-09-14 08:41 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\CutePDF Writer
2014-09-14 08:32 - 2014-09-14 08:32 - 00000000 ____D () C:\Program Files (x86)\GPLGS
2014-09-14 08:32 - 2014-09-14 08:31 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup (1).exe
2014-09-14 08:30 - 2014-09-14 08:30 - 03608126 _____ (Word-Pdf-Convert Software, Inc. ) C:\Users\Jonesboy\Downloads\power_word_to_pdf_converter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 02003352 _____ (Acro Software Inc. ) C:\Users\Jonesboy\Downloads\CuteWriter.exe
2014-09-14 08:29 - 2014-09-14 08:29 - 00000000 ____D () C:\ProgramData\myXaturuft
2014-09-14 08:27 - 2014-09-14 08:27 - 01212232 _____ () C:\Users\Jonesboy\Downloads\freepowerwordtopdfconverter-setup.exe
2014-09-13 22:10 - 2012-02-23 20:36 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\vlc
2014-09-13 21:39 - 2012-02-19 08:58 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Anti Virus
2014-09-13 21:23 - 2012-03-04 23:33 - 00001999 _____ () C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-09-13 20:49 - 2009-07-14 15:32 - 00000000 ____D () C:\windows\Performance
2014-09-13 18:20 - 2014-03-29 00:37 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Tax Docs
2014-09-13 18:14 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Systweak
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-09-13 17:52 - 2014-09-13 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iTunes
2014-09-13 17:52 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-13 17:51 - 2014-09-13 17:51 - 00000000 ____D () C:\Program Files\iPod
2014-09-13 17:22 - 2014-08-18 18:54 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Adobe
2014-09-11 19:14 - 2009-07-14 13:20 - 00000000 ____D () C:\windows\rescache
2014-09-10 19:36 - 2012-04-02 21:34 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 19:36 - 2012-04-02 21:34 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 19:36 - 2012-03-05 22:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 16:58 - 2012-02-19 08:56 - 00000000 ____D () C:\Users\Jonesboy\AppData\Roaming\Adobe
2014-09-10 15:51 - 2013-07-15 18:18 - 00000000 ____D () C:\windows\system32\MRT
2014-09-10 15:44 - 2012-02-15 16:56 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-10 15:42 - 2014-04-24 19:45 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-08 22:15 - 2012-10-18 22:44 - 00000000 ____D () C:\Users\Jonesboy\Downloads\YTD
2014-09-08 18:41 - 2012-08-10 10:38 - 00000000 ___RD () C:\Users\Jonesboy\SkyDrive
2014-09-08 15:25 - 2009-07-14 15:13 - 00006620 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-05 12:10 - 2014-09-10 15:40 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 12:05 - 2014-09-10 15:40 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-04 09:14 - 2012-06-19 17:53 - 00000000 ____D () C:\ProgramData\Skype
2014-09-04 09:13 - 2014-09-04 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-04 09:13 - 2012-06-19 17:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-31 21:51 - 2014-03-28 23:44 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Pt Cook
2014-08-29 12:54 - 2009-07-14 14:45 - 00437128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-29 10:29 - 2014-06-22 00:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 11:55 - 2012-02-22 17:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 12:14 - 2014-09-14 08:30 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\netmon_wfp.sys
2014-08-23 22:20 - 2013-10-18 01:15 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2014-08-23 22:20 - 2013-10-18 01:15 - 00000000 ____D () C:\Program Files\Java
2014-08-23 22:16 - 2012-03-04 17:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-23 22:14 - 2013-10-01 20:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-23 12:07 - 2014-08-29 12:38 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 11:45 - 2014-08-29 12:38 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 10:59 - 2014-08-29 12:38 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 01:50 - 2012-02-15 21:03 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Apple
2014-08-20 22:02 - 2012-03-05 09:52 - 00000000 ____D () C:\Users\Jonesboy\AppData\Local\Windows Live
2014-08-20 04:05 - 2014-09-10 15:54 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-20 03:39 - 2014-09-10 15:54 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-20 01:05 - 2014-08-20 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-19 22:03 - 2014-01-26 21:30 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Run Swim Ride
2014-08-19 09:01 - 2014-09-10 15:54 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-19 08:29 - 2014-09-10 15:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-19 08:29 - 2014-09-10 15:54 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-19 08:26 - 2014-09-10 15:53 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-19 08:20 - 2014-09-10 15:53 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-19 08:19 - 2014-09-10 15:53 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-19 08:15 - 2014-09-10 15:54 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-19 08:15 - 2014-09-10 15:54 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-19 08:14 - 2014-09-10 15:54 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-19 08:14 - 2014-09-10 15:54 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-19 08:08 - 2014-09-10 15:54 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-19 08:08 - 2014-09-10 15:54 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-19 08:08 - 2014-09-10 15:53 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-19 08:05 - 2014-09-10 15:54 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-19 08:03 - 2014-09-10 15:54 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-19 08:03 - 2014-09-10 15:54 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-19 08:03 - 2014-09-10 15:54 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-19 07:57 - 2014-09-10 15:54 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-19 07:56 - 2014-09-10 15:54 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-19 07:51 - 2014-09-10 15:54 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-19 07:46 - 2014-09-10 15:54 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-19 07:45 - 2014-09-10 15:54 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 07:45 - 2014-09-10 15:54 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-19 07:44 - 2014-09-10 15:54 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-19 07:44 - 2014-09-10 15:54 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-19 07:42 - 2014-09-10 15:53 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-19 07:40 - 2014-09-10 15:54 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-19 07:39 - 2014-09-10 15:54 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-19 07:38 - 2014-09-10 15:54 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-19 07:37 - 2014-09-10 15:54 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-19 07:36 - 2014-09-10 15:54 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-19 07:35 - 2014-09-10 15:54 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-19 07:27 - 2014-09-10 15:54 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-19 07:25 - 2014-09-10 15:54 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-19 07:25 - 2014-09-10 15:54 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-19 07:23 - 2014-09-10 15:54 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-19 07:23 - 2014-09-10 15:53 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-19 07:22 - 2014-09-10 15:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 07:19 - 2014-09-10 15:54 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-19 07:17 - 2014-09-10 15:54 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-19 07:17 - 2014-09-10 15:54 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-19 07:16 - 2014-09-10 15:53 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-19 07:15 - 2014-09-10 15:53 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-19 07:15 - 2014-09-10 15:53 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-19 07:09 - 2014-09-10 15:54 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-19 07:08 - 2014-09-10 15:53 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-19 07:07 - 2014-09-10 15:54 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-19 06:55 - 2014-09-10 15:53 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-19 06:46 - 2014-09-10 15:53 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-19 06:38 - 2014-09-10 15:54 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-19 06:38 - 2014-09-10 15:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-19 06:36 - 2014-09-10 15:54 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-18 00:39 - 2014-07-12 18:14 - 00000000 ___RD () C:\Users\Jonesboy\Desktop\Go Pro
Files to move or delete:
====================
C:\ProgramData\Setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-07 22:57
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-15 21:27:37
Running from C:\Users\Jonesboy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AceBackup 3 (HKLM-x32\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{26D103BC-A153-B74C-CA98-8F0A66EF6041}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AX88772A & AX88772 Vista 64-bit Driver (HKLM-x32\...\InstallShield_{663451CD-7556-46FF-9EDA-45A50AEA658C}) (Version: 3.10.234.13 - ASIX Electronics Corporation)
AX88772A & AX88772 Vista 64-bit Driver (x32 Version: 3.10.234.13 - ASIX Electronics Corporation) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
Business Contact Manager for Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.52.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.3.1 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0727.2126.36625 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help English (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help French (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help German (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
ccc-utility64 (Version: 2010.0727.2126.36625 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2603 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2603 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{A0A51EB5-5C6C-4588-816A-D6990B79F298}) (Version: 7.2.47157.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{B76E347A-DFF5-4CD7-88D5-7F947BC75D41}) (Version: 7.0.43577.0 - DisplayLink Corp.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
dynadock Utility_II (HKLM\...\{F6D91449-5BB1-4F5D-9565-CA1E7EB961CD}) (Version: 2.1.1.0.64 - TOSHIBA Corporation)
Elevated Installer (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.2.2 - Lenovo)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
FileHippo Update Checker Packages (HKCU\...\FileHippo Update Checker Packages) (Version: - ) <==== ATTENTION
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
Full DVD Ripper 9 Free (HKLM-x32\...\{DA5931FD-7F75-49CA-A405-85D230DE29D8}_is1) (Version: - Full DVD Studio)
Garmin BaseCamp (HKLM-x32\...\{F487FEEC-AE9F-4E68-82F2-300F49A8C435}) (Version: 4.2.2 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{ac22014a-a254-43b9-9cc0-e87cf9c7e18a}) (Version: 3.2.13.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.13.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GDR 5520 for SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Hubb Investor (HKLM-x32\...\Hubb Investor) (Version: - )
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.4.6 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.6 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2400 - Broadcom Corporation)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{F5608FF7-17C0-440A-80C7-29C48363BD87}) (Version: 1.0.9.4 - Suyin Optronics Corp.)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo MuteSync (HKLM-x32\...\InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}) (Version: 1.0.0.2 - Lenovo)
Lenovo MuteSync (x32 Version: 1.0.0.2 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo SlideNav (HKLM-x32\...\Lenovo SlideNav2) (Version: 2.0.1230.0003 - Lenovo)
Lenovo SplitScreen (HKLM-x32\...\Lenovo SplitScreen) (Version: 1.00.1823.0001 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{5D60AB1A-2409-4829-83D4-0972856D885A}) (Version: 10.3.5520.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
More Add-in (HKLM-x32\...\{F522CEC8-CBF8-4733-9344-563D322E25E1}) (Version: 4.2.0 - MoreAddin)
Moveslink2 (HKCU\...\ad9740b1426036fe) (Version: 1.2.9.4693 - Suunto)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.6 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.6 - Lenovo) Hidden
Optus Mobile Broadband (HKLM-x32\...\Optus Mobile Broadband) (Version: 16.002.10.01.432 - Huawei Technologies Co.,Ltd)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 2.24 - NCH Software)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.6903 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6265 - Realtek Semiconductor Corp.)
ReconUplink (HKLM-x32\...\{D2EBF10F-4746-4994-BF85-5964ED9AB9A5}) (Version: 1.0.2.1 - Recon Instruments)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Downloader Free (HKLM-x32\...\Star Downloader Free) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.20.53 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TOSHIBA dynadock (HKLM\...\{3933FB5F-85F6-4D24-A663-0D376CA05D90}) (Version: 4.5.14974.0 - TOSHIBA Corporation)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
USB Multi-Channel Audio Device (HKLM-x32\...\Generic USB 106 Sound) (Version: - )
Viber (HKCU\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3601747211-198960775-3737481478-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonesboy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-09-2014 00:12:31 Windows Update
07-09-2014 11:21:30 Windows Update
08-09-2014 11:11:51 Installed Samsung Kies3
10-09-2014 05:42:19 Windows Update
14-09-2014 07:02:39 Windows Update
15-09-2014 08:46:31 Removed PicRec (x86)
15-09-2014 08:48:21 Removed PicRec (x86)
15-09-2014 09:28:01 Revo Uninstaller's restore point - InstaShare
15-09-2014 09:49:20 Revo Uninstaller's restore point - Bing Desktop
15-09-2014 11:13:34 Checkpoint by HitmanPro
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 12:34 - 2014-09-15 21:08 - 00450770 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com (http://www.007guard.com)
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com (http://www.008k.com)
127.0.0.1 008k.com
127.0.0.1 www.00hq.com (http://www.00hq.com)
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com (http://www.032439.com)
127.0.0.1 032439.com
127.0.0.1 www.0scan.com (http://www.0scan.com)
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com (http://www.1000gratisproben.com)
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com (http://www.1001namen.com)
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com (http://www.100888290cs.com)
127.0.0.1 www.100sexlinks.com (http://www.100sexlinks.com)
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com (http://www.10sek.com)
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com (http://www.1-2005-search.com)
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info (http://www.123fporn.info)
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com (http://www.123haustiereundmehr.com)
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E565558-BC0D-4DA0-AD83-1F6E717DAC64} - System32\Tasks\{8653835D-03A1-4CC8-909A-285E036CB7AD} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=0
Task: {24A6AB29-40C9-40A1-8FEE-389792A623C4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2E2818CD-D83C-47C2-BEFE-6DBFACC268ED} - System32\Tasks\SpeedUpMyPC => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: {2EBD4A33-07B1-41EC-A28F-79ED90CB1848} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-10] ()
Task: {345CC3E1-A5D3-4F6F-A4A4-70BC03338845} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {3CA9C9C8-8A3E-4BA5-B121-B596EE02C559} - System32\Tasks\{4D9FBE05-3A90-4892-A19A-CEF2CED8137F} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {453218D4-6179-4C01-8C1B-4AFF7774811E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Jonesboy-PC-Jonesboy Jonesboy-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-27] (Microsoft Corporation)
Task: {49399536-52DB-486E-AF9C-41E909330979} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-27] (Microsoft Corporation)
Task: {4D20A384-F7F7-4028-B7D5-D4FA2C72242B} - System32\Tasks\{4109FCE8-B55C-4BD3-9B73-CD0BF3B4C7D6} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {5F3EBEE2-5768-4836-8667-DD87DA02646B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {615899FB-6231-44E4-8883-FC4FD8B31CBB} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {672D6D2C-0BA4-4A6C-8EE2-018289B8602C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {68D0EB38-394E-4C96-B903-575D24E114AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6A1803A4-EB8A-49F3-A864-F35B32CD8201} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {7D96CFB1-CBDA-49E0-801C-58D922F2F1DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {7DBB66B2-B6BC-4792-9D06-49441D499C16} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {7E7B4D0B-B2EC-4AE4-AE60-4196E6847FD4} - System32\Tasks\{5C69CC98-2842-4857-B783-164F24FC0344} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {81754E45-FFF8-4866-9A32-B2FDA551E27D} - System32\Tasks\{E90617FB-07C0-4AB6-9D0E-10E6146971EE} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {9760B92A-420C-48CA-B7B9-54074AE48896} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-27] (Microsoft Corporation)
Task: {9E1E0B6F-CE97-4D06-9DE1-FBA233A528C3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {A5CA1764-E513-408D-A3E4-F93809AE8189} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AE2A720F-EE38-4928-82F0-852934809CB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {BC042629-8A25-4F0F-BD78-CBC955EDC851} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C85C4CA9-A503-4158-88E9-0D58220FF9A8} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {F89B0AAF-30A9-477D-AE3A-E08EAA057CED} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: {FEAFB85C-231B-4DFF-B67B-28050E562C09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BCK1 7 July 2013.job => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: C:\windows\Tasks\BCK2 13 07 13.job => C:\Program Files (x86)\AceBIT\AceBackup 3\AceBackup.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\windows\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
==================== Loaded Modules (whitelisted) =============
2014-06-22 00:30 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-08-19 18:52 - 2010-08-19 18:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2010-10-19 00:50 - 2010-10-19 00:50 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-10-19 00:52 - 2010-10-19 00:52 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2014-08-27 10:48 - 2014-08-27 10:48 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-16 10:43 - 2012-03-31 23:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2011-03-16 04:44 - 2009-07-16 01:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-03-16 04:44 - 2009-07-16 01:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2011-03-16 04:28 - 2011-03-16 04:28 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2014-06-13 13:55 - 2014-06-10 14:25 - 00936656 _____ () C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe
2012-03-04 09:58 - 2008-05-20 20:18 - 00221184 _____ () C:\windows\system\Cm106eye.exe
2010-08-26 23:47 - 2010-08-26 23:47 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-28 06:25 - 2010-07-28 06:25 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-15 20:36 - 2014-09-15 20:36 - 01389936 _____ () C:\ProgramData\myXaturuft\dat\cHmAzL.dll
2014-06-14 13:50 - 2006-02-25 19:02 - 01785344 _____ () C:\Program Files (x86)\Star Downloader\stardown.exe
2014-07-04 18:20 - 2014-07-04 18:20 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-15 11:33 - 2014-09-15 11:33 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091401\algo.dll
2014-01-20 12:17 - 2014-01-20 12:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 12:16 - 2014-01-20 12:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-04 19:40 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-04 19:40 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-04 19:40 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-04 19:40 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-04 19:40 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-27 10:48 - 2014-08-27 10:48 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2010-10-19 00:46 - 2010-10-19 00:46 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-10-19 00:49 - 2010-10-19 00:49 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 22593536 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libViber.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00737280 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libGLESv2.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00098304 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\qfacebook.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00049152 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\libEGL.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00860160 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\platforms\qwindows.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00024576 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qgif.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00024576 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qico.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00204800 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qjpeg.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00221184 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qmng.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qsvg.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qtga.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00311296 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qtiff.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00016384 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\imageformats\qwbmp.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00622592 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\sqldrivers\qsqlite.dll
2014-08-01 09:56 - 2014-08-01 09:56 - 00032768 _____ () C:\Users\Jonesboy\AppData\Local\Viber\4.2.2.6\iconengines\qsvgicon.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-09-04 09:12 - 2014-09-04 09:12 - 07248384 _____ () C:\Users\Jonesboy\AppData\Local\Apps\2.0\J3GJB57M.PLP\OXTB5DWT.DJK\move..tion_3ccae3cb2a36e2f5_0001.0002_a975bf06beb701f6\BLLWrapper.DLL
2012-03-04 09:58 - 2006-09-13 15:08 - 00491520 _____ () C:\windows\system\CmAu106.dll
2014-07-04 18:20 - 2014-07-04 18:20 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-22 00:32 - 2014-06-22 00:32 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2012-09-24 13:19 - 2011-05-27 10:17 - 01372160 ____N () C:\Program Files (x86)\Infotriever\Agent\ifboutlook.dll
2014-08-27 10:44 - 2014-08-27 10:47 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-06-14 13:50 - 2006-02-26 17:44 - 00135680 _____ () C:\Program Files (x86)\Star Downloader\SDIEInt.dll
2014-09-15 20:36 - 2014-09-15 20:36 - 01186160 _____ () C:\ProgramData\myXaturuft\dat\czsVqsmU.dll
2014-06-14 13:50 - 2004-02-18 02:05 - 00133632 _____ () C:\Program Files (x86)\Star Downloader\SDIE55Int.dll
2014-06-14 13:50 - 2004-02-04 22:53 - 00139264 _____ () C:\Program Files (x86)\Star Downloader\NSHelper.dll
2014-06-14 13:50 - 2004-02-04 22:53 - 00032768 _____ () C:\Program Files (x86)\Star Downloader\SDExt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^My Place.lnk => C:\windows\pss\My Place.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jonesboy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7A6E0EABF593F225B7774D26E405CDFD => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Moveslink2 => C:\Users\Jonesboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: ooVoo.exe => C:\program files (x86)\oovoo\oovoo.exe /minimized
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Jonesboy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: TosDockApp => C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
MSCONFIG\startupreg: TRUUpdater => "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: Viber => "C:\Users\Jonesboy\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: YouCam Mirror Tray icon => "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2014 08:36:28 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 07:39:24 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 07:36:58 PM) (Source: Garmin Core Update Service) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (09/15/2014 07:21:18 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 06:57:36 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/15/2014 06:47:14 PM) (Source: MsiInstaller) (EventID: 11001) (User: Jonesboy-PC)
Description: Product: PicRec (x86) -- Error 1001. Error 1001. An exception occurred while uninstalling. This exception will be ignored and the uninstall will continue. However, the application might not be fully uninstalled after the uninstall is complete. --> You canceled uninstallation(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:29:24 AM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
Error: (09/14/2014 07:20:20 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: The log scan number (88:224:1) passed to log scan in database 'model' is not valid. This error may indicate data corruption or that the log file (.ldf) does not match the data file (.mdf). If this error occurred during replication, re-create the publication. Otherwise, restore from backup if the problem results in a failure during startup.
System errors:
=============
Error: (09/15/2014 08:37:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (09/15/2014 08:36:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The SQL Server (MSSMLBIZ) service terminated with service-specific error %%3414.
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Error: (09/15/2014 08:35:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinPcap Packet Driver (NPF) service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (09/15/2014 08:36:28 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 07:39:24 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 07:36:58 PM) (Source: Garmin Core Update Service) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller
Error: (09/15/2014 07:21:18 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 06:57:36 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/15/2014 06:47:14 PM) (Source: MsiInstaller) (EventID: 11001) (User: Jonesboy-PC)
Description: Product: PicRec (x86) -- Error 1001. Error 1001. An exception occurred while uninstalling. This exception will be ignored and the uninstall will continue. However, the application might not be fully uninstalled after the uninstall is complete. --> You canceled uninstallation(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:30:02 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {82ED58B3-5340-48CA-8A49-0E4BDD929648}
Error: (09/15/2014 11:29:24 AM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
Error: (09/14/2014 07:20:20 PM) (Source: MSSQL$MSSMLBIZ) (EventID: 9003) (User: )
Description: (88:224:1)model
CodeIntegrity Errors:
===================================
Date: 2014-09-15 20:37:19.315
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:37:18.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:37:02.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 20:36:59.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:39:15.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:39:15.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:38:50.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:38:49.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:21:22.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-15 19:21:20.377
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 8172.58 MB
Available physical RAM: 4387.63 MB
Total Pagefile: 16343.34 MB
Available Pagefile: 11812.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive b: () (RAMDisk) (Total:653 GB) (Free:56.16 GB) NTFS
Drive c: () (Fixed) (Total:653 GB) (Free:55.33 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:30.69 GB) (Free:28.52 GB) NTFS
Drive e: (Seagate Expansion Drive) (Fixed) (Total:2794.51 GB) (Free:2140.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5EE4C6C4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=653 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End Of Log ============================
Finally got the aswMBR log. attached.
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-09-15 22:03:20
-----------------------------
22:03:20.698 OS Version: Windows x64 6.1.7601 Service Pack 1
22:03:20.698 Number of processors: 8 586 0x2A07
22:03:20.699 ComputerName: JONESBOY-PC UserName: Jonesboy
22:03:22.375 Initialize success
22:03:22.376 VM: initialized successfully
22:03:22.392 VM: Intel CPU supported
22:03:24.327 VM: supported disk I/O iaStor.sys
22:03:27.182 AVAST engine defs: 14091401
22:03:32.522 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:03:32.529 Disk 0 Vendor: WDC_WD75 02.0 Size: 715404MB BusType: 3
22:03:32.777 Disk 0 MBR read successfully
22:03:32.781 Disk 0 MBR scan
22:03:32.784 Disk 0 Windows 7 default MBR code
22:03:32.798 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
22:03:32.813 Disk 0 default boot code
22:03:32.818 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 668670 MB offset 411648
22:03:32.822 Disk 0 Partition - 00 0F Extended LBA 31425 MB offset 1369847808
22:03:32.859 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 1434206208
22:03:32.923 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31424 MB offset 1369849856
22:03:33.189 Disk 0 scanning C:\windows\system32\drivers
22:03:51.859 Service scanning
22:04:21.789 Modules scanning
22:04:21.805 Disk 0 trace - called modules:
22:04:21.835 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:04:21.847 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c6c790]
22:04:21.860 3 CLASSPNP.SYS[fffff88000dbf43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800765c050]
22:04:23.599 AVAST engine scan C:\windows
22:04:30.055 AVAST engine scan C:\windows\system32
22:08:25.063 AVAST engine scan C:\windows\system32\drivers
22:08:43.897 AVAST engine scan C:\Users\Jonesboy
22:45:56.956 AVAST engine scan C:\ProgramData
22:55:26.997 Scan finished successfully
22:57:45.747 Disk 0 MBR has been saved successfully to "C:\Users\Jonesboy\Desktop\MBR.dat"
22:57:45.752 The log file has been saved successfully to "C:\Users\Jonesboy\Desktop\aswMBR 1.txt"