spyCype
2015-01-15, 06:36
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by cp2012 (administrator) on CP2012-HP on 13-01-2015 11:12:33
Running from C:\Users\cp2012\Downloads
Loaded Profile: cp2012 (Available profiles: cp2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\Content Manager\CmTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [My Scrap Nook Home Page Guard 64 bit] => "C:\PROGRA~2\MYSCRA~2\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrowserSafeguard] => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2226704 2013-03-07] (Research In Motion Limited)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-18\...\Run: [ISUSPM] => -scheduler
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk -> C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-4211978626-972589915-279576106-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/19
URLSearchHook: HKU\S-1-5-21-4211978626-972589915-279576106-1000 - (No Name) - {f9bbf004-6e40-4019-8214-c43a37e1d058} - No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: BuzzSocialPoints_IE -> {1A917769-FBA3-4273-AA4C-F852D116854B} -> C:\Program Files (x86)\BuzzSocialPoints_IE\ScriptHost.dll (BuzzSocialPoints)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> No Name - {F9BBF004-6E40-4019-8214-C43A37E1D058} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\cp2012\AppData\Roaming\Mozilla\Firefox\Profiles\6od7941t.default-1401247939329
FF DefaultSearchEngine: Yahoo
FF Homepage: https://www.google.ca/
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll (VideoDownloadConverter)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @MyScrapNook_12.com/Plugin -> C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\NP12Stub.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4211978626-972589915-279576106-1000: @citrixonline.com/appdetectorplugin -> C:\Users\cp2012\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial@buzzsocialpoints.com.xpi [2014-12-02]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [12ffxtbr@MyScrapNook_12.com] - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2014-06-17]
CHR Extension: (ssaviunshop) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\engcbimikaophbklhcmhffjclkmggmco [2014-06-17]
CHR Extension: (Buzz Social Points) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikoeigmfnoggdlhnobkbbbkohiahbko [2014-03-07]
CHR Extension: (Google Wallet) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - C:\Users\cp2012\AppData\Local\CRE\fdepacjoijebcfaaenjicnejghibmebp.crx [Not Found]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - C:\Users\cp2012\AppData\Local\CRE\fdepacjoijebcfaaenjicnejghibmebp.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-16] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 64af91bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\fastan~1\FastAndSafeSvc.dll",service
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S2 MyScrapNook_12Service; C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe [X]
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]
S2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=CDDCF87A-3EAD-40C4-8099-34C6869D3E9D [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-12] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [63904 2013-10-10] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 11:12 - 2015-01-13 11:12 - 00027880 _____ () C:\Users\cp2012\Downloads\FRST.txt
2015-01-13 11:10 - 2015-01-13 11:12 - 00000000 ____D () C:\FRST
2015-01-13 11:10 - 2015-01-13 11:10 - 02124288 _____ (Farbar) C:\Users\cp2012\Downloads\FRST64.exe
2015-01-13 11:10 - 2015-01-13 11:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CP2012-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-13 11:09 - 2015-01-13 11:09 - 00000000 ____D () C:\Users\cp2012\CP2012-HP
2015-01-13 11:06 - 2015-01-13 11:06 - 00002237 _____ () C:\Users\cp2012\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-13 11:05 - 2015-01-13 11:05 - 04215584 _____ () C:\Users\cp2012\Downloads\tweaking.com_registry_backup_setup.exe
2015-01-13 10:34 - 2015-01-13 10:34 - 01054912 _____ (Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2015-01-12 12:52 - 2015-01-12 12:52 - 00153894 _____ () C:\Users\cp2012\Desktop\Copy of Squirt Calender 2015 --Schram.xlsx
2015-01-11 21:36 - 2015-01-11 21:36 - 00029660 _____ () C:\Users\cp2012\Downloads\perimeter_all.pl
2015-01-11 21:35 - 2015-01-11 21:35 - 00020785 _____ () C:\Users\cp2012\Downloads\perimeter_formula.pl
2015-01-11 21:24 - 2015-01-11 21:24 - 00087482 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(3).pl
2015-01-11 21:24 - 2015-01-11 21:24 - 00087481 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(2).pl
2015-01-11 21:21 - 2015-01-11 21:21 - 00087527 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(1).pl
2015-01-11 21:19 - 2015-01-11 21:19 - 00016572 _____ () C:\Users\cp2012\Downloads\measurement_general_conversions.pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080536 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(6).pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080532 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(8).pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080532 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(7).pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073853 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler(2).pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073851 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler.pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073850 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler(1).pl
2015-01-11 17:36 - 2015-01-11 17:36 - 00046402 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(4).pl
2015-01-11 17:36 - 2015-01-11 17:36 - 00046400 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(5).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046404 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(1).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046402 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(3).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046365 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(2).pl
2015-01-11 17:33 - 2015-01-11 17:33 - 00046404 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler.pl
2015-01-11 17:03 - 2015-01-11 17:03 - 00015077 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters.pl
2015-01-04 18:55 - 2015-01-04 18:55 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{58CB7BC8-BE4D-4FEC-9F6A-626FB3D26867}
2015-01-03 18:38 - 2015-01-03 18:38 - 00845200 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup(2).exe
2015-01-03 18:36 - 2015-01-03 18:36 - 00845200 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup(1).exe
2015-01-03 18:23 - 2015-01-03 18:23 - 00845936 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup.exe
2015-01-03 18:13 - 2015-01-03 18:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-03 17:30 - 2015-01-03 18:02 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Anvsoft
2015-01-03 17:30 - 2015-01-03 17:30 - 00000000 ____D () C:\Users\cp2012\Documents\Any Video Converter
2015-01-03 17:29 - 2015-01-03 17:29 - 33259320 _____ (Any-Video-Converter.com ) C:\Users\cp2012\Downloads\avc-setup-5.7.6(1).exe
2015-01-03 17:26 - 2015-01-03 17:26 - 00231808 _____ () C:\Users\cp2012\Downloads\avc-setup-5.7.6.exe
2015-01-03 17:10 - 2015-01-03 17:10 - 02520172 _____ () C:\Users\cp2012\Desktop\JakeVideo-1Dec2015ppm.ppm
2015-01-03 16:44 - 2015-01-03 16:45 - 19512268 _____ () C:\Users\cp2012\Downloads\JakeVideo-2Dec2015.odp
2015-01-03 16:43 - 2015-01-03 16:43 - 00082064 _____ () C:\Users\cp2012\Downloads\JakeVideo-1Dec2015.odp
2015-01-03 12:30 - 2015-01-03 12:30 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{1C089E9D-7007-4EC5-9D49-21963C2757BB}
2015-01-01 18:11 - 2015-01-01 18:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-01 16:35 - 2015-01-01 16:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{435521AF-8D70-4E44-AACE-A3E9AB5649B6}
2015-01-01 15:57 - 2015-01-01 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{3E8C26CD-031F-4513-A7B4-8A98466E29FF}
2015-01-01 15:46 - 2015-01-01 15:46 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{CA0F3A17-386A-4A4C-AE4B-E54A130C37BB}
2015-01-01 15:44 - 2015-01-01 15:44 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{DC630131-EA2C-4047-A99C-6BC1E877233E}
2014-12-27 22:22 - 2014-12-27 22:22 - 00803392 _____ ( ) C:\Users\cp2012\Downloads\FlvPlayerSetup.exe
2014-12-20 15:10 - 2014-12-20 15:10 - 00000000 ____D () C:\Users\cp2012\Downloads\New folder
2014-12-18 09:53 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:53 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 12:16 - 2014-12-15 12:16 - 00098821 _____ () C:\Users\cp2012\Downloads\ACFrOgCVp1ZQNc9rhiW4tBfch7s-pAz35RCueRIE5AQF0gIkAXdEu5TTyVlrFN8GPOuFi7x6IXfjUtSG9mtO97I1QvXHiDlULWLq5BUQ5VGegSsahbVIa65YWLi1jFI=
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 11:09 - 2012-07-05 22:11 - 00000000 ____D () C:\Users\cp2012
2015-01-13 10:57 - 2012-08-27 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 10:52 - 2012-07-14 02:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-13 10:43 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-13 10:43 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-13 10:40 - 2012-07-05 22:09 - 01505835 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 10:38 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 10:32 - 2012-04-12 16:43 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-13 10:31 - 2012-08-27 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 10:31 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-13 10:31 - 2009-07-13 23:51 - 00087625 _____ () C:\Windows\setupact.log
2015-01-13 08:35 - 2012-09-13 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-12 15:34 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\Cy
2015-01-12 12:51 - 2012-07-09 08:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\CrashDumps
2015-01-12 11:12 - 2012-11-28 14:49 - 00000000 ____D () C:\Users\cp2012\Desktop\a-Jake
2015-01-12 11:11 - 2012-08-03 08:48 - 00127776 _____ () C:\Users\cp2012\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-12 10:57 - 2012-07-05 22:19 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F7652-FBD3-4B12-89F2-B7F72B5A1255}
2015-01-12 08:42 - 2012-07-05 22:20 - 00000000 ____D () C:\Users\cp2012\AppData\Local\PDFC
2015-01-11 17:40 - 2012-12-05 08:39 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForcp2012.job
2015-01-09 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 15:44 - 2012-12-05 08:39 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForcp2012
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 18:27 - 2012-07-20 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\SoftGrid Client
2015-01-03 18:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Resources
2015-01-03 17:10 - 2013-10-04 12:31 - 00792064 ___SH () C:\Users\cp2012\Desktop\Thumbs.db
2015-01-03 16:44 - 2012-12-07 18:54 - 00012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 15:42 - 2012-07-10 13:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-02 15:41 - 2012-07-21 18:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-01 19:47 - 2014-08-19 22:31 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Adobe
2015-01-01 18:07 - 2010-11-20 22:47 - 02255808 _____ () C:\Windows\PFRO.log
2015-01-01 18:07 - 2009-07-14 00:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-30 10:22 - 2014-10-13 10:32 - 00032012 _____ () C:\Users\cp2012\Desktop\InsuranceComparison.ods
2014-12-28 19:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-26 07:56 - 2014-04-08 11:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-17 08:55 - 2013-12-03 19:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-15 16:41 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\b-Moira
2014-12-14 20:29 - 2014-03-23 21:24 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Windows Live
Some content of TEMP:
====================
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmjgczm.dll
C:\Users\cp2012\AppData\Local\Temp\_isF620.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 21:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by cp2012 at 2015-01-13 11:13:08
Running from C:\Users\cp2012\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BlackBerry Backup Extractor (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\BlackBerry Backup Extractor) (Version: 1.1.6.0 - Reincubate Ltd)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.40 - Research In Motion Ltd.)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.40 - Research In Motion Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BuzzSocialPoints version 1.0 (HKLM-x32\...\BuzzSocialPoints_is1) (Version: 1.0 - BuzzSocialPoints)
BuzzSocialPoints_IE (HKLM-x32\...\BuzzSocialPoints_IE) (Version: 1.0.0.0 - BuzzSocialPoints)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{A4B72B94-7745-4CA8-A4D6-D8AC2442451C}) (Version: 1.0.153 - Citrix)
Coby Media Manager (HKLM-x32\...\{D7F70937-6EC3-4129-8089-4974C5873C99}) (Version: 1.0.6316 - Coby)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.57 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4601.54 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyBar 1.19 Toolbar for IE (HKLM-x32\...\IECT3308528) (Version: 6.16.2.2 - KeyBar 1.19)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LibreOffice 4.2 Help Pack (English (United States)) (HKLM-x32\...\{9B197B38-038D-47B5-9572-AE07E34F6AD0}) (Version: 4.2.2.1 - The Document Foundation)
LibreOffice 4.3.0.4 (HKLM-x32\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Musicnotes Player V1.40.3 and Viewer V1.20.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.40.3 - Musicnotes Inc.)
My Scrap Nook Toolbar (HKLM-x32\...\MyScrapNook_12bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Spelling Bee Coaching Application [Junior] version 1.0 (HKLM-x32\...\{006B99DB-5711-4B22-9FA9-49CE16516FF7}_is1) (Version: 1.0 - Spelling Bee of Canada (c))
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Swirlz Toolbar for IE (HKLM-x32\...\IECT3309759) (Version: 6.17.2.8 - Swirlz)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: v10 - Vistumbler.net)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.49 - Creative Island Media, LLC) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
YouTube Downloader 5 (HKLM-x32\...\YouTube Downloader_is1) (Version: - Kotato)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\cp2012\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-12-2014 19:07:59 Windows Backup
30-12-2014 08:50:07 Windows Update
04-01-2015 19:13:43 Windows Backup
06-01-2015 07:16:17 Windows Update
09-01-2015 13:49:43 Windows Update
11-01-2015 19:13:38 Windows Backup
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2013-12-03 19:32 - 00450639 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04B40466-A83B-48DD-ABF0-E884AF6AB760} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0A84E25F-2928-4B7F-B440-A19C2A799A99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {0E22359C-36A6-498E-8F4D-B8ECD8D0F04D} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe [2012-11-05] ( ) <==== ATTENTION
Task: {14BB80B3-9E64-4B8B-9C80-AB4AB2956113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1A3D80A5-41DE-46B7-9A79-29A4B1CAFB29} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {1DE9B808-E427-47DF-B7C5-E6799D5DA5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27] (Google Inc.)
Task: {218FA806-3B4E-40CB-BD51-494ED94FA0FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {21A64FF2-06CE-4D84-A656-7B1B266A5D69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2326134B-8B45-4C65-A5D2-E316B50A0384} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {2808B6C6-58A6-4D37-B9BA-76FF0981F5F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {298E465E-6D69-45F5-9FA9-EB3F7A85E2EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27] (Google Inc.)
Task: {2B0BD62E-A58F-4331-98DA-08C7AEF76192} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {3D8A1A9F-F454-4604-8834-E461639A0498} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {3EC402B2-D42F-4E62-AA62-1FD00616E964} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {40752DD2-118B-4B0B-BB9F-49F16D6911CF} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe [2012-11-05] ( ) <==== ATTENTION
Task: {42222E2B-8A2A-4AB5-9221-15A14643AADE} - System32\Tasks\{6715E06D-2610-4E87-B690-CA21DD025FB6} => pcalua.exe -a C:\Users\cp2012\Downloads\DownloadManagerSetup.exe -d C:\Users\cp2012\Downloads
Task: {444AECE7-7AB0-4548-91A7-87767DA2E777} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {5880B376-8ECF-4909-8F16-3BB4BE619EFB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {5BA387EC-E985-40BE-9E92-CF40FADA502E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {627975E2-ADC6-4662-92E0-C3EA5BB38A97} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {73B6BE67-96B8-4878-A71C-6A5973DD2EC5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {79FFC635-7EE9-4628-94FA-231CC40763CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {8233B035-E223-4FB3-A492-7B5D0B406D61} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {9AACBEC8-5F89-4AFD-872B-372F6A23BA39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A3753A57-6BCA-4C45-A2E4-3A0A77243E22} - System32\Tasks\Real Player online update program => c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-08-16] (RealNetworks, Inc.)
Task: {BE759176-BFC5-4C26-BFCA-6B6ACB2893BB} - System32\Tasks\HPCeeScheduleForcp2012 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BFFB2D5E-C9AD-4AB9-A736-DF3BABB44B70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {C138DB40-3BE9-4F1D-A40D-0227528C9C7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D2BF1199-5E2E-4EEC-8557-F2144AA95564} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {D3FB6106-C888-4474-B3E1-2E1BD076DA62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {EE3F8FA3-32AB-476C-B110-0204E17FAC18} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {F6B2CA0A-530B-42F6-92BE-9A2C74921726} - System32\Tasks\{6B3C84A2-2864-4121-A375-4CF1256FEB48} => pcalua.exe -a "C:\Program Files (x86)\LibreOffice 4\program\scalc.exe" -c -o "C:\Users\cp2012\Desktop\Tball2014\T-ball 2014.ods"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForcp2012.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2014-11-23 08:32 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-08 11:26 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 04:04 - 2014-07-30 04:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-04-12 16:21 - 2011-09-19 02:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-09 22:54 - 2012-12-06 09:09 - 07375360 _____ () C:\Program Files (x86)\Content Manager\CmTray.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-27 15:00 - 2014-08-16 11:01 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-01 01:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-03 19:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-06 20:14 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-03 19:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-03 19:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2015-01-13 10:33 - 2015-01-13 10:33 - 00043008 _____ () c:\users\cp2012\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmjgczm.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\libcef.dll
2014-12-02 00:09 - 2014-12-02 00:09 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-23 08:30 - 2014-11-23 08:30 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-04-09 22:54 - 2009-01-10 17:32 - 00011362 _____ () C:\Program Files (x86)\Content Manager\mingwm10.dll
2014-04-09 22:54 - 2009-06-23 01:42 - 00043008 _____ () C:\Program Files (x86)\Content Manager\libgcc_s_dw2-1.dll
2014-04-09 22:54 - 2012-01-06 13:53 - 02556416 _____ () C:\Program Files (x86)\Content Manager\QtCore4.dll
2014-04-09 22:54 - 2011-09-01 21:23 - 09933824 _____ () C:\Program Files (x86)\Content Manager\QtGui4.dll
2014-04-09 22:54 - 2011-09-01 20:53 - 01215488 _____ () C:\Program Files (x86)\Content Manager\QtNetwork4.dll
2014-04-09 22:54 - 2011-09-01 20:53 - 00271872 _____ () C:\Program Files (x86)\Content Manager\QtSql4.dll
2014-04-09 22:54 - 2011-09-01 20:49 - 00399360 _____ () C:\Program Files (x86)\Content Manager\QtXml4.dll
2014-04-09 22:54 - 2011-09-02 00:48 - 00478720 _____ () C:\Program Files (x86)\Content Manager\Plugins\sqldrivers\qsqlite4.dll
2013-08-02 21:16 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4211978626-972589915-279576106-500 - Administrator - Disabled)
cp2012 (S-1-5-21-4211978626-972589915-279576106-1000 - Administrator - Enabled) => C:\Users\cp2012
Guest (S-1-5-21-4211978626-972589915-279576106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4211978626-972589915-279576106-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/13/2015 07:58:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/12/2015 11:40:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/12/2015 01:57:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003ada40
Faulting process id: 0x1270
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (01/12/2015 00:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDOnAccess.exe, version: 2.2.25.4, time stamp: 0x525be485
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1d84
Faulting application start time: 0xSDOnAccess.exe0
Faulting application path: SDOnAccess.exe1
Faulting module path: SDOnAccess.exe2
Report Id: SDOnAccess.exe3
Error: (01/12/2015 00:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDOnAccess.exe, version: 2.2.25.4, time stamp: 0x525be485
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x3b24
Faulting application start time: 0xSDOnAccess.exe0
Faulting application path: SDOnAccess.exe1
Faulting module path: SDOnAccess.exe2
Report Id: SDOnAccess.exe3
Error: (01/12/2015 00:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x005fd91c
Faulting process id: 0x40c0
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (01/12/2015 00:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002ed7b4
Faulting process id: 0x41fc
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
System errors:
=============
Error: (01/13/2015 10:38:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vxlsnyaiet64 service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.0.5 service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The My Scrap NookService service failed to start due to the following error:
%%2
Error: (01/13/2015 10:31:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Fast And Safe service to connect.
Error: (01/13/2015 10:31:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:49:12 AM on 13/01/2015 was unexpected.
Error: (01/11/2015 05:41:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2
Error: (01/11/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vxlsnyaiet64 service failed to start due to the following error:
%%2
Error: (01/11/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.0.5 service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (01/13/2015 07:58:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/12/2015 11:40:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{7FBAD091-89F7-4C77-A224-15FF4423C7D2}\recordingmanager.exe
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/12/2015 01:57:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005003ada40127001d02e9996520799C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknownd8d2d18c-9a8c-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDOnAccess.exe2.2.25.4525be485KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42d1d8401d02e90566d5d3cC:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exeC:\Windows\syswow64\KERNELBASE.dll96c1f03a-9a83-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDOnAccess.exe2.2.25.4525be485KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42d3b2401d02e904b1b66ddC:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exeC:\Windows\syswow64\KERNELBASE.dll8f4c7f34-9a83-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005005fd91c40c001d02e8a386b57b3C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown7b2b9c94-9a7d-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005002ed7b441fc01d02e8a2c969adaC:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown71792b7b-9a7d-11e4-b918-e840f28b3bc9
CodeIntegrity Errors:
===================================
Date: 2015-01-13 11:04:56.960
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-13 10:51:52.824
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-13 08:53:57.845
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 16:44:01.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:50:25.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:28:37.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:16:17.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:05:17.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 14:50:53.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 14:19:49.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8098.52 MB
Available physical RAM: 4801.36 MB
Total Pagefile: 16195.21 MB
Available Pagefile: 13176.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1844.9 GB) (Free:1682.12 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:18.02 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C798ED8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1844.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-13 11:17:29
-----------------------------
11:17:29.108 OS Version: Windows x64 6.1.7601 Service Pack 1
11:17:29.108 Number of processors: 4 586 0x2A07
11:17:29.108 ComputerName: CP2012-HP UserName: cp2012
11:17:36.108 Initialize success
11:17:36.112 VM: initialized successfully
11:17:36.113 VM: Intel CPU BiosDisabled
11:17:40.958 AVAST engine download error: 0
11:18:15.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:18:15.987 Disk 0 Vendor: ST2000DL HP16 Size: 1907729MB BusType: 3
11:18:16.091 Disk 0 MBR read successfully
11:18:16.094 Disk 0 MBR scan
11:18:16.097 Disk 0 Windows 7 default MBR code
11:18:16.109 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:18:16.114 Disk 0 default boot code
11:18:16.124 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1889177 MB offset 206848
11:18:16.161 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18450 MB offset 3869241344
11:18:16.177 Disk 0 scanning C:\Windows\system32\drivers
11:18:24.584 Service scanning
11:18:37.276 Modules scanning
11:18:37.286 Disk 0 trace - called modules:
11:18:37.302 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:18:37.307 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a01d060]
11:18:37.312 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b29050]
11:18:37.317 Disk 0 statistics 93876/0/0 @ 5.49 MB/s
11:18:37.322 Scan finished successfully
11:18:48.306 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
11:18:48.309 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-13 11:17:29
-----------------------------
11:17:29.108 OS Version: Windows x64 6.1.7601 Service Pack 1
11:17:29.108 Number of processors: 4 586 0x2A07
11:17:29.108 ComputerName: CP2012-HP UserName: cp2012
11:17:36.108 Initialize success
11:17:36.112 VM: initialized successfully
11:17:36.113 VM: Intel CPU BiosDisabled
11:17:40.958 AVAST engine download error: 0
11:18:15.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:18:15.987 Disk 0 Vendor: ST2000DL HP16 Size: 1907729MB BusType: 3
11:18:16.091 Disk 0 MBR read successfully
11:18:16.094 Disk 0 MBR scan
11:18:16.097 Disk 0 Windows 7 default MBR code
11:18:16.109 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:18:16.114 Disk 0 default boot code
11:18:16.124 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1889177 MB offset 206848
11:18:16.161 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18450 MB offset 3869241344
11:18:16.177 Disk 0 scanning C:\Windows\system32\drivers
11:18:24.584 Service scanning
11:18:37.276 Modules scanning
11:18:37.286 Disk 0 trace - called modules:
11:18:37.302 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:18:37.307 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a01d060]
11:18:37.312 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b29050]
11:18:37.317 Disk 0 statistics 93876/0/0 @ 5.49 MB/s
11:18:37.322 Scan finished successfully
11:18:48.306 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
11:18:48.309 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"
12:18:14.998 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
12:18:15.009 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"
Ran by cp2012 (administrator) on CP2012-HP on 13-01-2015 11:12:33
Running from C:\Users\cp2012\Downloads
Loaded Profile: cp2012 (Available profiles: cp2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\Content Manager\CmTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [My Scrap Nook Home Page Guard 64 bit] => "C:\PROGRA~2\MYSCRA~2\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrowserSafeguard] => "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2226704 2013-03-07] (Research In Motion Limited)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-18\...\Run: [ISUSPM] => -scheduler
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk -> C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-4211978626-972589915-279576106-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/19
URLSearchHook: HKU\S-1-5-21-4211978626-972589915-279576106-1000 - (No Name) - {f9bbf004-6e40-4019-8214-c43a37e1d058} - No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: BuzzSocialPoints_IE -> {1A917769-FBA3-4273-AA4C-F852D116854B} -> C:\Program Files (x86)\BuzzSocialPoints_IE\ScriptHost.dll (BuzzSocialPoints)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> No Name - {F9BBF004-6E40-4019-8214-C43A37E1D058} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\cp2012\AppData\Roaming\Mozilla\Firefox\Profiles\6od7941t.default-1401247939329
FF DefaultSearchEngine: Yahoo
FF Homepage: https://www.google.ca/
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll (VideoDownloadConverter)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @MyScrapNook_12.com/Plugin -> C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\NP12Stub.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4211978626-972589915-279576106-1000: @citrixonline.com/appdetectorplugin -> C:\Users\cp2012\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial@buzzsocialpoints.com.xpi [2014-12-02]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [12ffxtbr@MyScrapNook_12.com] - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2014-06-17]
CHR Extension: (ssaviunshop) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\engcbimikaophbklhcmhffjclkmggmco [2014-06-17]
CHR Extension: (Buzz Social Points) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikoeigmfnoggdlhnobkbbbkohiahbko [2014-03-07]
CHR Extension: (Google Wallet) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - C:\Users\cp2012\AppData\Local\CRE\fdepacjoijebcfaaenjicnejghibmebp.crx [Not Found]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [fdepacjoijebcfaaenjicnejghibmebp] - C:\Users\cp2012\AppData\Local\CRE\fdepacjoijebcfaaenjicnejghibmebp.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-16] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 64af91bf; "C:\Windows\system32\rundll32.exe" "c:\progra~3\fastan~1\FastAndSafeSvc.dll",service
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S2 MyScrapNook_12Service; C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe [X]
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]
S2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe run options=01100010030000000000000000000000 sourceguid=CDDCF87A-3EAD-40C4-8099-34C6869D3E9D [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-12] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [63904 2013-10-10] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 11:12 - 2015-01-13 11:12 - 00027880 _____ () C:\Users\cp2012\Downloads\FRST.txt
2015-01-13 11:10 - 2015-01-13 11:12 - 00000000 ____D () C:\FRST
2015-01-13 11:10 - 2015-01-13 11:10 - 02124288 _____ (Farbar) C:\Users\cp2012\Downloads\FRST64.exe
2015-01-13 11:10 - 2015-01-13 11:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CP2012-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-13 11:09 - 2015-01-13 11:09 - 00000000 ____D () C:\Users\cp2012\CP2012-HP
2015-01-13 11:06 - 2015-01-13 11:06 - 00002237 _____ () C:\Users\cp2012\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-13 11:05 - 2015-01-13 11:05 - 04215584 _____ () C:\Users\cp2012\Downloads\tweaking.com_registry_backup_setup.exe
2015-01-13 10:34 - 2015-01-13 10:34 - 01054912 _____ (Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2015-01-12 12:52 - 2015-01-12 12:52 - 00153894 _____ () C:\Users\cp2012\Desktop\Copy of Squirt Calender 2015 --Schram.xlsx
2015-01-11 21:36 - 2015-01-11 21:36 - 00029660 _____ () C:\Users\cp2012\Downloads\perimeter_all.pl
2015-01-11 21:35 - 2015-01-11 21:35 - 00020785 _____ () C:\Users\cp2012\Downloads\perimeter_formula.pl
2015-01-11 21:24 - 2015-01-11 21:24 - 00087482 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(3).pl
2015-01-11 21:24 - 2015-01-11 21:24 - 00087481 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(2).pl
2015-01-11 21:21 - 2015-01-11 21:21 - 00087527 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters(1).pl
2015-01-11 21:19 - 2015-01-11 21:19 - 00016572 _____ () C:\Users\cp2012\Downloads\measurement_general_conversions.pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080536 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(6).pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080532 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(8).pl
2015-01-11 17:38 - 2015-01-11 17:38 - 00080532 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(7).pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073853 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler(2).pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073851 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler.pl
2015-01-11 17:37 - 2015-01-11 17:37 - 00073850 _____ () C:\Users\cp2012\Downloads\measurement_engineering_ruler(1).pl
2015-01-11 17:36 - 2015-01-11 17:36 - 00046402 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(4).pl
2015-01-11 17:36 - 2015-01-11 17:36 - 00046400 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(5).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046404 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(1).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046402 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(3).pl
2015-01-11 17:35 - 2015-01-11 17:35 - 00046365 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler(2).pl
2015-01-11 17:33 - 2015-01-11 17:33 - 00046404 _____ () C:\Users\cp2012\Downloads\measurement_metric_ruler.pl
2015-01-11 17:03 - 2015-01-11 17:03 - 00015077 _____ () C:\Users\cp2012\Downloads\measuring_in_centimeters.pl
2015-01-04 18:55 - 2015-01-04 18:55 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{58CB7BC8-BE4D-4FEC-9F6A-626FB3D26867}
2015-01-03 18:38 - 2015-01-03 18:38 - 00845200 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup(2).exe
2015-01-03 18:36 - 2015-01-03 18:36 - 00845200 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup(1).exe
2015-01-03 18:23 - 2015-01-03 18:23 - 00845936 _____ () C:\Users\cp2012\Downloads\openofficesuite-setup.exe
2015-01-03 18:13 - 2015-01-03 18:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-03 17:30 - 2015-01-03 18:02 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Anvsoft
2015-01-03 17:30 - 2015-01-03 17:30 - 00000000 ____D () C:\Users\cp2012\Documents\Any Video Converter
2015-01-03 17:29 - 2015-01-03 17:29 - 33259320 _____ (Any-Video-Converter.com ) C:\Users\cp2012\Downloads\avc-setup-5.7.6(1).exe
2015-01-03 17:26 - 2015-01-03 17:26 - 00231808 _____ () C:\Users\cp2012\Downloads\avc-setup-5.7.6.exe
2015-01-03 17:10 - 2015-01-03 17:10 - 02520172 _____ () C:\Users\cp2012\Desktop\JakeVideo-1Dec2015ppm.ppm
2015-01-03 16:44 - 2015-01-03 16:45 - 19512268 _____ () C:\Users\cp2012\Downloads\JakeVideo-2Dec2015.odp
2015-01-03 16:43 - 2015-01-03 16:43 - 00082064 _____ () C:\Users\cp2012\Downloads\JakeVideo-1Dec2015.odp
2015-01-03 12:30 - 2015-01-03 12:30 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{1C089E9D-7007-4EC5-9D49-21963C2757BB}
2015-01-01 18:11 - 2015-01-01 18:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-01 16:35 - 2015-01-01 16:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{435521AF-8D70-4E44-AACE-A3E9AB5649B6}
2015-01-01 15:57 - 2015-01-01 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{3E8C26CD-031F-4513-A7B4-8A98466E29FF}
2015-01-01 15:46 - 2015-01-01 15:46 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{CA0F3A17-386A-4A4C-AE4B-E54A130C37BB}
2015-01-01 15:44 - 2015-01-01 15:44 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{DC630131-EA2C-4047-A99C-6BC1E877233E}
2014-12-27 22:22 - 2014-12-27 22:22 - 00803392 _____ ( ) C:\Users\cp2012\Downloads\FlvPlayerSetup.exe
2014-12-20 15:10 - 2014-12-20 15:10 - 00000000 ____D () C:\Users\cp2012\Downloads\New folder
2014-12-18 09:53 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:53 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 12:16 - 2014-12-15 12:16 - 00098821 _____ () C:\Users\cp2012\Downloads\ACFrOgCVp1ZQNc9rhiW4tBfch7s-pAz35RCueRIE5AQF0gIkAXdEu5TTyVlrFN8GPOuFi7x6IXfjUtSG9mtO97I1QvXHiDlULWLq5BUQ5VGegSsahbVIa65YWLi1jFI=
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 11:09 - 2012-07-05 22:11 - 00000000 ____D () C:\Users\cp2012
2015-01-13 10:57 - 2012-08-27 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 10:52 - 2012-07-14 02:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-13 10:43 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-13 10:43 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-13 10:40 - 2012-07-05 22:09 - 01505835 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 10:38 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 10:32 - 2012-04-12 16:43 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-13 10:31 - 2012-08-27 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 10:31 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-13 10:31 - 2009-07-13 23:51 - 00087625 _____ () C:\Windows\setupact.log
2015-01-13 08:35 - 2012-09-13 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-12 15:34 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\Cy
2015-01-12 12:51 - 2012-07-09 08:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\CrashDumps
2015-01-12 11:12 - 2012-11-28 14:49 - 00000000 ____D () C:\Users\cp2012\Desktop\a-Jake
2015-01-12 11:11 - 2012-08-03 08:48 - 00127776 _____ () C:\Users\cp2012\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-12 10:57 - 2012-07-05 22:19 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F7652-FBD3-4B12-89F2-B7F72B5A1255}
2015-01-12 08:42 - 2012-07-05 22:20 - 00000000 ____D () C:\Users\cp2012\AppData\Local\PDFC
2015-01-11 17:40 - 2012-12-05 08:39 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForcp2012.job
2015-01-09 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 15:44 - 2012-12-05 08:39 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForcp2012
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 18:27 - 2012-07-20 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\SoftGrid Client
2015-01-03 18:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Resources
2015-01-03 17:10 - 2013-10-04 12:31 - 00792064 ___SH () C:\Users\cp2012\Desktop\Thumbs.db
2015-01-03 16:44 - 2012-12-07 18:54 - 00012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 15:42 - 2012-07-10 13:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-02 15:41 - 2012-07-21 18:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-01 19:47 - 2014-08-19 22:31 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Adobe
2015-01-01 18:07 - 2010-11-20 22:47 - 02255808 _____ () C:\Windows\PFRO.log
2015-01-01 18:07 - 2009-07-14 00:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-30 10:22 - 2014-10-13 10:32 - 00032012 _____ () C:\Users\cp2012\Desktop\InsuranceComparison.ods
2014-12-28 19:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-26 07:56 - 2014-04-08 11:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-17 08:55 - 2013-12-03 19:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-15 16:41 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\b-Moira
2014-12-14 20:29 - 2014-03-23 21:24 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Windows Live
Some content of TEMP:
====================
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmjgczm.dll
C:\Users\cp2012\AppData\Local\Temp\_isF620.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 21:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by cp2012 at 2015-01-13 11:13:08
Running from C:\Users\cp2012\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BlackBerry Backup Extractor (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\BlackBerry Backup Extractor) (Version: 1.1.6.0 - Reincubate Ltd)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.40 - Research In Motion Ltd.)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.40 - Research In Motion Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BuzzSocialPoints version 1.0 (HKLM-x32\...\BuzzSocialPoints_is1) (Version: 1.0 - BuzzSocialPoints)
BuzzSocialPoints_IE (HKLM-x32\...\BuzzSocialPoints_IE) (Version: 1.0.0.0 - BuzzSocialPoints)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{A4B72B94-7745-4CA8-A4D6-D8AC2442451C}) (Version: 1.0.153 - Citrix)
Coby Media Manager (HKLM-x32\...\{D7F70937-6EC3-4129-8089-4974C5873C99}) (Version: 1.0.6316 - Coby)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.57 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4601.54 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyBar 1.19 Toolbar for IE (HKLM-x32\...\IECT3308528) (Version: 6.16.2.2 - KeyBar 1.19)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LibreOffice 4.2 Help Pack (English (United States)) (HKLM-x32\...\{9B197B38-038D-47B5-9572-AE07E34F6AD0}) (Version: 4.2.2.1 - The Document Foundation)
LibreOffice 4.3.0.4 (HKLM-x32\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Musicnotes Player V1.40.3 and Viewer V1.20.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.40.3 - Musicnotes Inc.)
My Scrap Nook Toolbar (HKLM-x32\...\MyScrapNook_12bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Spelling Bee Coaching Application [Junior] version 1.0 (HKLM-x32\...\{006B99DB-5711-4B22-9FA9-49CE16516FF7}_is1) (Version: 1.0 - Spelling Bee of Canada (c))
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Swirlz Toolbar for IE (HKLM-x32\...\IECT3309759) (Version: 6.17.2.8 - Swirlz)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: v10 - Vistumbler.net)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.49 - Creative Island Media, LLC) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
YouTube Downloader 5 (HKLM-x32\...\YouTube Downloader_is1) (Version: - Kotato)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\cp2012\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-12-2014 19:07:59 Windows Backup
30-12-2014 08:50:07 Windows Update
04-01-2015 19:13:43 Windows Backup
06-01-2015 07:16:17 Windows Update
09-01-2015 13:49:43 Windows Update
11-01-2015 19:13:38 Windows Backup
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2013-12-03 19:32 - 00450639 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04B40466-A83B-48DD-ABF0-E884AF6AB760} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0A84E25F-2928-4B7F-B440-A19C2A799A99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {0E22359C-36A6-498E-8F4D-B8ECD8D0F04D} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe [2012-11-05] ( ) <==== ATTENTION
Task: {14BB80B3-9E64-4B8B-9C80-AB4AB2956113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1A3D80A5-41DE-46B7-9A79-29A4B1CAFB29} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {1DE9B808-E427-47DF-B7C5-E6799D5DA5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27] (Google Inc.)
Task: {218FA806-3B4E-40CB-BD51-494ED94FA0FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {21A64FF2-06CE-4D84-A656-7B1B266A5D69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2326134B-8B45-4C65-A5D2-E316B50A0384} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {2808B6C6-58A6-4D37-B9BA-76FF0981F5F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {298E465E-6D69-45F5-9FA9-EB3F7A85E2EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27] (Google Inc.)
Task: {2B0BD62E-A58F-4331-98DA-08C7AEF76192} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {3D8A1A9F-F454-4604-8834-E461639A0498} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {3EC402B2-D42F-4E62-AA62-1FD00616E964} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {40752DD2-118B-4B0B-BB9F-49F16D6911CF} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe [2012-11-05] ( ) <==== ATTENTION
Task: {42222E2B-8A2A-4AB5-9221-15A14643AADE} - System32\Tasks\{6715E06D-2610-4E87-B690-CA21DD025FB6} => pcalua.exe -a C:\Users\cp2012\Downloads\DownloadManagerSetup.exe -d C:\Users\cp2012\Downloads
Task: {444AECE7-7AB0-4548-91A7-87767DA2E777} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {5880B376-8ECF-4909-8F16-3BB4BE619EFB} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {5BA387EC-E985-40BE-9E92-CF40FADA502E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {627975E2-ADC6-4662-92E0-C3EA5BB38A97} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {73B6BE67-96B8-4878-A71C-6A5973DD2EC5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {79FFC635-7EE9-4628-94FA-231CC40763CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {8233B035-E223-4FB3-A492-7B5D0B406D61} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {9AACBEC8-5F89-4AFD-872B-372F6A23BA39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A3753A57-6BCA-4C45-A2E4-3A0A77243E22} - System32\Tasks\Real Player online update program => c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-08-16] (RealNetworks, Inc.)
Task: {BE759176-BFC5-4C26-BFCA-6B6ACB2893BB} - System32\Tasks\HPCeeScheduleForcp2012 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BFFB2D5E-C9AD-4AB9-A736-DF3BABB44B70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {C138DB40-3BE9-4F1D-A40D-0227528C9C7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D2BF1199-5E2E-4EEC-8557-F2144AA95564} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {D3FB6106-C888-4474-B3E1-2E1BD076DA62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {EE3F8FA3-32AB-476C-B110-0204E17FAC18} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {F6B2CA0A-530B-42F6-92BE-9A2C74921726} - System32\Tasks\{6B3C84A2-2864-4121-A375-4CF1256FEB48} => pcalua.exe -a "C:\Program Files (x86)\LibreOffice 4\program\scalc.exe" -c -o "C:\Users\cp2012\Desktop\Tball2014\T-ball 2014.ods"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForcp2012.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2014-11-23 08:32 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-08 11:26 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 04:04 - 2014-07-30 04:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-04-12 16:21 - 2011-09-19 02:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-09 22:54 - 2012-12-06 09:09 - 07375360 _____ () C:\Program Files (x86)\Content Manager\CmTray.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-27 15:00 - 2014-08-16 11:01 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-01 01:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-03 19:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-06 20:14 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-03 19:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-03 19:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2015-01-13 10:33 - 2015-01-13 10:33 - 00043008 _____ () c:\users\cp2012\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmjgczm.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\libcef.dll
2014-12-02 00:09 - 2014-12-02 00:09 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-23 08:30 - 2014-11-23 08:30 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-04-09 22:54 - 2009-01-10 17:32 - 00011362 _____ () C:\Program Files (x86)\Content Manager\mingwm10.dll
2014-04-09 22:54 - 2009-06-23 01:42 - 00043008 _____ () C:\Program Files (x86)\Content Manager\libgcc_s_dw2-1.dll
2014-04-09 22:54 - 2012-01-06 13:53 - 02556416 _____ () C:\Program Files (x86)\Content Manager\QtCore4.dll
2014-04-09 22:54 - 2011-09-01 21:23 - 09933824 _____ () C:\Program Files (x86)\Content Manager\QtGui4.dll
2014-04-09 22:54 - 2011-09-01 20:53 - 01215488 _____ () C:\Program Files (x86)\Content Manager\QtNetwork4.dll
2014-04-09 22:54 - 2011-09-01 20:53 - 00271872 _____ () C:\Program Files (x86)\Content Manager\QtSql4.dll
2014-04-09 22:54 - 2011-09-01 20:49 - 00399360 _____ () C:\Program Files (x86)\Content Manager\QtXml4.dll
2014-04-09 22:54 - 2011-09-02 00:48 - 00478720 _____ () C:\Program Files (x86)\Content Manager\Plugins\sqldrivers\qsqlite4.dll
2013-08-02 21:16 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4211978626-972589915-279576106-500 - Administrator - Disabled)
cp2012 (S-1-5-21-4211978626-972589915-279576106-1000 - Administrator - Enabled) => C:\Users\cp2012
Guest (S-1-5-21-4211978626-972589915-279576106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4211978626-972589915-279576106-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/13/2015 07:58:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/12/2015 11:40:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/12/2015 01:57:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x003ada40
Faulting process id: 0x1270
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (01/12/2015 00:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDOnAccess.exe, version: 2.2.25.4, time stamp: 0x525be485
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1d84
Faulting application start time: 0xSDOnAccess.exe0
Faulting application path: SDOnAccess.exe1
Faulting module path: SDOnAccess.exe2
Report Id: SDOnAccess.exe3
Error: (01/12/2015 00:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDOnAccess.exe, version: 2.2.25.4, time stamp: 0x525be485
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x3b24
Faulting application start time: 0xSDOnAccess.exe0
Faulting application path: SDOnAccess.exe1
Faulting module path: SDOnAccess.exe2
Report Id: SDOnAccess.exe3
Error: (01/12/2015 00:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x005fd91c
Faulting process id: 0x40c0
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (01/12/2015 00:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002ed7b4
Faulting process id: 0x41fc
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
System errors:
=============
Error: (01/13/2015 10:38:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vxlsnyaiet64 service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.0.5 service failed to start due to the following error:
%%2
Error: (01/13/2015 10:32:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The My Scrap NookService service failed to start due to the following error:
%%2
Error: (01/13/2015 10:31:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Fast And Safe service to connect.
Error: (01/13/2015 10:31:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:49:12 AM on 13/01/2015 was unexpected.
Error: (01/11/2015 05:41:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2
Error: (01/11/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vxlsnyaiet64 service failed to start due to the following error:
%%2
Error: (01/11/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.0.5 service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (01/13/2015 07:58:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/12/2015 11:40:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{7FBAD091-89F7-4C77-A224-15FF4423C7D2}\recordingmanager.exe
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
Error: (01/12/2015 05:39:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/12/2015 01:57:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005003ada40127001d02e9996520799C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknownd8d2d18c-9a8c-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDOnAccess.exe2.2.25.4525be485KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42d1d8401d02e90566d5d3cC:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exeC:\Windows\syswow64\KERNELBASE.dll96c1f03a-9a83-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDOnAccess.exe2.2.25.4525be485KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42d3b2401d02e904b1b66ddC:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exeC:\Windows\syswow64\KERNELBASE.dll8f4c7f34-9a83-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005005fd91c40c001d02e8a386b57b3C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown7b2b9c94-9a7d-11e4-b918-e840f28b3bc9
Error: (01/12/2015 00:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005002ed7b441fc01d02e8a2c969adaC:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown71792b7b-9a7d-11e4-b918-e840f28b3bc9
CodeIntegrity Errors:
===================================
Date: 2015-01-13 11:04:56.960
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-13 10:51:52.824
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-13 08:53:57.845
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 16:44:01.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:50:25.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:28:37.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:16:17.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 15:05:17.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 14:50:53.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-12 14:19:49.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8098.52 MB
Available physical RAM: 4801.36 MB
Total Pagefile: 16195.21 MB
Available Pagefile: 13176.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1844.9 GB) (Free:1682.12 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:18.02 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C798ED8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1844.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-13 11:17:29
-----------------------------
11:17:29.108 OS Version: Windows x64 6.1.7601 Service Pack 1
11:17:29.108 Number of processors: 4 586 0x2A07
11:17:29.108 ComputerName: CP2012-HP UserName: cp2012
11:17:36.108 Initialize success
11:17:36.112 VM: initialized successfully
11:17:36.113 VM: Intel CPU BiosDisabled
11:17:40.958 AVAST engine download error: 0
11:18:15.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:18:15.987 Disk 0 Vendor: ST2000DL HP16 Size: 1907729MB BusType: 3
11:18:16.091 Disk 0 MBR read successfully
11:18:16.094 Disk 0 MBR scan
11:18:16.097 Disk 0 Windows 7 default MBR code
11:18:16.109 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:18:16.114 Disk 0 default boot code
11:18:16.124 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1889177 MB offset 206848
11:18:16.161 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18450 MB offset 3869241344
11:18:16.177 Disk 0 scanning C:\Windows\system32\drivers
11:18:24.584 Service scanning
11:18:37.276 Modules scanning
11:18:37.286 Disk 0 trace - called modules:
11:18:37.302 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:18:37.307 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a01d060]
11:18:37.312 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b29050]
11:18:37.317 Disk 0 statistics 93876/0/0 @ 5.49 MB/s
11:18:37.322 Scan finished successfully
11:18:48.306 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
11:18:48.309 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-13 11:17:29
-----------------------------
11:17:29.108 OS Version: Windows x64 6.1.7601 Service Pack 1
11:17:29.108 Number of processors: 4 586 0x2A07
11:17:29.108 ComputerName: CP2012-HP UserName: cp2012
11:17:36.108 Initialize success
11:17:36.112 VM: initialized successfully
11:17:36.113 VM: Intel CPU BiosDisabled
11:17:40.958 AVAST engine download error: 0
11:18:15.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:18:15.987 Disk 0 Vendor: ST2000DL HP16 Size: 1907729MB BusType: 3
11:18:16.091 Disk 0 MBR read successfully
11:18:16.094 Disk 0 MBR scan
11:18:16.097 Disk 0 Windows 7 default MBR code
11:18:16.109 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:18:16.114 Disk 0 default boot code
11:18:16.124 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1889177 MB offset 206848
11:18:16.161 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18450 MB offset 3869241344
11:18:16.177 Disk 0 scanning C:\Windows\system32\drivers
11:18:24.584 Service scanning
11:18:37.276 Modules scanning
11:18:37.286 Disk 0 trace - called modules:
11:18:37.302 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:18:37.307 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a01d060]
11:18:37.312 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b29050]
11:18:37.317 Disk 0 statistics 93876/0/0 @ 5.49 MB/s
11:18:37.322 Scan finished successfully
11:18:48.306 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
11:18:48.309 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"
12:18:14.998 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Downloads\MBR.dat"
12:18:15.009 The log file has been saved successfully to "C:\Users\cp2012\Downloads\aswMBR.txt"