Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow startup (redirected)


  • Please log in to reply
8 replies to this topic

#1 Sigdun

Sigdun

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 20 September 2014 - 07:39 AM

From http://www.bleepingcomputer.com/forums/t/548978/slow-startup/

 

Hi -

You have some very unusual errors showing, like your Antivirus is blocking everything in these logs.

 

In this area we are not permitted to conduct deeper scans, so please follow the directions below - -

 

Please follow the instructions in ==> This Prep Guide <== starting at Step 6.

 

Once the proper logs are created, then make a NEW TOPIC and post it to ==> Malware Removal area <== Not back here.

 

Just include the requested logs from above. Please be sure to include a description of your computer issues and what you have done to try to resolve them.

 

If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why along with a description of your computer issues.

Please do not ever run ComboFix unless a Malware Response Team Member instructs you to do so.

 

Thank You -

 

Attached File  attach.txt   16.16KB   2 downloads

 

DDS Log

------------------------------

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16575  BrowserJavaVersion: 10.67.2
Run by ROD at 14:35:36 on 2014-09-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.14316.8977 [GMT 2:00]
.
AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\SysWOW64\ASGT.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\F-Secure\fshoster32.exe
C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\beats64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\F-Secure\fshoster32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Turbine\The Lord of the Rings Online\lotroclient.exe
C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Xs4all Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Akamai NetSession Interface] "C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
mRun: [PTNMWND] "C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-710W /AUTORUN
mRun: [F-Secure Hoster (54599)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\1405F5630343933343239393 : DHCPNameServer = 10.10.100.254
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\3596475636F6D6665683668323 : DHCPNameServer = 0.0.0.0
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\84F657473507565646 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{846AB77D-E144-4544-BF46-C7B03BC769F3} : DHCPNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cdl - <Clsid value has no data>
Handler: file - <Clsid value has no data>
Handler: ftp - <Clsid value has no data>
Handler: local - <Clsid value has no data>
Handler: mk - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cdl - <Clsid value has no data>
x64-Handler: file - <Clsid value has no data>
x64-Handler: ftp - <Clsid value has no data>
x64-Handler: local - <Clsid value has no data>
x64-Handler: mk - <Clsid value has no data>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\BYOND\bin\npbyond.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2012-5-9 56016]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-6-23 69960]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2012-7-2 13248]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-24 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 ASGT;ASGT;C:\Windows\SysWOW64\ASGT.exe [2012-1-17 55296]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\F-Secure\fshoster32.exe [2013-10-30 191528]
R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2012-8-6 60352]
R2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe [2011-7-24 2641920]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-24 2656280]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-1-29 79360]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-7-2 203304]
R3 fsni;fsni;C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [2014-6-19 86056]
R3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);C:\Windows\System32\drivers\hcwD3bda64.sys [2011-7-24 116352]
R3 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2012-4-10 23680]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-7-24 412776]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-7-24 125552]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-7-24 382024]
R3 UHSfiltv;UHSfiltv;C:\Windows\System32\drivers\UHSfiltv.sys [2014-1-29 23552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 atillk64;atillk64;C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [2006-7-19 14608]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2014-1-29 79360]
S3 fsccsys1346934493;F-Secure Content Control Driver;C:\Windows\System32\drivers\fsccsys.sys [2012-9-6 58424]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-5 1874016]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-29 19456]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-29 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-29 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-17 1255736]
S4 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-12-10 131912]
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-26 92216]
.
=============== Created Last 30 ================
.
2014-09-20 08:12:48    --------    d-----w-    C:\ProgramData\PDFC
2014-09-20 07:21:38    --------    d-----w-    C:\Program Files (x86)\Maestro
2014-09-19 12:17:19    --------    d-----w-    C:\Program Files\Speccy
2014-09-19 08:23:02    33512    ----a-w-    C:\Windows\System32\drivers\TrueSight.sys
2014-09-19 08:23:00    --------    d-----w-    C:\ProgramData\RogueKiller
2014-09-19 07:38:48    --------    d-----w-    C:\Windows\ERUNT
2014-09-19 07:35:33    536576    ----a-w-    C:\Windows\SysWow64\sqlite3.dll
2014-09-10 13:24:34    2777088    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 13:24:34    2285056    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 07:00:49    1031168    ----a-w-    C:\Windows\System32\TSWorkspace.dll
2014-09-10 07:00:48    793600    ----a-w-    C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 06:59:58    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-09-10 06:59:56    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-09-10 06:58:41    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-09-10 06:58:41    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-09-10 06:58:39    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-09-10 06:58:39    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-09-10 06:58:39    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-09-07 15:16:21    --------    d-----w-    C:\Users\ROD\AppData\Local\Adobe
2014-09-05 13:29:48    --------    d-----w-    C:\Program Files (x86)\Origin Games
2014-09-04 12:50:16    188304    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-09-03 17:35:19    --------    d-sh--w-    C:\Cypher License Information LT
2014-09-03 17:35:17    --------    d-----w-    C:\Users\ROD\AppData\Roaming\DLsite
2014-08-28 05:33:09    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-28 05:33:09    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-28 05:33:09    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
.
==================== Find3M  ====================
.
2014-09-10 15:10:04    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-10 15:10:03    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 15:35:56    2339328    ----a-w-    C:\Windows\System32\jscript9.dll
2014-08-15 15:31:16    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2014-08-15 15:30:08    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2014-08-15 15:30:00    1494016    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-08-15 15:29:33    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-08-15 15:28:50    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-08-15 15:28:47    12800    ----a-w-    C:\Windows\System32\mshta.exe
2014-08-15 14:42:27    1810432    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-08-15 14:37:03    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-08-15 14:36:30    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-08-15 14:35:47    421376    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-08-15 14:35:34    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-08-15 14:34:49    11776    ----a-w-    C:\Windows\SysWow64\mshta.exe
2014-08-15 14:34:47    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-08-10 06:46:20    45640    ----a-w-    C:\Windows\SysmonDrv.sys
2014-08-05 11:14:17    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 09:05:56    1025208    ----a-w-    C:\Windows\System32\Sysmon.exe
2014-07-25 00:35:46    875688    ----a-w-    C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47:06    869544    ----a-w-    C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24:50    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-06-30 22:14:53    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
.
============= FINISH: 14:35:59.58 ===============
 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 25 September 2014 - 07:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/549131 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Sigdun

Sigdun
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 25 September 2014 - 08:33 AM

A slow start-up, unable to do anything until after -something- finishes and then everything seems to work normally.
 
Already addressed some things here : http://www.bleepingcomputer.com/forums/t/548978/slow-startup/
But then I was redirected to this part of the forums.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16575  BrowserJavaVersion: 10.67.2
Run by ROD at 15:28:56 on 2014-09-25
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.14316.10355 [GMT 2:00]
.
AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\SysWOW64\ASGT.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\F-Secure\fshoster32.exe
C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\beats64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\F-Secure\fshoster32.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\perfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Turbine\The Lord of the Rings Online\lotroclient.exe
C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Xs4all Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Akamai NetSession Interface] "C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
mRun: [PTNMWND] "C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe" Brother QL-710W /AUTORUN
mRun: [F-Secure Hoster (54599)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\1405F5630343933343239393 : DHCPNameServer = 10.10.100.254
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\3596475636F6D6665683668323 : DHCPNameServer = 0.0.0.0
TCP: Interfaces\{75DBED04-E3FC-4A96-AF7D-FD8327B633EE}\84F657473507565646 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{846AB77D-E144-4544-BF46-C7B03BC769F3} : DHCPNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cdl - <Clsid value has no data>
Handler: file - <Clsid value has no data>
Handler: ftp - <Clsid value has no data>
Handler: local - <Clsid value has no data>
Handler: mk - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cdl - <Clsid value has no data>
x64-Handler: file - <Clsid value has no data>
x64-Handler: ftp - <Clsid value has no data>
x64-Handler: local - <Clsid value has no data>
x64-Handler: mk - <Clsid value has no data>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\BYOND\bin\npbyond.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2012-5-9 56016]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-6-23 69960]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2012-7-2 13248]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-7-24 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 ASGT;ASGT;C:\Windows\SysWOW64\ASGT.exe [2012-1-17 55296]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\F-Secure\fshoster32.exe [2013-10-30 191528]
R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2012-8-6 60352]
R2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe [2011-7-24 2641920]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-24 2656280]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-1-29 79360]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-7-2 203304]
R3 fsni;fsni;C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [2014-6-19 86056]
R3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);C:\Windows\System32\drivers\hcwD3bda64.sys [2011-7-24 116352]
R3 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2012-4-10 23680]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-7-24 412776]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-7-24 125552]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-7-24 382024]
R3 UHSfiltv;UHSfiltv;C:\Windows\System32\drivers\UHSfiltv.sys [2014-1-29 23552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 atillk64;atillk64;C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [2006-7-19 14608]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2014-1-29 79360]
S3 fsccsys1346934493;F-Secure Content Control Driver;C:\Windows\System32\drivers\fsccsys.sys [2012-9-6 58424]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-5 1874016]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-29 19456]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-29 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-29 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-17 1255736]
S4 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-12-10 131912]
S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-26 92216]
.
=============== Created Last 30 ================
.
2014-09-24 06:42:31    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-09-24 06:42:31    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-24 06:41:20    --------    d-----w-    C:\AdwCleaner
2014-09-20 08:12:48    --------    d-----w-    C:\ProgramData\PDFC
2014-09-20 07:21:38    --------    d-----w-    C:\Program Files (x86)\Maestro
2014-09-19 12:17:19    --------    d-----w-    C:\Program Files\Speccy
2014-09-19 08:23:02    33512    ----a-w-    C:\Windows\System32\drivers\TrueSight.sys
2014-09-19 08:23:00    --------    d-----w-    C:\ProgramData\RogueKiller
2014-09-19 07:46:50    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-19 07:38:48    --------    d-----w-    C:\Windows\ERUNT
2014-09-19 07:35:33    536576    ----a-w-    C:\Windows\SysWow64\sqlite3.dll
2014-09-10 13:24:34    2777088    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 13:24:34    2285056    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 07:00:49    1031168    ----a-w-    C:\Windows\System32\TSWorkspace.dll
2014-09-10 07:00:48    793600    ----a-w-    C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 06:59:58    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-09-10 06:59:56    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-09-10 06:58:41    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-09-10 06:58:41    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-09-10 06:58:39    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-09-10 06:58:39    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-09-10 06:58:39    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-09-07 15:16:21    --------    d-----w-    C:\Users\ROD\AppData\Local\Adobe
2014-09-05 13:29:48    --------    d-----w-    C:\Program Files (x86)\Origin Games
2014-09-03 17:35:19    --------    d-sh--w-    C:\Cypher License Information LT
2014-09-03 17:35:17    --------    d-----w-    C:\Users\ROD\AppData\Roaming\DLsite
2014-08-28 05:33:09    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-28 05:33:09    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-28 05:33:09    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
.
==================== Find3M  ====================
.
2014-09-10 15:10:04    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-10 15:10:03    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 15:35:56    2339328    ----a-w-    C:\Windows\System32\jscript9.dll
2014-08-15 15:31:16    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2014-08-15 15:30:08    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2014-08-15 15:30:00    1494016    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-08-15 15:29:33    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-08-15 15:28:50    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-08-15 15:28:47    12800    ----a-w-    C:\Windows\System32\mshta.exe
2014-08-15 14:42:27    1810432    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-08-15 14:37:03    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-08-15 14:36:30    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-08-15 14:35:47    421376    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-08-15 14:35:34    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-08-15 14:34:49    11776    ----a-w-    C:\Windows\SysWow64\mshta.exe
2014-08-15 14:34:47    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-08-10 06:46:20    45640    ----a-w-    C:\Windows\SysmonDrv.sys
2014-08-05 11:14:17    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 09:05:56    1025208    ----a-w-    C:\Windows\System32\Sysmon.exe
2014-07-25 00:35:46    875688    ----a-w-    C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47:06    869544    ----a-w-    C:\Windows\System32\msvcr120_clr0400.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24:50    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-06-30 22:14:53    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
.
============= FINISH: 15:30:38.87 ===============
 

_____________________________________________________________________________

Attachment : Attached File  attach.txt   17.28KB   0 downloads



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,241 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:51 PM

Posted 29 September 2014 - 07:35 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#5 Sigdun

Sigdun
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 29 September 2014 - 08:47 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by ROD (administrator) on HP-RODPC on 29-09-2014 15:44:15
Running from C:\Users\ROD\Downloads
Loaded Profile: ROD (Available profiles: ROD)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
() C:\Windows\SysWOW64\ASGT.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(Mirics Semiconductor Ltd) C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
(Akamai Technologies, Inc.) C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(PiratesAhoy! Community) C:\Games\Bethesda Softworks\Pirates of the Caribbean\ENGINE.exe
(Farbar) C:\Users\ROD\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [385024 2009-04-04] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-12] (F-Secure Corporation)
HKLM-x32\...\Run: [PTNMWND] => C:\Program Files (x86)\Brother\ES Status Monitor\ptnmwnd.exe [1003520 2012-03-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [F-Secure Hoster (54599)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-14] (AMD)
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\Run: [Akamai NetSession Interface] => C:\Users\ROD\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\MountPoints2: F - F:\AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-3851362600-1776725486-3178213573-1000\...\MountPoints2: G - G:\AUTORUN.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {A28BE582-7684-435C-863A-1AFA11D7222A} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {3D66AA59-3486-4202-89F5-B53A2E5F40E6} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Xs4all Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: cdl - No CLSID Value -
Handler: file - No CLSID Value -
Handler: ftp - No CLSID Value -
Handler: local - No CLSID Value -
Handler: mk - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cdl - No CLSID Value -
Handler-x32: file - No CLSID Value -
Handler-x32: ftp - No CLSID Value -
Handler-x32: local - No CLSID Value -
Handler-x32: mk - No CLSID Value -
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-24] (EasyBits Software Corp.)
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: United States English Spellchecker - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-23]
FF Extension: Woordenboek Nederlands - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\nl-NL@dictionaries.addons.mozilla.org [2013-01-20]
FF Extension: No Name - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} [2012-10-31]
FF Extension: Ghostery - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\firefox@ghostery.com.xpi [2013-08-22]
FF Extension: Adblock Plus - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-17]
FF Extension: DownThemAll! - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-03-21]
FF Extension: QuickJava - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-01-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{32921709-2748-4482-872e-0871b704751e}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2013-12-09]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (BYOND stub plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npbyond.dll (BYOND)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (SOE Web Installer) - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Profile: C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Adblock Plus) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-08]
CHR Extension: (Google Search) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Online Safety) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2014-05-27]
CHR Extension: (Skype Click to Call) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Gmail) - C:\Users\ROD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-06-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-01-29] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-01-29] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-12] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation)
R2 hcwD3bda_dvbt; C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2641920 2010-12-16] (Mirics Semiconductor Ltd)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [24376 2010-03-01] ()
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2012-07-02] ()
S3 fsccsys1346934493; C:\Windows\System32\drivers\fsccsys.sys [58424 2012-09-28] (F-Secure Corporation)
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 hcwD3bda; C:\Windows\System32\DRIVERS\hcwD3bda64.sys [116352 2010-06-29] (Mirics)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [33512 2014-09-19] ()
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2011-07-15] (Creative Technology Ltd.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 X6va007; \??\C:\Users\ROD\AppData\Local\Temp\007713C.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 15:44 - 2014-09-29 15:44 - 00000000 ____D () C:\FRST
2014-09-29 15:43 - 2014-09-29 15:44 - 02108928 _____ (Farbar) C:\Users\ROD\Downloads\FRST64(2).exe
2014-09-29 15:43 - 2014-09-29 15:43 - 02108928 _____ (Farbar) C:\Users\ROD\Downloads\FRST64(1).exe
2014-09-27 16:23 - 2014-09-27 16:24 - 00066248 _____ () C:\Users\ROD\Downloads\Addition.txt
2014-09-27 16:22 - 2014-09-29 15:44 - 00026155 _____ () C:\Users\ROD\Downloads\FRST.txt
2014-09-27 16:22 - 2014-09-27 16:22 - 02108928 _____ (Farbar) C:\Users\ROD\Downloads\FRST64.exe
2014-09-26 17:57 - 2014-09-26 18:54 - 00000000 ____D () C:\New folder
2014-09-25 21:15 - 2014-09-25 21:15 - 00000084 _____ () C:\Users\ROD\Documents\TBMR.txt
2014-09-24 21:11 - 2014-09-24 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 08:42 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:42 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:41 - 2014-09-24 08:44 - 00000000 ____D () C:\AdwCleaner
2014-09-23 09:54 - 2014-09-23 09:54 - 00000000 ____D () C:\Users\ROD\Documents\Stronghold Crusader 2
2014-09-20 10:12 - 2014-09-20 10:12 - 00000000 ____D () C:\ProgramData\PDFC
2014-09-20 09:21 - 2014-09-20 09:21 - 00000000 ____D () C:\Users\ROD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maestro
2014-09-20 09:21 - 2014-09-20 09:21 - 00000000 ____D () C:\Program Files (x86)\Maestro
2014-09-19 14:17 - 2014-09-19 14:17 - 00036233 _____ () C:\Users\ROD\Documents\HP-RODPC.speccy
2014-09-19 14:17 - 2014-09-19 14:17 - 00000000 ____D () C:\Program Files\Speccy
2014-09-19 10:23 - 2014-09-19 10:23 - 00033512 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-19 10:23 - 2014-09-19 10:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-19 09:46 - 2014-09-20 09:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-19 09:38 - 2014-09-19 09:38 - 00000000 ____D () C:\Windows\ERUNT
2014-09-19 09:37 - 2014-09-19 09:37 - 00000376 _____ () C:\DelFix.txt
2014-09-19 09:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-10 15:41 - 2014-08-15 17:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 15:41 - 2014-08-15 17:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 15:41 - 2014-08-15 17:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 15:41 - 2014-08-15 17:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 15:41 - 2014-08-15 17:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 15:41 - 2014-08-15 17:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 15:41 - 2014-08-15 17:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 15:41 - 2014-08-15 17:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 15:41 - 2014-08-15 17:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 15:41 - 2014-08-15 17:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-10 15:41 - 2014-08-15 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 15:41 - 2014-08-15 17:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 15:41 - 2014-08-15 17:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-10 15:41 - 2014-08-15 17:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-10 15:41 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 15:41 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 15:41 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 15:41 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 15:41 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 15:41 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 15:41 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 15:41 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 15:41 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-10 15:41 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 15:41 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 15:41 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 15:41 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-10 15:41 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-10 15:24 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 15:24 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 09:00 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:00 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:59 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 08:59 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 08:58 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:58 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:58 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:58 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:58 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-07 17:16 - 2014-09-19 22:29 - 00000000 ____D () C:\Users\ROD\AppData\Local\Adobe
2014-09-05 15:29 - 2014-09-05 15:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 __SHD () C:\Cypher License Information LT
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\ROD\AppData\Roaming\DLsite
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 _____ () C:\Windows\startup.INI
2014-09-02 22:36 - 2014-09-02 22:36 - 00000000 ____D () C:\Users\ROD\Downloads\2013CL0029
2014-09-02 22:28 - 2014-09-02 22:28 - 05743610 _____ () C:\Users\ROD\Downloads\Z001335.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 13:53 - 2011-09-12 18:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 13:53 - 2011-09-11 14:58 - 00000000 ____D () C:\Users\ROD\AppData\Local\CrashDumps
2014-09-29 13:49 - 2013-06-16 13:56 - 00000000 ____D () C:\Users\ROD\Trainer
2014-09-29 11:22 - 2011-11-10 17:56 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForROD
2014-09-29 11:22 - 2011-11-10 17:56 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForROD.job
2014-09-29 09:29 - 2012-07-02 09:10 - 00003370 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-09-29 09:29 - 2012-07-02 09:10 - 00000596 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-09-29 09:29 - 2011-07-24 03:53 - 01864178 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 10:18 - 2012-06-23 13:46 - 00000000 ____D () C:\Users\ROD\Foto's
2014-09-28 09:31 - 2012-03-02 15:29 - 00000000 ____D () C:\Users\ROD\Documents\The Lord of the Rings Online
2014-09-27 13:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 09:32 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 09:32 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 09:17 - 2013-05-13 23:38 - 00000000 ____D () C:\Users\ROD\AppData\Local\Turbine
2014-09-25 15:37 - 2011-09-04 16:15 - 00007600 _____ () C:\Users\ROD\AppData\Local\Resmon.ResmonCfg
2014-09-25 15:19 - 2012-04-25 10:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 15:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 15:19 - 2009-07-14 06:51 - 00020678 _____ () C:\Windows\setupact.log
2014-09-25 12:54 - 2011-09-12 18:49 - 00000000 ____D () C:\Users\ROD\AppData\Local\Paint.NET
2014-09-25 12:53 - 2011-09-02 11:06 - 00001190 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-09-25 12:53 - 2011-09-02 11:06 - 00001178 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-09-25 12:52 - 2011-09-02 11:06 - 00000000 ____D () C:\Program Files\Paint.NET
2014-09-24 08:45 - 2010-11-21 05:47 - 00437748 _____ () C:\Windows\PFRO.log
2014-09-23 09:54 - 2013-06-16 14:08 - 00000000 ____D () C:\ProgramData\Firefly Studios
2014-09-23 09:50 - 2011-07-24 03:08 - 00618508 _____ () C:\Windows\DirectX.log
2014-09-22 23:07 - 2009-07-14 07:13 - 00812992 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-20 10:18 - 2012-03-02 11:42 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-09-20 10:14 - 2013-12-08 12:18 - 00000000 ____D () C:\Users\ROD\AppData\Local\EasyABC
2014-09-20 10:13 - 2011-07-24 03:00 - 00000000 ____D () C:\ProgramData\CyberLink
2014-09-20 10:12 - 2013-01-21 11:59 - 00000023 _____ () C:\Windows\ODBCINST.INI
2014-09-20 10:11 - 2011-07-24 02:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-20 09:43 - 2011-08-17 10:44 - 00002441 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-20 09:26 - 2013-04-17 18:28 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 09:26 - 2013-04-17 18:28 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 14:09 - 2014-08-15 11:36 - 00000000 ____D () C:\Users\ROD\Downloads\powder-89.2-win32
2014-09-19 14:09 - 2014-05-25 13:36 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-09-19 10:10 - 2013-05-22 21:58 - 00002992 _____ () C:\Windows\System32\Tasks\{484FA93A-2221-45DD-9B04-AE34B3F9C3C1}
2014-09-19 10:10 - 2013-04-17 18:28 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-19 10:10 - 2013-04-17 18:28 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-19 10:10 - 2011-11-30 22:09 - 00002932 _____ () C:\Windows\System32\Tasks\{B2CB4695-DDD5-4D5E-94A1-BF6E2A7D5331}
2014-09-19 09:50 - 2013-10-19 09:03 - 00000000 ____D () C:\Users\ROD\Downloads\tedit
2014-09-15 12:11 - 2013-09-17 18:56 - 00000000 ____D () C:\Users\ROD\AppData\Roaming\Guild Wars 2
2014-09-15 12:11 - 2012-08-04 08:37 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-09-12 19:36 - 2011-08-22 16:21 - 00000000 ____D () C:\Users\ROD\Documents\My Games
2014-09-10 17:10 - 2012-03-31 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 17:10 - 2011-08-17 10:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 15:42 - 2011-08-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 15:40 - 2013-07-19 23:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:40 - 2011-02-11 19:15 - 00796794 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 15:25 - 2011-08-17 12:18 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-07 10:33 - 2012-03-20 14:35 - 00000000 ____D () C:\Users\ROD\Downloads\ABC
2014-09-06 17:00 - 2011-09-11 15:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 15:43 - 2011-12-23 20:21 - 00000000 ____D () C:\ProgramData\Origin
2014-09-06 15:33 - 2012-11-25 11:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-06 14:49 - 2013-11-03 22:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 14:36 - 2011-12-23 20:21 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-06 14:29 - 2012-04-13 16:44 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-09-05 15:29 - 2012-12-11 19:58 - 00000000 ____D () C:\Users\ROD\AppData\Local\Origin
2014-09-05 15:29 - 2012-11-25 11:39 - 00000000 ____D () C:\Users\ROD\AppData\Roaming\Origin

Files to move or delete:
====================
C:\Users\ROD\jagex_cl_runescape_LIVE.dat
C:\Users\ROD\jagex_cl_runescape_LIVE1.dat
C:\Users\ROD\jagex_cl_runescape_LIVE2.dat
C:\Users\ROD\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\ROD\random.dat


Some content of TEMP:
====================
C:\Users\ROD\AppData\Local\Temp\BRSVC_500607_hlp.exe
C:\Users\ROD\AppData\Local\Temp\CH.dll
C:\Users\ROD\AppData\Local\Temp\CH2.dll
C:\Users\ROD\AppData\Local\Temp\Copy.dll
C:\Users\ROD\AppData\Local\Temp\drm_dialogs.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\ROD\AppData\Local\Temp\paint.net.4.0.3.install.exe
C:\Users\ROD\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 09:37

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by ROD at 2014-09-29 15:44:51
Running from C:\Users\ROD\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Computer Security (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Security (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
AddCustomPaper (x32 Version: 1.4.0 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Age of Conan: Unchained (HKLM-x32\...\Age of Conan_is1) (Version:  - Funcom)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.3.103.20214 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Application Profiles (HKLM-x32\...\{FC529949-EECA-2BF6-02AC-8041AD76B4B5}) (Version: 2.0.4602.34575 - Advanced Micro Devices, Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.0.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.0.1 - ASUSTek COMPUTER INC.) Hidden
ASUS VGA Driver (x32 Version: 3.0.0.1 - ASUSTek) Hidden
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
B9100 (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Blockland (HKLM-x32\...\Blockland) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother Printer Setting Tool (HKLM-x32\...\{8DA2E2DC-C572-4F87-89FC-833DB588CC7B}) (Version: 1.1.0020 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (HKLM-x32\...\{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2300 - Brother Industries, Ltd.)
BSIZE_CDA_B9100_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
BYOND (HKLM-x32\...\BYOND) (Version: 496.1145 - BYOND)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.9.0.8 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.11 (HKLM-x32\...\Digital Photo Professional) (Version: 3.11.26.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Cobalt (HKLM-x32\...\Cobalt) (Version:  - )
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer™ 3: Kane's Wrath (HKLM-x32\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Electronic Arts Inc.)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic Entertainment)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Computer Security 12.89.105.0 (release) (x32 Version: 12.89.105.0 - F-Secure Corporation) Hidden
Course Vector .minerva (HKLM-x32\...\com.coursevector.minerva) (Version: 3.5.0 - UNKNOWN)
Course Vector .minerva (x32 Version: 3.5.0 - UNKNOWN) Hidden
CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - Trion Worlds)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Desura: Realm Explorer (HKLM-x32\...\Desura_75299366633504) (Version: Alpha - RealmSource)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Digital Camera Utility 5 (HKLM\...\{3543A4FC-E5BA-4745-994C-3D2BE7841CFC}) (Version: 5.0.0 - RICOH IMAGING COMPANY, LTD.)
Divinity 2 Developers Cut (HKLM-x32\...\Divinity 2 Developers Cut_is1) (Version:  - GOG.com)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
ES Status Monitor (x32 Version: 1.03.0004 - Brother Industries, ltd.) Hidden
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version:  - Lionhead Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FAM 1.0.0.0 (HKLM-x32\...\FAM) (Version: 1.0.0.0 - Korrd)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Realms (HKCU\...\SOE-Free Realms) (Version:  - Sony Online Entertainment)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
Freelancer Companion 2.02 (HKLM-x32\...\FLCompanion-{0A8EB4BA-8147-460B-9B0C-6D5B32F3FF41}) (Version: 2.02 - Olivier Marcoux)
F-Secure CCF Reputation (x32 Version: 1.1.25.2280 - F-Secure) Hidden
F-Secure CCF Scanning 1.43.102.193 (release) (x32 Version: 1.43.102.193 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.0.0.0 (release) (x32 Version: 1.0.0.0 - F-Secure Corporation) Hidden
F-Secure Security Panel (HKLM-x32\...\F-Secure ServiceEnabler 54599) (Version: 1.89.205.0 - F-Secure Corporation)
F-Secure Security Panel (x32 Version: 1.89.205.0 - F-Secure Corporation) Hidden
GECK - New Vegas Edition (HKLM-x32\...\Steam App 22480) (Version:  - )
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GNU Ghostscript 7.06 (HKLM-x32\...\GNU Ghostscript 7.06) (Version:  - )
GNU Ghostscript Fonts (HKLM-x32\...\GNU Ghostscript Fonts) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.2 - goldensoft.org)
Guild Wars (HKLM-x32\...\Guild Wars) (Version:  - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heaven DX11 Benchmark version 3.0 (HKLM\...\Unigine Heaven DX11 Benchmark (Basic Edition)_is1) (Version: 3.0 - Unigine Corp.)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.4 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart 6510 series Basic Device Software (HKLM\...\{1952AED6-2908-418F-B9D8-AC359651F92D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart B9100 Printer Driver Software 13.0 Rel. A (HKLM\...\{F40C3DA3-595C-4ED3-99AE-06CDF75F6F92}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Pro print plug-in for Adobe Photoshop ® (HKLM-x32\...\{E9D84FC1-A0B3-4527-B606-AC255470B72F}) (Version: 1.2.107 - http://www.hp.com/support)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.14.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.230.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
King Arthur's Gold Beta (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
K-Lite Codec Pack 10.0.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kobo (HKLM-x32\...\Kobo) (Version: /Qt-5.2.0 - Kobo Inc.)
Maestro (HKLM-x32\...\{E1565959-7282-4AD7-BAE2-2B40F8AD8A6B}) (Version: 2.0.0 - Digero)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XML Parser (x32 Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Mozilla Firefox 32.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-GB)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.5 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.4 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online Safety 2.93.2123.16 (x32 Version: 2.93.2123.16 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenRA (HKLM-x32\...\OpenRA) (Version:  - OpenRA developers)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDFtoMusic Pro (HKLM-x32\...\PDFtoMusic Pro) (Version:  - )
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
Pirates of the Caribbean (HKLM-x32\...\{C1157104-1574-4BD2-99C7-0AAB5DF4275F}) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Recon Software (HKLM-x32\...\{52E335F8-0177-4999-8ABA-06F2A319F748}) (Version: 1.22 - Cooler Master)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Renegade Ops (HKLM-x32\...\Steam App 99300) (Version:  - Avalanche Studios)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version:  - Ascaron)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Silverfall (HKLM-x32\...\Steam App 4420) (Version:  - Monte Cristo)
Silverfall: Earth Awakening (HKLM-x32\...\Steam App 4470) (Version:  - Monte Cristo)
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7006 - Six Projects)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SPORE™ Creepy & Cute Parts Pack (HKLM-x32\...\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}) (Version: 1.00.0000 - Electronic Arts)
SPORE™ Galactic Adventures (HKLM-x32\...\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}) (Version: 1.00.0000 - Electronic Arts)
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.27 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Starpoint Gemini 2 (HKLM-x32\...\Steam App 236150) (Version:  - Little Green Man Games)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
Stronghold Crusader 2 Map Editor (HKLM-x32\...\Steam App 321900) (Version:  - )
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings Online™ v03.08.00.8025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8025 - Turbine, Inc.)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Settlers 7: Paths to a Kingdom - Gold Edition (HKLM-x32\...\Steam App 48210) (Version:  - )
The Settlers IV (HKLM-x32\...\S4Uninst) (Version:  - )
The Settlers: Rise of an Empire Gold Edition   (HKLM-x32\...\Steam App 19930) (Version:  - Blue Byte)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version:  - Yeti Trunk)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Warhammer® 40,000®: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDI Recognition System Pro 4.03 (remove only) (HKLM-x32\...\WIDI Recognition System Pro 4.03) (Version:  - )
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
World of Warcraft Model Viewer 64-bit (HKLM\...\{93D15425-809E-499E-9E69-A0C1DE8EE741}) (Version: 07.04.000 - WoWModelViewer.org)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - )
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version:  - Egosoft)
X-Universe Plugin Manager 1.40 (HKLM-x32\...\X-Universe Plugin Manager_is1) (Version: 1.40 - Cycrow)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-09-2014 07:18:24 Windows Update
25-09-2014 10:52:09 paint.net 4.0.3

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-05-25 13:36 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F5ED016-8929-47C0-B08B-FBCE7B285156} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe [2009-02-28] ()
Task: {23F4AA5F-3BC1-4C13-A024-31C1B1BA38DB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {291F7ED6-AB44-4256-B09A-68BEAF2ACC1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {3DA1945D-D87E-426D-BC55-325B729505C8} - System32\Tasks\{B2CB4695-DDD5-4D5E-94A1-BF6E2A7D5331} => C:\Program Files (x86)\clipbrd.exe
Task: {74A7A8A8-6FA0-4444-B1E4-4CD04ABA8815} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-12] (F-Secure Corporation)
Task: {8D14D717-F38B-43BC-949B-A92A8AB55067} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-17] (Google Inc.)
Task: {9218561B-0E46-482F-A02F-3D187BEC9BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-17] (Google Inc.)
Task: {9C1603C8-5CA5-429D-813F-B5D5680CA79B} - System32\Tasks\HPCeeScheduleForROD => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {BCE8BDA8-F462-4119-A8DB-602BD9C59628} - System32\Tasks\{484FA93A-2221-45DD-9B04-AE34B3F9C3C1} => C:\Users\ROD\Downloads\WoWModelViewer_7.0.5\WowModelViewer32.exe
Task: {C4E9002E-2344-473E-8292-A18109316555} - System32\Tasks\{38E30804-C044-4BE3-8826-406D8D17609F} => C:\Users\ROD\Trainer\tsc-Xirukai.exe [2014-04-08] ()
Task: {E1622DE5-9D01-4E96-AFCB-19407D0069F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForROD.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\apps\COMPUT~1\ANTI-V~1\fsav.exe

==================== Loaded Modules (whitelisted) =============

2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2011-07-24 02:47 - 2009-12-19 05:18 - 00420864 _____ () C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\cutil64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-08-17 16:45 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-07-24 03:01 - 2009-02-28 04:13 - 00053248 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
2012-07-02 09:09 - 2013-08-12 17:04 - 00045504 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.ENG
2013-10-30 10:56 - 2013-10-30 10:56 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2012-07-02 09:13 - 2012-07-02 09:13 - 00030888 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2012-07-02 09:09 - 2013-12-11 09:56 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2012-07-02 09:09 - 2014-05-21 11:19 - 00949288 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2012-08-09 23:00 - 2012-08-09 23:00 - 00192512 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2012-08-09 23:00 - 2012-08-09 23:00 - 00049152 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2012-07-02 09:09 - 2013-08-12 17:04 - 00056256 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.ENG
2012-07-02 09:09 - 2013-08-12 17:04 - 00154560 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\flyerres.ENG
2013-03-18 17:57 - 2013-03-18 17:57 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-24 03:01 - 2009-02-20 02:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2014-09-24 21:11 - 2014-09-24 21:12 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-30 18:50 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 18:50 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 18:50 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 18:10 - 2014-09-03 21:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 09:28 - 2014-09-23 06:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 18:50 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 18:50 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-09-12 18:35 - 2014-09-23 06:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-09-12 18:35 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-16 15:41 - 2014-09-05 01:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-09-21 22:46 - 2011-09-21 22:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2013-11-21 17:12 - 2008-09-03 10:18 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\ActionInterface.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00090112 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\animals.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00167936 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Animation.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\artifact.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00061440 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\BallSplash.dll
2013-11-21 17:12 - 2012-11-09 04:43 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\battle_interface.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00065536 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\blade.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Blot.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00057344 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\CameraDialog.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00053248 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\COLLIDE.dll
2013-11-21 17:12 - 2008-09-03 17:50 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DateTimeShowInterface.dll
2013-11-21 17:12 - 2008-06-13 20:41 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DIALG2.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DIALOG.dll
2013-11-21 17:12 - 2003-05-10 16:49 - 00053248 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DUMMY.dll
2013-11-21 17:12 - 2003-05-10 16:49 - 00057344 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DUMMY2.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00274432 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\DX8RENDER.dll
2013-11-21 17:12 - 2008-05-02 17:58 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag1.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag2.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag3.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag4.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag5.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\fortflag6.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\GEOMETRY.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00098304 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\ISLAND.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00131072 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Lighter.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00294912 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Location.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\locator.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\MAST.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag1.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag2.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag3.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag4.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag5.dll
2013-11-21 17:12 - 2009-06-20 23:13 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merchantflag6.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant1.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant2.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant3.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant4.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant5.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\merpennant6.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00069632 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\MODEL.dll
2013-11-21 17:12 - 2008-06-30 10:59 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\NBGunsInterface.dll
2013-11-21 17:12 - 2008-06-30 11:01 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\NFGunsInterface.dll
2013-11-21 17:12 - 2008-06-30 11:28 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\NLGunsInterface.dll
2013-11-21 17:12 - 2008-06-30 11:30 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\NRGunsInterface.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\PARTICLES.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00057344 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\PCS_CONTROLS.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00073728 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\PC_CONTROLS.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant1.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant2.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant3.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant4.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant5.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pennant6.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00090112 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\PEOPLES_ON_SHIP.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag1.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag2.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag3.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag4.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag5.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perflag6.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant1.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant2.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant3.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant4.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant5.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\perpennant6.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag1.dll
2013-11-21 17:12 - 2009-06-20 23:14 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag2.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag3.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag4.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag5.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirflag6.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant1.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant2.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant3.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant4.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant5.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\pirpennant6.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\rigging.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00053248 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SCRIPT_LIBRIARY.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00192512 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\sea.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SeaCreatures.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00094208 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\seafoam.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00172032 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\sea_ai.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00081920 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SEA_CAMERAS.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00286793 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SEA_OPERATOR.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00069632 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shadow.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00102400 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\ship.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shipflag2.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shipflag3.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shipflag4.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shipflag5.dll
2013-11-21 17:12 - 2009-06-20 23:15 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shipflag6.dll
2013-11-21 17:12 - 2013-08-24 15:15 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shiplamp.dll
2013-11-21 17:12 - 2011-11-11 17:34 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shippowinterface.dll
2013-11-21 17:12 - 2010-07-11 13:37 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\shprollinterface.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00077824 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\sink_effect.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00057344 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SOUND.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00196608 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\SoundService.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00065536 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Teleport.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00061440 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\telescope.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00090112 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\Tornado.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00069632 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\touch.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00057344 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\WaterRings.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00184320 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\WEATHER.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\WorldMap.dll
2013-11-21 17:12 - 2008-05-01 17:48 - 00176128 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\WrldMap2.dll
2013-11-21 17:12 - 2004-11-12 19:19 - 00442368 _____ () C:\Games\Bethesda Softworks\Pirates of the Caribbean\modules\XINTERFACE.dll
2013-09-27 16:56 - 2013-09-12 20:00 - 00249856 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll
2013-09-27 16:56 - 2013-09-12 20:00 - 07457792 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll
2013-09-27 16:56 - 2013-09-12 20:00 - 00386048 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
2013-09-27 16:56 - 2013-09-12 20:00 - 00212992 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupreg: ezRecover.exe => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: pdfsty.exe => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3851362600-1776725486-3178213573-500 - Administrator - Disabled)
Guest (S-1-5-21-3851362600-1776725486-3178213573-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3851362600-1776725486-3178213573-1002 - Limited - Enabled)
ROD (S-1-5-21-3851362600-1776725486-3178213573-1000 - Administrator - Enabled) => C:\Users\ROD

==================== Faulty Device Manager Devices =============

Name: Photosmart Pro B9100 series
Description: Photosmart Pro B9100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart 6510 series
Description: Photosmart 6510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2014 01:53:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x1de4
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/29/2014 01:50:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x1f9c
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/29/2014 01:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x688
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/29/2014 01:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x1618
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/29/2014 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x1720
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/29/2014 01:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: StarpointGemini2.exe, version: 0.0.0.0, time stamp: 0x5428928d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000005fe
Faulting process id: 0x9ac
Faulting application start time: 0xStarpointGemini2.exe0
Faulting application path: StarpointGemini2.exe1
Faulting module path: StarpointGemini2.exe2
Report Id: StarpointGemini2.exe3

Error: (09/28/2014 09:31:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x308
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (09/28/2014 09:22:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 32.0.3.5379 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f8c

Start Time: 01cfdb5115eb5719

Termination Time: 18

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: bb275143-4744-11e4-a571-e06995b11187

Error: (09/28/2014 09:22:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0xb08
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3


System errors:
=============
Error: (09/29/2014 09:29:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/29/2014 09:29:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/29/2014 09:29:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/29/2014 09:29:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/29/2014 09:29:07 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/29/2014 09:29:07 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/29/2014 09:29:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/29/2014 09:29:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/29/2014 09:29:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/29/2014 09:29:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (09/29/2014 01:53:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe1de401cfdbdbec856648C:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknown447c1fdc-47cf-11e4-a571-e06995b11187

Error: (09/29/2014 01:50:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe1f9c01cfdbdb833eda59C:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknowndad3754e-47ce-11e4-a571-e06995b11187

Error: (09/29/2014 01:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe68801cfdbdb4f8e48d8C:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknown9565c45e-47ce-11e4-a571-e06995b11187

Error: (09/29/2014 01:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe161801cfdbdb2428f20dC:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknown6cb78171-47ce-11e4-a571-e06995b11187

Error: (09/29/2014 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe172001cfdbd7e484207eC:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknown1ea291c2-47ce-11e4-a571-e06995b11187

Error: (09/29/2014 01:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StarpointGemini2.exe0.0.0.05428928dunknown0.0.0.000000000c0000005000005fe9ac01cfdbd760e40bfaC:\Program Files (x86)\Steam\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exeunknown19900c10-47cb-11e4-a571-e06995b11187

Error: (09/28/2014 09:31:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b30801cfdb51cadeca62C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll00022f86-4746-11e4-a571-e06995b11187

Error: (09/28/2014 09:22:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.3.5379f8c01cfdb5115eb571918C:\Program Files (x86)\Mozilla Firefox\firefox.exebb275143-4744-11e4-a571-e06995b11187

Error: (09/28/2014 09:22:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141bb0801cfdb512e3558e5C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllbc454892-4744-11e4-a571-e06995b11187


CodeIntegrity Errors:
===================================
  Date: 2011-12-24 00:09:45.197
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\ROD\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-24 00:09:45.187
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\ROD\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 14316.31 MB
Available physical RAM: 10954.32 MB
Total Pagefile: 28630.8 MB
Available Pagefile: 24566.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1850.97 GB) (Free:1033.72 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.94 GB) (Free:1.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 8D015C50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1851 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,241 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:51 PM

Posted 29 September 2014 - 12:52 PM



Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
HKLM-x32\...\Run: [] => [X]
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (SOE Web Installer) - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 X6va007; \??\C:\Users\ROD\AppData\Local\Temp\007713C.tmp [X]
C:\Users\ROD\AppData\Local\Temp\BRSVC_500607_hlp.exe
C:\Users\ROD\AppData\Local\Temp\CH.dll
C:\Users\ROD\AppData\Local\Temp\CH2.dll
C:\Users\ROD\AppData\Local\Temp\Copy.dll
C:\Users\ROD\AppData\Local\Temp\drm_dialogs.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\ROD\AppData\Local\Temp\paint.net.4.0.3.install.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#7 Sigdun

Sigdun
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 30 September 2014 - 01:06 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-09-2014
Ran by ROD at 2014-09-30 07:58:28 Run:1
Running from C:\Users\ROD\Downloads
Loaded Profile: ROD (Available profiles: ROD)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (SOE Web Installer) - C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 X6va007; \??\C:\Users\ROD\AppData\Local\Temp\007713C.tmp [X]
C:\Users\ROD\AppData\Local\Temp\BRSVC_500607_hlp.exe
C:\Users\ROD\AppData\Local\Temp\CH.dll
C:\Users\ROD\AppData\Local\Temp\CH2.dll
C:\Users\ROD\AppData\Local\Temp\Copy.dll
C:\Users\ROD\AppData\Local\Temp\drm_dialogs.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7370014.dll
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3" => Key deleted successfully.
C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\ROD\AppData\Roaming\Mozilla\Firefox\Profiles\f4hkafsy.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll not found.
C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll not found.
C:\Windows\SysWOW64\npDeployJava1.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll not found.
MBAMSwissArmy => Service deleted successfully.
X6va007 => Service deleted successfully.
"C:\Users\ROD\AppData\Local\Temp\BRSVC_500607_hlp.exe" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\CH.dll" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\CH2.dll" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\Copy.dll" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\drm_dialogs.dll" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7330017.dll" => File/Directory not found.
"C:\Users\ROD\AppData\Local\Temp\drm_dyndata_7370014.dll" => File/Directory not found.

==== End of Fixlog ====

 

 

Problem still persists, it seems that my HDD chokes up on something and once that's done during start-up after logging in. I can use the computer normally.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,241 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:51 PM

Posted 06 October 2014 - 09:04 AM

You have a number of error with this program
Faulting application name: StarpointGemini2.exe

Refer to this article and see if it can help.

http://steamcommunity.com/app/236150/discussions/0/522728269060139239/?l=italian
===

You may be able to find the culprit by performing a Clean Startup
Follow the instructions on this page.
http://www.sevenforums.com/tutorials/179159-troubleshoot-application-conflicts-performing-clean-startup.html

+++

Keep me posted.

#9 Sigdun

Sigdun
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 06 October 2014 - 02:41 PM

Starpoint Gemini 2 exe errors are related to it being a computer game.

 

Doing those clean startups now to find the culprit through there.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users