Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Numerous dllhost.exe Processes - Malware


  • This topic is locked This topic is locked
31 replies to this topic

#1 sfl1983

sfl1983

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 23 September 2014 - 03:58 AM

Dear Bleeping Computer

 

Numerous dllhost.exe processes running at the same time - slowing computer to unusable state

 

I have read a number of posts and your informative replies assisting people with the subject problem.

 

I seem to be having the same problem, and would be grateful if you could assist me too.

 

I have run a number of Malware/Virus scanners, and whilst they all seem to detect some threat or another, the problem remains.

 

When I try to end the numerous dllhost.exe processes in Task Manager, they just keep reappearing.

 

My Security Center also seems to have been turned off, and am told when I try to turn it back on that it can't be started. How do I fix this as well?

 

I have copied the relevant initial logs that I see others have provided below.

 

Thank you very much, I appreciate any help you can give me.

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by Sean (administrator) on SEAN-PC on 23-09-2014 18:31:13
Running from C:\Users\Sean\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] => C:\Windows\sm56hlpr.exe [544768 2005-05-26] (Motorola Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-03-01] (Synaptics, Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2007-12-20] ()
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\ASScrProlog.exe [37232 2007-12-20] ()
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-02] (Nero AG)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [Griffith Printing] => C:\Program Files\Griffith Printing\PcounterClient.exe [633856 2011-05-30] (A.N.D. Technologies, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104 2014-02-24] (ESET)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [451872 2007-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6690072 2014-09-10] (SUPERAntiSpyware)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP3000 Status Window.lnk
ShortcutTarget: Canon LBP3000 Status Window.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\CNAB3LAK.EXE (CANON INC.)
Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRU-Blaster Silent Clean.lnk
ShortcutTarget: MRU-Blaster Silent Clean.lnk -> C:\Program Files\MRU-Blaster\mrublaster.exe ()
Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
BootExecute: autocheck autochk * lsdeletesdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
URLSearchHook: HKCU - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} -  No File
URLSearchHook: HKCU - (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} -  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850
FF DefaultSearchEngine: Search By ZoneAlarm
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF user.js: detected! => C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Shell Name Space ListView - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850\Extensions\{ADFE2C24-5DB6-5ED4-1E12-31D906C4910D} [2014-09-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-19]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR RestoreOnStartup: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> google.com.au
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Facebook Plugin) - C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR CustomProfile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-19] (Emsisoft GmbH)
S2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] () [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2005-10-01] (Canon Inc.) [File not signed]
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1343408 2014-02-24] (ESET)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-09-19] (SurfRight B.V.)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 Lavasoft Ad-Aware Service; "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [187808 2013-09-17] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
S3 hitmanpro35; C:\Windows\system32\drivers\hitmanpro35.sys [23624 2011-11-23] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-09-21] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-06-11] (Lavasoft AB)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-15] (PixArt Imaging Inc.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:31 - 2014-09-23 18:32 - 00019569 _____ () C:\Users\Sean\Desktop\FRST.txt
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\ESET
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Local\ESET
2014-09-22 20:26 - 2014-09-22 20:27 - 00000000 ____D () C:\Windows\LastGood
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\Program Files\ESET
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setupact.log
2014-09-22 19:21 - 2014-09-22 19:27 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(2).msi
2014-09-22 19:10 - 2014-09-22 19:15 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(1).msi
2014-09-22 18:40 - 2014-09-22 18:47 - 117473528 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\msert.exe
2014-09-21 23:35 - 2014-09-22 18:38 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall(1).exe
2014-09-21 23:23 - 2014-09-21 23:23 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-09-21 23:03 - 2014-09-21 23:07 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu.msi
2014-09-21 22:10 - 2014-09-23 18:31 - 00000000 ____D () C:\FRST
2014-09-21 22:09 - 2014-09-21 22:09 - 01097728 _____ (Farbar) C:\Users\Sean\Desktop\FRST.exe
2014-09-21 21:49 - 2014-09-22 19:09 - 00002243 _____ () C:\Windows\epplauncher.mif
2014-09-21 21:48 - 2014-09-21 21:49 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall.exe
2014-09-21 21:05 - 2014-09-23 17:49 - 00714708 _____ () C:\Windows\PFRO.log
2014-09-20 10:52 - 2014-09-20 10:52 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-09-19 23:00 - 2014-09-19 23:00 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 19:49 - 2014-09-22 19:34 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-19 19:49 - 2014-09-19 19:49 - 00000855 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-09-19 19:49 - 2014-09-19 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-19 19:46 - 2014-09-19 19:48 - 163670496 _____ (Emsisoft GmbH ) C:\Users\Sean\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-19 19:34 - 2014-09-19 19:34 - 00034812 _____ () C:\Windows\system32\.crusader
2014-09-19 18:59 - 2014-09-19 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 18:52 - 2014-09-19 18:52 - 00001699 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-19 18:50 - 2014-09-19 18:50 - 00000348 _____ () C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job
2014-09-19 18:49 - 2014-09-19 19:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-19 18:48 - 2014-09-19 18:48 - 00000838 _____ () C:\Users\Public\Desktop\PC HealthBoost.lnk
2014-09-19 18:48 - 2014-09-19 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC HealthBoost
2014-09-19 18:47 - 2014-09-19 18:47 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-09-19 18:44 - 2014-09-19 18:47 - 10280824 _____ (SurfRight B.V.) C:\Users\Sean\Downloads\HitmanPro.exe
2014-09-19 18:30 - 2014-09-19 18:30 - 00106192 _____ () C:\Users\Sean\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 18:28 - 2014-09-21 23:10 - 00391568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-19 06:36 - 2006-09-19 07:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20140919-063614.backup
2014-09-18 22:25 - 2014-09-22 19:36 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-09-18 22:25 - 2014-09-19 18:28 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-09-18 22:25 - 2014-09-19 18:28 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-09-18 22:24 - 2014-09-19 06:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 22:24 - 2014-09-18 22:24 - 00001937 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00001925 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-18 22:24 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-09-18 22:23 - 2014-09-18 22:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-18 22:17 - 2014-09-18 22:20 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
2014-09-18 22:11 - 2014-09-19 06:26 - 00000841 _____ () C:\Users\Sean\Desktop\Recycle IE.lnk
2014-09-18 21:57 - 2014-09-23 03:00 - 00085886 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 21:16 - 2014-09-22 19:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:16 - 00001767 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-18 21:10 - 2014-09-18 21:11 - 19331048 _____ (SUPERAntiSpyware) C:\Users\Sean\Downloads\SUPERAntiSpyware.exe
2014-09-17 19:18 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
2014-09-17 19:15 - 2014-09-17 19:15 - 00000809 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\TuneUp Software
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-17 19:02 - 2014-09-17 19:39 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-17 19:02 - 2014-09-17 19:02 - 00000000 ___HD () C:\$AVG
2014-09-17 18:58 - 2014-09-17 18:58 - 00000000 ____D () C:\Program Files\AVG
2014-09-17 18:35 - 2014-09-17 19:40 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
2014-09-17 18:35 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData
2014-09-17 18:26 - 2014-09-17 18:31 - 153796568 _____ (AVG Technologies) C:\Users\Sean\Downloads\avg_free_x86_all_2015_5315a8160.exe
2014-09-17 18:12 - 2014-09-17 18:13 - 42570912 _____ (Check Point Software Technologies Ltd.) C:\Users\Sean\Downloads\zafwSetup_133_052_000.exe
2014-09-11 13:44 - 2014-09-12 15:42 - 00000000 ____D () C:\ProgramData\AdamIwwaz
2014-09-11 13:19 - 2014-09-21 23:24 - 00000000 ____D () C:\Users\Sean\AppData\Local\YmcPack
2014-09-11 13:18 - 2014-09-22 21:50 - 00000000 ____D () C:\Users\Sean\AppData\Local\Ektion
2014-09-10 10:36 - 2014-08-16 00:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 10:36 - 2014-08-16 00:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 10:36 - 2014-08-16 00:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 10:36 - 2014-08-16 00:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 10:36 - 2014-08-16 00:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 10:36 - 2014-08-16 00:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 10:36 - 2014-08-16 00:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 10:36 - 2014-08-16 00:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 10:36 - 2014-08-16 00:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-10 10:36 - 2014-08-16 00:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\Wondershare
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-09-07 15:18 - 2014-09-07 15:22 - 00000000 ____D () C:\Users\Sean\Documents\Wondershare Video Editor
2014-09-07 15:12 - 2014-09-07 15:12 - 00745248 _____ (Wondershare) C:\Users\Sean\Downloads\video-editor_setup_full846.exe
2014-09-07 13:58 - 2014-09-07 13:58 - 00000000 ____D () C:\Program Files\File Association Helper
2014-09-07 13:57 - 2014-09-07 13:57 - 00873680 _____ ( ) C:\Users\Sean\Downloads\winzip18-lan_en.exe
2014-08-29 00:34 - 2014-08-23 11:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 00:34 - 2014-08-23 09:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:32 - 2014-09-23 18:31 - 00019569 _____ () C:\Users\Sean\Desktop\FRST.txt
2014-09-23 18:31 - 2014-09-21 22:10 - 00000000 ____D () C:\FRST
2014-09-23 17:49 - 2014-09-21 21:05 - 00714708 _____ () C:\Windows\PFRO.log
2014-09-23 17:49 - 2010-01-23 16:29 - 00313820 _____ () C:\aaw7boot.log
2014-09-23 05:31 - 2006-11-02 22:47 - 00003296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 05:31 - 2006-11-02 22:47 - 00003296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 03:00 - 2014-09-18 21:57 - 00085886 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 01:00 - 2012-12-24 00:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 00:51 - 2012-11-28 20:57 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 21:50 - 2014-09-11 13:18 - 00000000 ____D () C:\Users\Sean\AppData\Local\Ektion
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\ESET
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Local\ESET
2014-09-22 20:27 - 2014-09-22 20:26 - 00000000 ____D () C:\Windows\LastGood
2014-09-22 20:27 - 2008-05-01 07:27 - 00000000 ____D () C:\Users\Sean
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\Program Files\ESET
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setupact.log
2014-09-22 19:45 - 2014-09-18 21:16 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-22 19:36 - 2014-09-18 22:25 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-09-22 19:34 - 2014-09-19 19:49 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-22 19:31 - 2012-11-28 20:56 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 19:31 - 2006-11-02 23:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 19:27 - 2014-09-22 19:21 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(2).msi
2014-09-22 19:15 - 2014-09-22 19:10 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(1).msi
2014-09-22 19:09 - 2014-09-21 21:49 - 00002243 _____ () C:\Windows\epplauncher.mif
2014-09-22 18:47 - 2014-09-22 18:40 - 117473528 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\msert.exe
2014-09-22 18:38 - 2014-09-21 23:35 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall(1).exe
2014-09-22 18:27 - 2007-04-18 18:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-09-22 18:27 - 2006-11-02 23:01 - 00032650 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-22 18:19 - 2011-02-20 09:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-21 23:24 - 2014-09-11 13:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\YmcPack
2014-09-21 23:23 - 2014-09-21 23:23 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-09-21 23:12 - 2007-12-20 02:26 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-09-21 23:10 - 2014-09-19 18:28 - 00391568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 23:07 - 2014-09-21 23:03 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu.msi
2014-09-21 22:26 - 2014-05-20 09:24 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 22:09 - 2014-09-21 22:09 - 01097728 _____ (Farbar) C:\Users\Sean\Desktop\FRST.exe
2014-09-21 21:49 - 2014-09-21 21:48 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall.exe
2014-09-21 21:44 - 2011-06-29 14:26 - 00000000 ____D () C:\Program Files\CheckPoint
2014-09-21 21:34 - 2008-06-10 19:18 - 00001356 _____ () C:\Users\Sean\AppData\Local\d3d9caps.dat
2014-09-21 20:31 - 2012-12-23 18:53 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 20:30 - 2008-05-01 07:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-20 10:52 - 2014-09-20 10:52 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-09-19 23:00 - 2014-09-19 23:00 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 21:19 - 2012-08-06 21:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-19 19:49 - 2014-09-19 19:49 - 00000855 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-09-19 19:49 - 2014-09-19 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-19 19:48 - 2014-09-19 19:46 - 163670496 _____ (Emsisoft GmbH ) C:\Users\Sean\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-19 19:35 - 2014-09-19 18:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-19 19:34 - 2014-09-19 19:34 - 00034812 _____ () C:\Windows\system32\.crusader
2014-09-19 19:01 - 2014-09-19 18:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 18:52 - 2014-09-19 18:52 - 00001699 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-19 18:50 - 2014-09-19 18:50 - 00000348 _____ () C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job
2014-09-19 18:48 - 2014-09-19 18:48 - 00000838 _____ () C:\Users\Public\Desktop\PC HealthBoost.lnk
2014-09-19 18:48 - 2014-09-19 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC HealthBoost
2014-09-19 18:47 - 2014-09-19 18:47 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-09-19 18:47 - 2014-09-19 18:44 - 10280824 _____ (SurfRight B.V.) C:\Users\Sean\Downloads\HitmanPro.exe
2014-09-19 18:30 - 2014-09-19 18:30 - 00106192 _____ () C:\Users\Sean\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 18:28 - 2014-09-18 22:25 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-09-19 18:28 - 2014-09-18 22:25 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-09-19 06:26 - 2014-09-18 22:11 - 00000841 _____ () C:\Users\Sean\Desktop\Recycle IE.lnk
2014-09-19 06:23 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 22:35 - 2014-09-18 22:23 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-18 22:24 - 2014-09-18 22:24 - 00001937 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00001925 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-18 22:20 - 2014-09-18 22:17 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
2014-09-18 21:48 - 2014-09-18 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:16 - 00001767 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-18 21:11 - 2014-09-18 21:10 - 19331048 _____ (SUPERAntiSpyware) C:\Users\Sean\Downloads\SUPERAntiSpyware.exe
2014-09-17 20:45 - 2014-08-02 21:36 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\vlc
2014-09-17 19:40 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
2014-09-17 19:39 - 2014-09-17 19:02 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-17 19:18 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
2014-09-17 19:15 - 2014-09-17 19:15 - 00000809 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\TuneUp Software
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-17 19:02 - 2014-09-17 19:02 - 00000000 ___HD () C:\$AVG
2014-09-17 18:58 - 2014-09-17 18:58 - 00000000 ____D () C:\Program Files\AVG
2014-09-17 18:50 - 2006-11-02 21:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 18:35 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData
2014-09-17 18:31 - 2014-09-17 18:26 - 153796568 _____ (AVG Technologies) C:\Users\Sean\Downloads\avg_free_x86_all_2015_5315a8160.exe
2014-09-17 18:13 - 2014-09-17 18:12 - 42570912 _____ (Check Point Software Technologies Ltd.) C:\Users\Sean\Downloads\zafwSetup_133_052_000.exe
2014-09-17 17:37 - 2007-04-18 19:06 - 00000000 ____D () C:\Windows\ASUS
2014-09-17 17:35 - 2013-10-26 17:26 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\uTorrent
2014-09-14 20:58 - 2008-05-01 19:06 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Skype
2014-09-14 17:01 - 2006-11-02 20:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 14:35 - 2012-08-31 20:41 - 00002587 _____ () C:\Users\Sean\Desktop\Microsoft Office Word 2007.lnk
2014-09-12 19:11 - 2011-02-19 10:24 - 00000370 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2014-09-12 15:42 - 2014-09-11 13:44 - 00000000 ____D () C:\ProgramData\AdamIwwaz
2014-09-12 09:37 - 2008-05-02 21:21 - 00237568 _____ () C:\Users\Sean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-10 20:01 - 2012-12-24 00:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 20:01 - 2012-12-24 00:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 10:36 - 2007-12-20 00:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 10:32 - 2013-08-11 08:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 10:24 - 2006-11-02 20:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-07 15:22 - 2014-09-07 15:18 - 00000000 ____D () C:\Users\Sean\Documents\Wondershare Video Editor
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\Wondershare
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-09-07 15:13 - 2006-11-02 21:18 - 00000000 ___RD () C:\Users\Public
2014-09-07 15:12 - 2014-09-07 15:12 - 00745248 _____ (Wondershare) C:\Users\Sean\Downloads\video-editor_setup_full846.exe
2014-09-07 13:58 - 2014-09-07 13:58 - 00000000 ____D () C:\Program Files\File Association Helper
2014-09-07 13:57 - 2014-09-07 13:57 - 00873680 _____ ( ) C:\Users\Sean\Downloads\winzip18-lan_en.exe
2014-09-07 13:52 - 2008-10-30 08:40 - 00000000 ___RD () C:\Users\Sean\Documents\Law School
2014-09-03 16:09 - 2013-02-22 10:44 - 00000000 ____D () C:\Users\Sean\Documents\QLS Practising Cert
2014-08-26 12:18 - 2010-12-11 18:11 - 00000000 ____D () C:\Users\Sean\Documents\Australia to UK Solicitor
2014-08-25 06:53 - 2009-10-03 08:01 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Sean\aaw2008.exe
C:\Users\Sean\OOo_2.4.1_Win32Intel_install_en-US.exe
C:\Users\Sean\wmpfirefoxplugin.exe
C:\Users\Sean\wmpplugin.exe
C:\Users\Sean\xpiinstall.exe


Some content of TEMP:
====================
C:\Users\Sean\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-23 18:04

==================== End Of Log ============================

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-09-2014 01
Ran by Sean at 2014-09-23 18:33:15
Running from C:\Users\Sean\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30263 - BitTorrent Inc.)
15354 Webcam Live (HKLM\...\{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}) (Version: 1.0.0.0 - )
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0016 - )
ASUS Splendid Video Enhancement Technology (HKLM\...\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}) (Version: 1.02.18 - ASUSTeK)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0006 - ASUS)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.1 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{553355BC-925B-4104-AB9D-F3FADEB44050}) (Version: 3.0.634.0 - ATI Technologies, Inc.)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0014 - ATK)
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4158 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.1.0.7 - )
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.0.1.3 - )
Canon LBP3000 (HKLM\...\Canon LBP3000) (Version:  - )
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.2.0.13 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.3.0.11 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.0.2.16 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.17.41 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.6.0.27 - )
Catalyst Control Center Core Implementation (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2007.0721.2141.36895 - ATI) Hidden
CCC Help Chinese Standard (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Czech (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Danish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Dutch (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help English (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Finnish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help French (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help German (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Greek (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Hungarian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Italian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Japanese (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Korean (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Norwegian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Polish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Portuguese (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Russian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Spanish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Swedish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Thai (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Turkish (Version: 2007.0721.2140.36895 - ATI) Hidden
ccc-core-static (Version: 2007.0721.2141.36895 - ATI) Hidden
ccc-utility (Version: 2007.0721.2141.36895 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EasiestSoft Movie Editor 3.9.0 (HKLM\...\{8BB65DEC-BE2C-EB66-7595-ADAE2D710380}_is1) (Version: 3.9.0 - EasiestSoft International LLC.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Copy Utility 3.4 (HKLM\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.4.0.0 - )
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON PERFECTION V30_V300 PHOTO Manual (HKLM\...\EPSON PERFECTION V30_V300 PHOTO User’s Guide) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{4939F84E-DC08-4CB5-AA6E-2D6E15CEA386}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
File Association Helper (HKLM\...\{8975E3CB-A762-4B14-BD62-A3972A098E82}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Griffith Printing (HKLM\...\{07F8C9EB-2E1D-485B-BA62-5349F80156B3}) (Version: 1.0.0.0 - Griffith Printing)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java™ 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
LightScribe  1.8.13.1 (Version: 1.8.13.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 32.0.2 (x86 en-GB) (HKLM\...\Mozilla Firefox 32.0.2 (x86 en-GB)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MRU-Blaster v1.5 (Database 3/28/2004) (HKLM\...\MRU-Blaster_is1) (Version: 1.5 - Javacool Software LLC)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}) (Version: 7.03.0188 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0013 - ATK)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5374 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (Version: 2007.0721.2141.36895 - ATI) Hidden
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{B83A8864-A85D-437E-9D4C-27350765BF46}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{9D702FFD-3C2B-44D0-9B8B-CA1A30CA555B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{F8564AF8-30AE-4427-ACF3-69714E1BB656}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.4400 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.4400 - Broadcom Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

==================== Restore Points  =========================

22-09-2014 09:52:23 avast! antivirus system restore point
22-09-2014 10:02:23 Installed ESET Smart Security

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 20:23 - 2014-09-19 06:36 - 00450628 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0650E5EF-7627-490E-BB14-9173624C0361} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {15D41808-A460-4676-894E-AFB5E160D7B3} - System32\Tasks\4572 => Wscript.exe C:\Users\Sean\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {308BEF5E-B5C2-46A2-9059-29B1CD79C842} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {3BAEF531-55B1-42D8-9AC1-9353ACD28298} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {52C52E32-87D8-453B-83A3-177426134BF0} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {5AF0FA8C-98A8-464B-9FB4-B9F3A4B9A03C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Sean => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {5C4AADEE-8465-4C44-A2E8-DFD6B5D22688} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {6A50C60D-961A-4F2C-8D65-D48925374910} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D7DB0769-7FE5-4C81-A20E-AB69FF280A17} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {E29B78F6-3E9A-41D2-9F7D-2E6AAD6AE0D7} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {ED96B595-D10C-4AC2-AE7F-0FEC7C4DCA3F} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {F5F556A5-938F-4E79-A523-E89AB36BAD37} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {F612F9AF-3D60-4499-90FC-7FA0B9AF8E33} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {FDF04DD3-729A-4A4A-B68B-749A71F09EA4} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {FFF92C3B-4E2F-4CEC-902C-B4845852C317} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job => C:\Program Files\PC HealthBoost\PCHealthBoost.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2014-09-07 13:02 - 2014-09-07 13:02 - 02405376 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-09-07 13:02 - 2014-09-07 13:02 - 01819648 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-09-19 18:59 - 2014-09-19 19:00 - 03734640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 05:51:10 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/22/2014 07:51:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a85e009f-66c0-4c6f-b2d3-3ef4dc5f95d3}

Error: (09/22/2014 07:09:16 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Sean-PC)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (09/22/2014 06:30:08 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 10:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 32.0.2.5373, time stamp 0x541a8277, faulting module mozalloc.dll, version 32.0.2.5373, time stamp 0x541a4d44, exception code 0x80000003, fault offset 0x0000141b,
process id 0x41c, application start time 0xplugin-container.exe0.

Error: (09/21/2014 10:06:48 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:49:36 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Sean-PC)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (09/21/2014 09:45:13 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:26:23 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:23:32 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: File backup failed due to an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006).


System errors:
=============
Error: (09/23/2014 05:52:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
eamonm
ehdrv
SASDIFSV
SASKUTIL
spldr
Wanarpv6

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Lavasoft Ad-Aware Service%%2

Error: (09/23/2014 05:51:27 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/23/2014 05:51:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/23/2014 05:51:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/23/2014 05:50:52 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/23/2014 05:50:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 06:25:56 on 23/09/2014 was unexpected.


Microsoft Office Sessions:
=========================
Error: (02/01/2013 02:46:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 78 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/01/2013 02:41:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/01/2013 02:39:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2105 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (11/19/2012 05:05:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 185 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (09/25/2012 11:22:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7989 seconds with 3540 seconds of active time.  This session ended with a crash.

Error: (01/01/2010 02:27:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/04/2009 10:39:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-09-23 18:32:14.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:13.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:12.459
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:11.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:10.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:09.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:07.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:06.913
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-22 20:29:46.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-22 20:29:45.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 44%
Total physical RAM: 1918.54 MB
Available physical RAM: 1074.01 MB
Total Pagefile: 4078.36 MB
Available Pagefile: 3428.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.59 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:55.89 GB) (Free:6.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:48.08 GB) (Free:43.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=1C)
Partition 2: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.1 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

 

 

 



BC AdBot (Login to Remove)

 


#2 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 23 September 2014 - 04:02 AM

Dear Bleeping Computer

 

Numerous dllhost.exe processes running at the same time - slowing computer to unusable state

 

I have read a number of posts and your informative replies assisting people with the subject problem.

 

I seem to be having the same problem, and would be grateful if you could assist me too.

 

I have run a number of Malware/Virus scanners, and whilst they all seem to detect some threat or another, the problem remains.

 

When I try to end the numerous dllhost.exe processes in Task Manager, they just keep reappearing.

 

My Security Center also seems to have been turned off, and am told when I try to turn it back on that it can't be started. How do I fix this as well?

 

I have copied the relevant initial logs that I see others have provided below.

 

Thank you very much, I appreciate any help you can give me.

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by Sean (administrator) on SEAN-PC on 23-09-2014 18:31:13
Running from C:\Users\Sean\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] => C:\Windows\sm56hlpr.exe [544768 2005-05-26] (Motorola Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4390912 2007-02-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-03-01] (Synaptics, Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2007-12-20] ()
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\ASScrProlog.exe [37232 2007-12-20] ()
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-02] (Nero AG)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [Griffith Printing] => C:\Program Files\Griffith Printing\PcounterClient.exe [633856 2011-05-30] (A.N.D. Technologies, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104 2014-02-24] (ESET)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [451872 2007-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6690072 2014-09-10] (SUPERAntiSpyware)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP3000 Status Window.lnk
ShortcutTarget: Canon LBP3000 Status Window.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\CNAB3LAK.EXE (CANON INC.)
Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRU-Blaster Silent Clean.lnk
ShortcutTarget: MRU-Blaster Silent Clean.lnk -> C:\Program Files\MRU-Blaster\mrublaster.exe ()
Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
BootExecute: autocheck autochk * lsdeletesdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
URLSearchHook: HKCU - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} -  No File
URLSearchHook: HKCU - (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} -  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850
FF DefaultSearchEngine: Search By ZoneAlarm
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF user.js: detected! => C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Shell Name Space ListView - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\isufpx4r.default-1410010091850\Extensions\{ADFE2C24-5DB6-5ED4-1E12-31D906C4910D} [2014-09-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-19]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR RestoreOnStartup: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> google.com.au
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Facebook Plugin) - C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR CustomProfile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-19] (Emsisoft GmbH)
S2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] () [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2005-10-01] (Canon Inc.) [File not signed]
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1343408 2014-02-24] (ESET)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-09-19] (SurfRight B.V.)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 Lavasoft Ad-Aware Service; "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [187808 2013-09-17] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
S3 hitmanpro35; C:\Windows\system32\drivers\hitmanpro35.sys [23624 2011-11-23] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-09-21] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-06-11] (Lavasoft AB)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-15] (PixArt Imaging Inc.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:31 - 2014-09-23 18:32 - 00019569 _____ () C:\Users\Sean\Desktop\FRST.txt
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\ESET
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Local\ESET
2014-09-22 20:26 - 2014-09-22 20:27 - 00000000 ____D () C:\Windows\LastGood
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\Program Files\ESET
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setupact.log
2014-09-22 19:21 - 2014-09-22 19:27 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(2).msi
2014-09-22 19:10 - 2014-09-22 19:15 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(1).msi
2014-09-22 18:40 - 2014-09-22 18:47 - 117473528 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\msert.exe
2014-09-21 23:35 - 2014-09-22 18:38 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall(1).exe
2014-09-21 23:23 - 2014-09-21 23:23 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-09-21 23:03 - 2014-09-21 23:07 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu.msi
2014-09-21 22:10 - 2014-09-23 18:31 - 00000000 ____D () C:\FRST
2014-09-21 22:09 - 2014-09-21 22:09 - 01097728 _____ (Farbar) C:\Users\Sean\Desktop\FRST.exe
2014-09-21 21:49 - 2014-09-22 19:09 - 00002243 _____ () C:\Windows\epplauncher.mif
2014-09-21 21:48 - 2014-09-21 21:49 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall.exe
2014-09-21 21:05 - 2014-09-23 17:49 - 00714708 _____ () C:\Windows\PFRO.log
2014-09-20 10:52 - 2014-09-20 10:52 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-09-19 23:00 - 2014-09-19 23:00 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 19:49 - 2014-09-22 19:34 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-19 19:49 - 2014-09-19 19:49 - 00000855 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-09-19 19:49 - 2014-09-19 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-19 19:46 - 2014-09-19 19:48 - 163670496 _____ (Emsisoft GmbH ) C:\Users\Sean\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-19 19:34 - 2014-09-19 19:34 - 00034812 _____ () C:\Windows\system32\.crusader
2014-09-19 18:59 - 2014-09-19 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 18:52 - 2014-09-19 18:52 - 00001699 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-19 18:50 - 2014-09-19 18:50 - 00000348 _____ () C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job
2014-09-19 18:49 - 2014-09-19 19:35 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-19 18:48 - 2014-09-19 18:48 - 00000838 _____ () C:\Users\Public\Desktop\PC HealthBoost.lnk
2014-09-19 18:48 - 2014-09-19 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC HealthBoost
2014-09-19 18:47 - 2014-09-19 18:47 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-09-19 18:44 - 2014-09-19 18:47 - 10280824 _____ (SurfRight B.V.) C:\Users\Sean\Downloads\HitmanPro.exe
2014-09-19 18:30 - 2014-09-19 18:30 - 00106192 _____ () C:\Users\Sean\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 18:28 - 2014-09-21 23:10 - 00391568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-19 06:36 - 2006-09-19 07:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.20140919-063614.backup
2014-09-18 22:25 - 2014-09-22 19:36 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-09-18 22:25 - 2014-09-19 18:28 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-09-18 22:25 - 2014-09-19 18:28 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-09-18 22:24 - 2014-09-19 06:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 22:24 - 2014-09-18 22:24 - 00001937 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00001925 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-18 22:24 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-09-18 22:23 - 2014-09-18 22:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-18 22:17 - 2014-09-18 22:20 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
2014-09-18 22:11 - 2014-09-19 06:26 - 00000841 _____ () C:\Users\Sean\Desktop\Recycle IE.lnk
2014-09-18 21:57 - 2014-09-23 03:00 - 00085886 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 21:16 - 2014-09-22 19:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:16 - 00001767 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-18 21:10 - 2014-09-18 21:11 - 19331048 _____ (SUPERAntiSpyware) C:\Users\Sean\Downloads\SUPERAntiSpyware.exe
2014-09-17 19:18 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
2014-09-17 19:15 - 2014-09-17 19:15 - 00000809 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\TuneUp Software
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-17 19:02 - 2014-09-17 19:39 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-17 19:02 - 2014-09-17 19:02 - 00000000 ___HD () C:\$AVG
2014-09-17 18:58 - 2014-09-17 18:58 - 00000000 ____D () C:\Program Files\AVG
2014-09-17 18:35 - 2014-09-17 19:40 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
2014-09-17 18:35 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData
2014-09-17 18:26 - 2014-09-17 18:31 - 153796568 _____ (AVG Technologies) C:\Users\Sean\Downloads\avg_free_x86_all_2015_5315a8160.exe
2014-09-17 18:12 - 2014-09-17 18:13 - 42570912 _____ (Check Point Software Technologies Ltd.) C:\Users\Sean\Downloads\zafwSetup_133_052_000.exe
2014-09-11 13:44 - 2014-09-12 15:42 - 00000000 ____D () C:\ProgramData\AdamIwwaz
2014-09-11 13:19 - 2014-09-21 23:24 - 00000000 ____D () C:\Users\Sean\AppData\Local\YmcPack
2014-09-11 13:18 - 2014-09-22 21:50 - 00000000 ____D () C:\Users\Sean\AppData\Local\Ektion
2014-09-10 10:36 - 2014-08-16 00:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 10:36 - 2014-08-16 00:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 10:36 - 2014-08-16 00:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 10:36 - 2014-08-16 00:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 10:36 - 2014-08-16 00:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 10:36 - 2014-08-16 00:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 10:36 - 2014-08-16 00:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 10:36 - 2014-08-16 00:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 10:36 - 2014-08-16 00:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 10:36 - 2014-08-16 00:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 10:36 - 2014-08-16 00:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-10 10:36 - 2014-08-16 00:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\Wondershare
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-09-07 15:18 - 2014-09-07 15:22 - 00000000 ____D () C:\Users\Sean\Documents\Wondershare Video Editor
2014-09-07 15:12 - 2014-09-07 15:12 - 00745248 _____ (Wondershare) C:\Users\Sean\Downloads\video-editor_setup_full846.exe
2014-09-07 13:58 - 2014-09-07 13:58 - 00000000 ____D () C:\Program Files\File Association Helper
2014-09-07 13:57 - 2014-09-07 13:57 - 00873680 _____ ( ) C:\Users\Sean\Downloads\winzip18-lan_en.exe
2014-08-29 00:34 - 2014-08-23 11:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 00:34 - 2014-08-23 09:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 18:32 - 2014-09-23 18:31 - 00019569 _____ () C:\Users\Sean\Desktop\FRST.txt
2014-09-23 18:31 - 2014-09-21 22:10 - 00000000 ____D () C:\FRST
2014-09-23 17:49 - 2014-09-21 21:05 - 00714708 _____ () C:\Windows\PFRO.log
2014-09-23 17:49 - 2010-01-23 16:29 - 00313820 _____ () C:\aaw7boot.log
2014-09-23 05:31 - 2006-11-02 22:47 - 00003296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 05:31 - 2006-11-02 22:47 - 00003296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 03:00 - 2014-09-18 21:57 - 00085886 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 01:00 - 2012-12-24 00:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 00:51 - 2012-11-28 20:57 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 21:50 - 2014-09-11 13:18 - 00000000 ____D () C:\Users\Sean\AppData\Local\Ektion
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\ESET
2014-09-22 20:33 - 2014-09-22 20:33 - 00000000 ____D () C:\Users\Sean\AppData\Local\ESET
2014-09-22 20:27 - 2014-09-22 20:26 - 00000000 ____D () C:\Windows\LastGood
2014-09-22 20:27 - 2008-05-01 07:27 - 00000000 ____D () C:\Users\Sean
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\ProgramData\ESET
2014-09-22 20:12 - 2014-09-22 20:12 - 00000000 ____D () C:\Program Files\ESET
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 _____ () C:\Windows\setupact.log
2014-09-22 19:45 - 2014-09-18 21:16 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-22 19:36 - 2014-09-18 22:25 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-09-22 19:34 - 2014-09-19 19:49 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-22 19:31 - 2012-11-28 20:56 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 19:31 - 2006-11-02 23:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 19:27 - 2014-09-22 19:21 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(2).msi
2014-09-22 19:15 - 2014-09-22 19:10 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu(1).msi
2014-09-22 19:09 - 2014-09-21 21:49 - 00002243 _____ () C:\Windows\epplauncher.mif
2014-09-22 18:47 - 2014-09-22 18:40 - 117473528 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\msert.exe
2014-09-22 18:38 - 2014-09-21 23:35 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall(1).exe
2014-09-22 18:27 - 2007-04-18 18:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-09-22 18:27 - 2006-11-02 23:01 - 00032650 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-22 18:19 - 2011-02-20 09:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-21 23:24 - 2014-09-11 13:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\YmcPack
2014-09-21 23:23 - 2014-09-21 23:23 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-09-21 23:12 - 2007-12-20 02:26 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-09-21 23:10 - 2014-09-19 18:28 - 00391568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 23:07 - 2014-09-21 23:03 - 70610944 _____ () C:\Users\Sean\Downloads\ess_nt32_enu.msi
2014-09-21 22:26 - 2014-05-20 09:24 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 22:09 - 2014-09-21 22:09 - 01097728 _____ (Farbar) C:\Users\Sean\Desktop\FRST.exe
2014-09-21 21:49 - 2014-09-21 21:48 - 11447608 _____ (Microsoft Corporation) C:\Users\Sean\Downloads\mseinstall.exe
2014-09-21 21:44 - 2011-06-29 14:26 - 00000000 ____D () C:\Program Files\CheckPoint
2014-09-21 21:34 - 2008-06-10 19:18 - 00001356 _____ () C:\Users\Sean\AppData\Local\d3d9caps.dat
2014-09-21 20:31 - 2012-12-23 18:53 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 20:30 - 2008-05-01 07:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-20 10:52 - 2014-09-20 10:52 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-09-19 23:00 - 2014-09-19 23:00 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 21:19 - 2012-08-06 21:23 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-19 19:49 - 2014-09-19 19:49 - 00000855 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-09-19 19:49 - 2014-09-19 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-19 19:48 - 2014-09-19 19:46 - 163670496 _____ (Emsisoft GmbH ) C:\Users\Sean\Downloads\EmsisoftAntiMalwareSetup.exe
2014-09-19 19:35 - 2014-09-19 18:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-19 19:34 - 2014-09-19 19:34 - 00034812 _____ () C:\Windows\system32\.crusader
2014-09-19 19:01 - 2014-09-19 18:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 18:52 - 2014-09-19 18:52 - 00001699 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 18:52 - 2014-09-19 18:52 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-19 18:50 - 2014-09-19 18:50 - 00000348 _____ () C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job
2014-09-19 18:48 - 2014-09-19 18:48 - 00000838 _____ () C:\Users\Public\Desktop\PC HealthBoost.lnk
2014-09-19 18:48 - 2014-09-19 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC HealthBoost
2014-09-19 18:47 - 2014-09-19 18:47 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-09-19 18:47 - 2014-09-19 18:44 - 10280824 _____ (SurfRight B.V.) C:\Users\Sean\Downloads\HitmanPro.exe
2014-09-19 18:30 - 2014-09-19 18:30 - 00106192 _____ () C:\Users\Sean\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 18:28 - 2014-09-18 22:25 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-09-19 18:28 - 2014-09-18 22:25 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-09-19 06:26 - 2014-09-18 22:11 - 00000841 _____ () C:\Users\Sean\Desktop\Recycle IE.lnk
2014-09-19 06:23 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 22:35 - 2014-09-18 22:23 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-18 22:24 - 2014-09-18 22:24 - 00001937 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00001925 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-18 22:24 - 2014-09-18 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-18 22:20 - 2014-09-18 22:17 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sean\Downloads\spybot-2.4.exe
2014-09-18 21:48 - 2014-09-18 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-18 21:16 - 2014-09-18 21:16 - 00001767 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-18 21:11 - 2014-09-18 21:10 - 19331048 _____ (SUPERAntiSpyware) C:\Users\Sean\Downloads\SUPERAntiSpyware.exe
2014-09-17 20:45 - 2014-08-02 21:36 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\vlc
2014-09-17 19:40 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\Avg2015
2014-09-17 19:39 - 2014-09-17 19:02 - 00000000 ____D () C:\ProgramData\AVG2015
2014-09-17 19:18 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\AVG2015
2014-09-17 19:15 - 2014-09-17 19:15 - 00000809 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\TuneUp Software
2014-09-17 19:15 - 2014-09-17 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-17 19:02 - 2014-09-17 19:02 - 00000000 ___HD () C:\$AVG
2014-09-17 18:58 - 2014-09-17 18:58 - 00000000 ____D () C:\Program Files\AVG
2014-09-17 18:50 - 2006-11-02 21:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 18:35 - 2014-09-17 18:35 - 00000000 ____D () C:\Users\Sean\AppData\Local\MFAData
2014-09-17 18:31 - 2014-09-17 18:26 - 153796568 _____ (AVG Technologies) C:\Users\Sean\Downloads\avg_free_x86_all_2015_5315a8160.exe
2014-09-17 18:13 - 2014-09-17 18:12 - 42570912 _____ (Check Point Software Technologies Ltd.) C:\Users\Sean\Downloads\zafwSetup_133_052_000.exe
2014-09-17 17:37 - 2007-04-18 19:06 - 00000000 ____D () C:\Windows\ASUS
2014-09-17 17:35 - 2013-10-26 17:26 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\uTorrent
2014-09-14 20:58 - 2008-05-01 19:06 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Skype
2014-09-14 17:01 - 2006-11-02 20:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 14:35 - 2012-08-31 20:41 - 00002587 _____ () C:\Users\Sean\Desktop\Microsoft Office Word 2007.lnk
2014-09-12 19:11 - 2011-02-19 10:24 - 00000370 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2014-09-12 15:42 - 2014-09-11 13:44 - 00000000 ____D () C:\ProgramData\AdamIwwaz
2014-09-12 09:37 - 2008-05-02 21:21 - 00237568 _____ () C:\Users\Sean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-10 20:01 - 2012-12-24 00:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 20:01 - 2012-12-24 00:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 10:36 - 2007-12-20 00:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 10:32 - 2013-08-11 08:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 10:24 - 2006-11-02 20:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-07 15:22 - 2014-09-07 15:18 - 00000000 ____D () C:\Users\Sean\Documents\Wondershare Video Editor
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\Wondershare
2014-09-07 15:19 - 2014-09-07 15:19 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-09-07 15:13 - 2006-11-02 21:18 - 00000000 ___RD () C:\Users\Public
2014-09-07 15:12 - 2014-09-07 15:12 - 00745248 _____ (Wondershare) C:\Users\Sean\Downloads\video-editor_setup_full846.exe
2014-09-07 13:58 - 2014-09-07 13:58 - 00000000 ____D () C:\Program Files\File Association Helper
2014-09-07 13:57 - 2014-09-07 13:57 - 00873680 _____ ( ) C:\Users\Sean\Downloads\winzip18-lan_en.exe
2014-09-07 13:52 - 2008-10-30 08:40 - 00000000 ___RD () C:\Users\Sean\Documents\Law School
2014-09-03 16:09 - 2013-02-22 10:44 - 00000000 ____D () C:\Users\Sean\Documents\QLS Practising Cert
2014-08-26 12:18 - 2010-12-11 18:11 - 00000000 ____D () C:\Users\Sean\Documents\Australia to UK Solicitor
2014-08-25 06:53 - 2009-10-03 08:01 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Sean\aaw2008.exe
C:\Users\Sean\OOo_2.4.1_Win32Intel_install_en-US.exe
C:\Users\Sean\wmpfirefoxplugin.exe
C:\Users\Sean\wmpplugin.exe
C:\Users\Sean\xpiinstall.exe


Some content of TEMP:
====================
C:\Users\Sean\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-23 18:04

==================== End Of Log ============================

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-09-2014 01
Ran by Sean at 2014-09-23 18:33:15
Running from C:\Users\Sean\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30263 - BitTorrent Inc.)
15354 Webcam Live (HKLM\...\{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}) (Version: 1.0.0.0 - )
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0016 - )
ASUS Splendid Video Enhancement Technology (HKLM\...\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}) (Version: 1.02.18 - ASUSTeK)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0006 - ASUS)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.1 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{553355BC-925B-4104-AB9D-F3FADEB44050}) (Version: 3.0.634.0 - ATI Technologies, Inc.)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0014 - ATK)
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4158 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.1.0.7 - )
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.0.1.3 - )
Canon LBP3000 (HKLM\...\Canon LBP3000) (Version:  - )
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.2.0.13 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.3.0.11 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.0.2.16 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.17.41 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.6.0.27 - )
Catalyst Control Center Core Implementation (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2007.0721.2141.36895 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2007.0721.2141.36895 - ATI) Hidden
CCC Help Chinese Standard (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Czech (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Danish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Dutch (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help English (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Finnish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help French (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help German (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Greek (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Hungarian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Italian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Japanese (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Korean (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Norwegian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Polish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Portuguese (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Russian (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Spanish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Swedish (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Thai (Version: 2007.0721.2140.36895 - ATI) Hidden
CCC Help Turkish (Version: 2007.0721.2140.36895 - ATI) Hidden
ccc-core-static (Version: 2007.0721.2141.36895 - ATI) Hidden
ccc-utility (Version: 2007.0721.2141.36895 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EasiestSoft Movie Editor 3.9.0 (HKLM\...\{8BB65DEC-BE2C-EB66-7595-ADAE2D710380}_is1) (Version: 3.9.0 - EasiestSoft International LLC.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
Epson Copy Utility 3.4 (HKLM\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.4.0.0 - )
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON PERFECTION V30_V300 PHOTO Manual (HKLM\...\EPSON PERFECTION V30_V300 PHOTO User’s Guide) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{4939F84E-DC08-4CB5-AA6E-2D6E15CEA386}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
File Association Helper (HKLM\...\{8975E3CB-A762-4B14-BD62-A3972A098E82}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Griffith Printing (HKLM\...\{07F8C9EB-2E1D-485B-BA62-5349F80156B3}) (Version: 1.0.0.0 - Griffith Printing)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java™ 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
LightScribe  1.8.13.1 (Version: 1.8.13.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 32.0.2 (x86 en-GB) (HKLM\...\Mozilla Firefox 32.0.2 (x86 en-GB)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MRU-Blaster v1.5 (Database 3/28/2004) (HKLM\...\MRU-Blaster_is1) (Version: 1.5 - Javacool Software LLC)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}) (Version: 7.03.0188 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0013 - ATK)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5374 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (Version: 2007.0721.2141.36895 - ATI) Hidden
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{B83A8864-A85D-437E-9D4C-27350765BF46}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{9D702FFD-3C2B-44D0-9B8B-CA1A30CA555B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{F8564AF8-30AE-4427-ACF3-69714E1BB656}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.4400 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.4400 - Broadcom Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\Sean\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

==================== Restore Points  =========================

22-09-2014 09:52:23 avast! antivirus system restore point
22-09-2014 10:02:23 Installed ESET Smart Security

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 20:23 - 2014-09-19 06:36 - 00450628 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0650E5EF-7627-490E-BB14-9173624C0361} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {15D41808-A460-4676-894E-AFB5E160D7B3} - System32\Tasks\4572 => Wscript.exe C:\Users\Sean\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {308BEF5E-B5C2-46A2-9059-29B1CD79C842} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {3BAEF531-55B1-42D8-9AC1-9353ACD28298} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {52C52E32-87D8-453B-83A3-177426134BF0} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {5AF0FA8C-98A8-464B-9FB4-B9F3A4B9A03C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Sean => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {5C4AADEE-8465-4C44-A2E8-DFD6B5D22688} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {6A50C60D-961A-4F2C-8D65-D48925374910} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D7DB0769-7FE5-4C81-A20E-AB69FF280A17} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {E29B78F6-3E9A-41D2-9F7D-2E6AAD6AE0D7} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {ED96B595-D10C-4AC2-AE7F-0FEC7C4DCA3F} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {F5F556A5-938F-4E79-A523-E89AB36BAD37} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {F612F9AF-3D60-4499-90FC-7FA0B9AF8E33} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {FDF04DD3-729A-4A4A-B68B-749A71F09EA4} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {FFF92C3B-4E2F-4CEC-902C-B4845852C317} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHB_Sean_PCHealthBoost_RS_DailyTask.job => C:\Program Files\PC HealthBoost\PCHealthBoost.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2014-09-07 13:02 - 2014-09-07 13:02 - 02405376 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-09-07 13:02 - 2014-09-07 13:02 - 01819648 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-09-19 18:59 - 2014-09-19 19:00 - 03734640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 05:51:10 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/22/2014 07:51:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a85e009f-66c0-4c6f-b2d3-3ef4dc5f95d3}

Error: (09/22/2014 07:09:16 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Sean-PC)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (09/22/2014 06:30:08 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 10:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 32.0.2.5373, time stamp 0x541a8277, faulting module mozalloc.dll, version 32.0.2.5373, time stamp 0x541a4d44, exception code 0x80000003, fault offset 0x0000141b,
process id 0x41c, application start time 0xplugin-container.exe0.

Error: (09/21/2014 10:06:48 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:49:36 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Sean-PC)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.

Error: (09/21/2014 09:45:13 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:26:23 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/21/2014 09:23:32 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: File backup failed due to an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006).


System errors:
=============
Error: (09/23/2014 05:52:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
eamonm
ehdrv
SASDIFSV
SASKUTIL
spldr
Wanarpv6

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (09/23/2014 05:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Lavasoft Ad-Aware Service%%2

Error: (09/23/2014 05:51:27 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/23/2014 05:51:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (09/23/2014 05:51:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/23/2014 05:50:52 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/23/2014 05:50:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 06:25:56 on 23/09/2014 was unexpected.


Microsoft Office Sessions:
=========================
Error: (02/01/2013 02:46:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 78 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/01/2013 02:41:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/01/2013 02:39:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2105 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (11/19/2012 05:05:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 185 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (09/25/2012 11:22:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7989 seconds with 3540 seconds of active time.  This session ended with a crash.

Error: (01/01/2010 02:27:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/04/2009 10:39:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-09-23 18:32:14.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:13.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:12.459
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:11.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:10.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:09.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:07.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-23 18:32:06.913
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-22 20:29:46.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-22 20:29:45.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 44%
Total physical RAM: 1918.54 MB
Available physical RAM: 1074.01 MB
Total Pagefile: 4078.36 MB
Available Pagefile: 3428.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.59 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:55.89 GB) (Free:6.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:48.08 GB) (Free:43.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=1C)
Partition 2: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.1 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

 

 

 



#3 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 23 September 2014 - 09:20 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#4 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 24 September 2014 - 07:45 AM

Dear Marius

 

Thank you for helping me with my Malware issues (and for the fast reply).

 

As instructed, I downloaded Gmer from the the above link by clicking Download EXE.

 

I got to the screen with the panel on the right-hand side and de-selected Sections and IAT/EAT.  Show All was already unchecked. I closed Firefox.

 

When I hit Scan, a pop-up appeared that said that the program had stopped working and was to close.  The only option was for me to click 'Close Program' (which it then did). I tried to perform the Gmer scan again, but was again told that the program had stopped working and was to close. I tried to copy/paste the screen image but am apparently not allowed to paste it in this reply.

 

The pop-up said '5lx8c7di.exe has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available'. I was not notified of any solution.

 

I did not perform the other TSDD-Killer scan.

 

What do I do now?

 

Thanks again.

SFL



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 24 September 2014 - 07:48 AM

Please reboot into safe mode and try to run Gmer.

If it fails again, reboot into normal mode and proceed with TDSS-Killer


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 24 September 2014 - 07:51 AM

Hi Marius

 

I was in Safe Mode when I downloaded Gmer and attempted to run it.

 

I will reboot in Normal and run TDSS-Killer as instructed above.

 

Thanks.



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 24 September 2014 - 07:51 AM

OK:)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 24 September 2014 - 09:29 AM

Hi Marius

 

Apologies for the delay - my computer froze a number of times when running in Normal mode.

 

My first attempt at performing the TDSS-Killer also froze half way through.

 

The log of the second (and hopefully complete) attempt is attached.

 

Thanks.

SFL

 

 

Attached Files



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 24 September 2014 - 10:07 AM

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either avast or avg.

 

 

 

 

Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 25 September 2014 - 03:15 AM

Hi Marius

 

Thank you for your most recent advice.

 

I had previously uninstalled Avast (about a week ago). It no longer appears on my program list for me to uninstall; AVG is still listed. This seems contrary to your reading of the logs that suggests that Avast and AVG are both still installed. Can I go ahead with the rest of your instructions or should I do something else before continuing? Could it be the Avast has been hidden in some way?

 

I have uninstalled uTorrent. 



#11 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 25 September 2014 - 04:23 AM

Also, can I run the above Fixlist and Malware-Bytes scan in Safe Mode (with Networking)?

 

When I try to reboot in Normal mode, I am now told that Windows Explorer has stopped working and the only option is to close the program.

 

Thanks.

SFL



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 25 September 2014 - 08:25 AM

Please reboot into safe mode and proceed with FRST and MBAM fix


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 26 September 2014 - 04:42 AM

Hi Marius

 

Performed the FRST Fixlist and Malwarebytes scans in Safe Mode - still can't get into Windows in Normal mode - am told a problem has caused Windows Explorer to stop working and only option is to close.

 

Fixlog below, I'll send Malwarebytes log shortly.

 

Thanks.

 

Fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-09-2014
Ran by Sean at 2014-09-26 18:22:41 Run:1
Running from C:\Windows\System32\config\systemprofile\Desktop
Loaded Profiles:  (Available profiles: Sean)
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
BootExecute: autocheck autochk * lsdeletesdnclean.exe

HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
Task: {F5F556A5-938F-4E79-A523-E89AB36BAD37} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {15D41808-A460-4676-894E-AFB5E160D7B3} - System32\Tasks\4572 => Wscript.exe C:\Users\Sean\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

2014-09-12 15:42 - 2014-09-11 13:44 - 00000000 ____D () C:\ProgramData\AdamIwwaz
2014-09-07 13:58 - 2014-09-07 13:58 - 00000000 ____D () C:\Program Files\File Association Helper
2014-09-07 13:57 - 2014-09-07 13:57 - 00873680 _____ ( ) C:\Users\Sean\Downloads\winzip18-lan_en.exe
C:\Users\Sean\aaw2008.exe
C:\Users\Sean\OOo_2.4.1_Win32Intel_install_en-US.exe
C:\Users\Sean\wmpfirefoxplugin.exe
C:\Users\Sean\wmpplugin.exe
C:\Users\Sean\xpiinstall.exe
C:\Users\Sean\AppData\Roaming\Microsoft\Windows\IEUpdate

EmptyTemp:

Reboot:
*****************

HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKU\S-1-5-21-3254263450-2822297256-2156715251-1000\Software\Classes\exefile" => Key not found.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5F556A5-938F-4E79-A523-E89AB36BAD37}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5F556A5-938F-4E79-A523-E89AB36BAD37}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15D41808-A460-4676-894E-AFB5E160D7B3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15D41808-A460-4676-894E-AFB5E160D7B3}" => Key deleted successfully.
C:\Windows\System32\Tasks\4572 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4572" => Key deleted successfully.
"HKU\S-1-5-21-3254263450-2822297256-2156715251-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
C:\ProgramData\AdamIwwaz => Moved successfully.
C:\Program Files\File Association Helper => Moved successfully.
C:\Users\Sean\Downloads\winzip18-lan_en.exe => Moved successfully.
C:\Users\Sean\aaw2008.exe => Moved successfully.
C:\Users\Sean\OOo_2.4.1_Win32Intel_install_en-US.exe => Moved successfully.
C:\Users\Sean\wmpfirefoxplugin.exe => Moved successfully.
C:\Users\Sean\wmpplugin.exe => Moved successfully.
C:\Users\Sean\xpiinstall.exe => Moved successfully.
C:\Users\Sean\AppData\Roaming\Microsoft\Windows\IEUpdate => Moved successfully.
EmptyTemp: => Removed 519.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====


#14 sfl1983

sfl1983
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 26 September 2014 - 05:03 AM

Hi Marius

 

When I went back into Malwarebytes History - Application Logs in SafeMode, I wasn't given the option to copy to clipboard.

 

I have copied the log from the Program Data file.

 

Look forward to hearing from you further.

 

Thanks.

 

Malwarebytes log


<?xml version="1.0" encoding="UTF-16"?>
-<mbam-log> -<header> <date>2014/09/26 18:47:10 +1000</date> <logfile>mbam-log-2014-09-26 (18-47-03).xml</logfile> <isadmin>yes</isadmin> </header> -<engine> <version>2.00.2.1012</version> <malware-database>v2014.09.26.03</malware-database> <rootkit-database>v2014.09.19.01</rootkit-database> <license>free</license> <file-protection>disabled</file-protection> <web-protection>disabled</web-protection> <self-protection>disabled</self-protection> </engine> -<system> <osversion>Windows Vista Service Pack 2</osversion> <arch>x86</arch> <username>Sean</username> <filesys>NTFS</filesys> </system> -<summary> <type>threat</type> <result>completed</result> <objects>297146</objects> <time>818</time> <processes>0</processes> <modules>0</modules> <keys>1</keys> <values>4</values> <datas>0</datas> <folders>0</folders> <files>4</files> <sectors>0</sectors> </summary> -<options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>disabled</rootkits> <deeprootkit>disabled</deeprootkit> <heuristics>enabled</heuristics> <pup>warn</pup> <pum>enabled</pum> </options> -<items> -<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer2951622345</path><vendor>Trojan.MSCrypt.ED</vendor><action>success</action><hash>66d5e40e80fb5bdb4fd9566fc9381be5</hash></key> -<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>Udhygo</valuename><vendor>Trojan.MSCrypt.ED</vendor><action>success</action><valuedata>"C:\Users\Sean\AppData\Roaming\Exegok\maafm.exe"</valuedata><hash>b58600f23249d660e2465b6a45bc6b95</hash></value> -<value><path>HKU\S-1-5-21-3254263450-2822297256-2156715251-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\CONTROL PANEL\DESKTOP</path><valuename>SCRNSAVE.EXE</valuename><vendor>Trojan.Agent.EV</vendor><action>success</action><valuedata>"C:\Users\Sean\AppData\Roaming\Microsoft\Windows\IEUpdate\ipconfig.exe"</valuedata><hash>95a6d0220f6cb77ff09faf6132d131cf</hash></value> -<value><path>HKU\S-1-5-21-3254263450-2822297256-2156715251-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\COMMAND PROCESSOR</path><valuename>AutoRun</valuename><vendor>Hijack.Autorun</vendor><action>success</action><valuedata>"C:\Users\Sean\AppData\Roaming\Microsoft\Windows\IEUpdate\ipconfig.exe"</valuedata><hash>de5d985a374444f2cf7a99a6758ebe42</hash></value> -<value><path>HKU\S-1-5-21-3254263450-2822297256-2156715251-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>ipconfig</valuename><vendor>Trojan.Agent.EVGen</vendor><action>success</action><valuedata>"C:\Users\Sean\AppData\Roaming\Microsoft\Windows\IEUpdate\ipconfig.exe"</valuedata><hash>5cdf4da51e5df73f167ac848ad561ee2</hash></value> -<file><path>C:\Users\Sean\AppData\Roaming\Exegok\maafm.exe</path><vendor>Trojan.MSCrypt.ED</vendor><action>success</action><hash>b58600f23249d660e2465b6a45bc6b95</hash></file> -<file><path>C:\Windows\System32\arlen.exe</path><vendor>Trojan.MSCrypt.ED</vendor><action>success</action><hash>66d5e40e80fb5bdb4fd9566fc9381be5</hash></file> -<file><path>C:\Users\Sean\AppData\Local\Temp\UpdateFlashPlayer_d3a6d198.exe</path><vendor>Trojan.MSCrypt.ED</vendor><action>success</action><hash>49f2ba388deeb68046e2ffc6aa574ab6</hash></file> -<file><path>C:\Users\Sean\AppData\Local\Temp\tmp39E6.exe</path><vendor>Trojan.FakeMS.ED</vendor><action>success</action><hash>9e9d9b57aad13ff7053822a28978946c</hash></file> </items> </mbam-log>


#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:11 AM

Posted 26 September 2014 - 06:22 AM

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.

  • The logs can be found here:

-- XP: C:\Documents and Settings\\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd


  • Zip any and all of these logs and attach the file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users