Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop shows up after Login after 30 seconds everything is Unresponsive


  • This topic is locked This topic is locked
21 replies to this topic

#1 redbullpower

redbullpower

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 09 October 2014 - 03:30 AM

The computer became unresponsive after running malwarebytes and removing the recommended items which were not serious. After reboot it became unresponsive however I was able to shutdown the browser and other windows which allowed limited response, enough to try malwarebytes again. This time it showed there were no problems. I also tried ADW which showed nothing. At this point the computer remains unresponsive after 30 seconds after the desktop loads. After restarting many times I was able to get some response and run DDS as attached after waiting about 10 minutes. I was able to run tdsskiller which found a rootkit. It removed and restarted and did another scan which came up clean. The computer still remains the same. I am also getting multiple messages about the Intel Rapid Storage detecting and removing disks however this only happens after about 5 minutes lasting for another 5 minutes. There are no problems or lags on startup before the desktop shows up.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280
Run by User at 8:11:14 on 2014-10-09
Microsoft Windows 7 Professional   6.1.7601.1.1252.44.1033.18.16358.12717 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Windows\system32\svchost.exe -k netsvcs
c:\program files (x86)\common files\logishrd\lvmvfm\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
D:\Program Files (x86)\1Password\Agile1pService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\M-Audio\Axiom AIR\AudioDevMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
D:\Windows\Prey\versions\1.1.3\bin\windows\cronsvc.exe
D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
D:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\lxeccoms.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Windows\Prey\current\bin\node.exe
D:\Windows\Prey\versions\1.1.5\node_modules\triggers\bin\evtcheck.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
D:\Program Files (x86)\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
D:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
D:\Program Files\Skype\Phone\Skype.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
D:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
D:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files (x86)\1Password\Agile1pAgent.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar64.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
D:\Desktop\stuff\rkill.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorUI.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Desktop\stuff\rkill64-256.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: 1Password: {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - D:\Program Files (x86)\1Password\Agile1pIE.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [DymoQuickPrint] "D:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [OfficeSyncProcess] "D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
uRun: [AdobeBridge] <no file>
uRunOnce: [Application Restart #11] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.richmond.gov.uk/home/transport_and_streets/parking/parking_bays/parking_suspensions_and_dispensations/parking_suspensions.htm
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
mRun: [LVCOMSX] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"
mRun: [LogitechQuickCamRibbon] "D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe" /hide
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [Bonus.SSR.FR11] "D:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Agile1pAgent] D:\Program Files (x86)\1Password\Agile1pAgent.exe
mRun: [DLSService] "D:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
mRun: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [WSHelperSetup.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - D:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\skype delay start.bat
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - D:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHILIP~1.LNK - C:\Program Files (x86)\Philips\GoGear Spark Device Manager\main.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
IE: Se&nd to OneNote - D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - {5D7B119E-062F-476B-A5E7-797FAF554BA2} - D:\Program Files (x86)\1Password\Agile1pIE.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://canesparta.dyndns.org:8888/WinWebPush.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{2660D9EE-857A-4FDD-9D3B-325DA75C9310} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{E5992F00-74F3-49ED-A7E1-BFEED05FA66E} : DHCPNameServer = 192.168.1.254 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [CSRSkype] D:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
x64-Run: [BthSyncServ] "D:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
x64-Run: [ConMgr] "D:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
x64-Run: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760]
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\System32\drivers\BtHidBus.sys [2010-4-6 23944]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2011-10-12 562456]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-8-2 23832]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-9-28 56208]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2014-2-25 534104]
R1 RapportCerberus_80055;RapportCerberus_80055;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [2014-10-8 761720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-10-1 445880]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-10-1 557656]
R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-9-22 819976]
R2 Agile1Password;1Password;D:\Program Files (x86)\1Password\Agile1pService.exe [2014-5-7 768784]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 AxiomAIRAudioDevMon;Axiom AIR Audio Device Monitor;C:\Program Files (x86)\M-Audio\Axiom AIR\AudioDevMon.exe [2013-1-15 204496]
R2 CronService;Cron Service;D:\Windows\Prey\versions\1.1.3\bin\windows\cronsvc.exe [2014-5-5 18432]
R2 DevoloNetworkService;devolo Network Service;D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2010-12-23 3304768]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-8-2 225280]
R2 DymoPnpService;DYMO PnP Service;D:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-6-20 32368]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [2012-8-2 7168]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-8-2 178344]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2007-2-6 173344]
R2 lxec_device;lxec_device;C:\Windows\System32\lxeccoms.exe -service --> C:\Windows\System32\lxeccoms.exe -service [?]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-11-19 2928128]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-10-1 1919256]
R2 VFPRadioSupportService;Bluetooth Feature Support;D:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-6-30 145280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-4-24 266240]
R3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
R3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\System32\drivers\CamDrL64.sys [2007-2-3 955680]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-19 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-19 13080]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-2-3 58528]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxecserv.exe [2012-9-11 45736]
S3 AXIOM;Service for M-Audio Axiom AIR;C:\Windows\System32\drivers\MAudioAxiomAIR.sys [2013-1-15 137424]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-8-20 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-8-20 21872]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\System32\drivers\btnetBus.sys [2010-4-6 30088]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 iLokDrvr;Usb Driver;C:\Windows\System32\drivers\iLokDrvr.sys [2012-11-17 24728]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\System32\drivers\IvtBtBus.sys [2010-4-6 27016]
S3 LVcKap64;Logitech AEC Driver;C:\Windows\System32\drivers\LVCKap64.sys [2007-2-6 1013024]
S3 MADFUAXIOM;Service for M-Audio Axiom AIR DFU;C:\Windows\System32\drivers\MAudioAxiomAIR_DFU.sys [2013-1-15 29904]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-10-15 91352]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2013-3-1 46648]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2013-3-1 45624]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-10 1255736]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: jsfile="D:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="D:\Program Files\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-10-09 06:50:25 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E0F58FB-DCB6-4B66-A3D3-1C886BE6193C}\mpengine.dll
2014-10-08 20:24:16 -------- d-----w- C:\TDSSKiller_Quarantine
2014-10-08 13:22:06 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-10-08 13:21:33 -------- d-----w- C:\AdwCleaner
2014-10-08 12:44:20 -------- d-----w- C:\Windows\ERUNT
2014-10-08 06:34:31 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-07 15:28:43 -------- d-----w- C:\ProgramData\Wondershare
2014-10-07 15:28:32 -------- d-----w- C:\Users\User\AppData\Local\Wondershare
2014-10-07 15:28:31 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare
2014-10-07 15:28:17 -------- d-----w- C:\Users\User\AppData\Roaming\Wondershare
2014-10-07 15:28:17 -------- d-----w- C:\Users\User\.android
2014-10-06 12:00:31 1188440 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FB4ED93-23AA-4EE1-95B5-6DC3C1EBA272}\gapaengine.dll
2014-10-06 11:51:43 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-06 11:51:43 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-24 15:51:36 -------- d-----w- C:\ProgramData\DigiDNA
2014-09-24 15:51:35 -------- d-----w- C:\Users\User\AppData\Roaming\iMazing
2014-09-24 15:51:35 -------- d-----w- C:\Users\User\AppData\Local\DigiDNA
2014-09-24 12:50:28 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-24 12:50:28 -------- d-----w- C:\Program Files\iTunes
2014-09-24 12:50:28 -------- d-----w- C:\Program Files\iPod
2014-09-24 07:05:00 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 07:05:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-23 08:09:19 -------- d-----w- C:\Users\User\AppData\Local\D2B23928-2604-4CDC-8CAA-F19C1FC32377.aplzod
2014-09-17 06:55:20 -------- d-----w- C:\Program Files (x86)\Skype
2014-09-10 08:47:04 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 08:47:03 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-09 19:21:54 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-09 19:21:54 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-09 19:21:44 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-09 19:21:44 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-09 19:21:33 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-09 19:21:33 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-09 19:21:33 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-09 19:21:33 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-09 19:21:33 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-09 19:21:29 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-09 19:21:28 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M  ====================
.
2014-10-08 19:28:35 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-08 17:45:27 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 11:42:52 534104 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2014-09-24 07:03:46 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 07:03:46 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42:39 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-30 07:39:45 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-07-29 13:11:29 51228 ----a-w- C:\ProgramData\SPLF05D.tmp
2014-07-28 13:52:00 6112072 ----a-w- C:\Windows\System32\usbaaplrc.dll
2014-07-28 13:52:00 54784 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2014-07-25 01:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 22:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-17 17:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-17 17:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
.
============= FINISH:  8:13:00.05 ===============
 

 

Thanks

Redbullpower

 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 14 October 2014 - 03:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/551352 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 14 October 2014 - 03:54 AM

I have a windows 7 DVD.
 
Since the first post I had to shutdown the computer during shutdown phase which resulted in not being able to get to the login screen. The screen remained black with a cursor after displaying the logo.
After trying a number of things I was able to use the last known good config to allow the computer to startup.
 
Seems to work much better but still lags and is unresponsive sometimes.
Using the shift key to open a new window for a url link results in a white window which crashes.
 
Ran different malware and virus scans as well as tdsskiller but they did not find anything.
 
Here is the log
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280  BrowserJavaVersion: 10.67.2
Run by User at 9:41:05 on 2014-10-14
Microsoft Windows 7 Professional   6.1.7601.1.1252.44.1033.18.16358.12082 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Windows\system32\svchost.exe -k netsvcs
c:\program files (x86)\common files\logishrd\lvmvfm\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
D:\Program Files (x86)\1Password\Agile1pService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\M-Audio\Axiom AIR\AudioDevMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
D:\Windows\Prey\versions\1.1.3\bin\windows\cronsvc.exe
C:\Windows\system32\crypserv.exe
D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
D:\Windows\Prey\current\bin\node.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
D:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
D:\Windows\Prey\versions\1.1.5\node_modules\triggers\bin\evtcheck.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\lxeccoms.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\User\AppData\Local\Temp\ocr3793.tmp\bin\rubyw.exe
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
D:\Program Files (x86)\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
D:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
D:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\User\AppData\Local\Temp\ocr953C.tmp\bin\rubyw.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
D:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
D:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
D:\Program Files (x86)\1Password\Agile1pAgent.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar64.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: 1Password: {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - D:\Program Files (x86)\1Password\Agile1pIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [DymoQuickPrint] "D:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [OfficeSyncProcess] "D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
uRun: [AdobeBridge] <no file>
uRunOnce: [Application Restart #11] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.richmond.gov.uk/home/transport_and_streets/parking/parking_bays/parking_suspensions_and_dispensations/parking_suspensions.htm
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
mRun: [LVCOMSX] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe"
mRun: [LogitechQuickCamRibbon] "D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe" /hide
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "D:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [Bonus.SSR.FR11] "D:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
mRun: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Agile1pAgent] D:\Program Files (x86)\1Password\Agile1pAgent.exe
mRun: [DLSService] "D:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
mRun: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [WSHelperSetup.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - D:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\skype delay start.bat
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - D:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHILIP~1.LNK - C:\Program Files (x86)\Philips\GoGear Spark Device Manager\main.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
IE: Se&nd to OneNote - D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - {5D7B119E-062F-476B-A5E7-797FAF554BA2} - D:\Program Files (x86)\1Password\Agile1pIE.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://canesparta.dyndns.org:8888/WinWebPush.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{2660D9EE-857A-4FDD-9D3B-325DA75C9310} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{E5992F00-74F3-49ED-A7E1-BFEED05FA66E} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{EEC11CC8-609E-4EAD-858B-946A1CB53153} : DHCPNameServer = 209.222.18.222 209.222.18.218
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [CSRSkype] D:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
x64-Run: [BthSyncServ] "D:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
x64-Run: [ConMgr] "D:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
x64-Run: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [IAStorIcon] "D:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "D:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760]
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\System32\drivers\BtHidBus.sys [2010-4-6 23944]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-9-28 56208]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2014-2-25 534104]
R1 RapportCerberus_80055;RapportCerberus_80055;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [2014-10-8 761720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-10-1 445880]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-10-1 557656]
R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-9-22 819976]
R2 Agile1Password;1Password;D:\Program Files (x86)\1Password\Agile1pService.exe [2014-5-7 768784]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 AxiomAIRAudioDevMon;Axiom AIR Audio Device Monitor;C:\Program Files (x86)\M-Audio\Axiom AIR\AudioDevMon.exe [2013-1-15 204496]
R2 CronService;Cron Service;D:\Windows\Prey\versions\1.1.3\bin\windows\cronsvc.exe [2014-5-5 18432]
R2 DevoloNetworkService;devolo Network Service;D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2010-12-23 3304768]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-8-2 225280]
R2 DymoPnpService;DYMO PnP Service;D:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-6-20 32368]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;D:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-7-9 261896]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2007-2-6 173344]
R2 lxec_device;lxec_device;C:\Windows\System32\lxeccoms.exe -service --> C:\Windows\System32\lxeccoms.exe -service [?]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-11-19 2928128]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-10-1 1919256]
R2 VFPRadioSupportService;Bluetooth Feature Support;D:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-6-30 145280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-4-24 266240]
R3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
R3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\System32\drivers\CamDrL64.sys [2007-2-3 955680]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-19 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-19 13080]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-2-3 58528]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxecserv.exe [2012-9-11 45736]
S2 SkypeUpdate;Skype Updater;D:\Program Files\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AXIOM;Service for M-Audio Axiom AIR;C:\Windows\System32\drivers\MAudioAxiomAIR.sys [2013-1-15 137424]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-8-20 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-8-20 21872]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\System32\drivers\btnetBus.sys [2010-4-6 30088]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 iLokDrvr;Usb Driver;C:\Windows\System32\drivers\iLokDrvr.sys [2012-11-17 24728]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\System32\drivers\IvtBtBus.sys [2010-4-6 27016]
S3 LVcKap64;Logitech AEC Driver;C:\Windows\System32\drivers\LVCKap64.sys [2007-2-6 1013024]
S3 MADFUAXIOM;Service for M-Audio Axiom AIR DFU;C:\Windows\System32\drivers\MAudioAxiomAIR_DFU.sys [2013-1-15 29904]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-10-15 91352]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2013-3-1 46648]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2013-3-1 45624]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-10 1255736]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: jsfile="D:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="D:\Program Files\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-10-14 07:02:45 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{363B277B-F0CF-48B7-904A-0CC2748101FD}\mpengine.dll
2014-10-13 11:05:47 -------- d-----w- C:\Program Files\pia_manager
2014-10-11 13:22:28 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-09 12:12:15 89888 ----a-w- C:\Windows\System32\NicInstC.dll
2014-10-09 12:12:14 73480 ----a-w- C:\Windows\System32\e1cmsg.dll
2014-10-09 12:12:14 495376 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2014-10-09 12:10:57 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-10-09 11:13:22 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-09 11:05:16 -------- d-----w- C:\Users\User\Intel
2014-10-09 10:07:43 -------- d-----w- C:\Program Files\Reason
2014-10-09 09:59:22 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2014-10-09 08:52:56 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-08 20:24:16 -------- d-----w- C:\TDSSKiller_Quarantine
2014-10-08 13:22:06 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-10-08 13:21:33 -------- d-----w- C:\AdwCleaner
2014-10-08 12:44:20 -------- d-----w- C:\Windows\ERUNT
2014-10-07 15:28:43 -------- d-----w- C:\ProgramData\Wondershare
2014-10-07 15:28:32 -------- d-----w- C:\Users\User\AppData\Local\Wondershare
2014-10-07 15:28:31 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare
2014-10-07 15:28:17 -------- d-----w- C:\Users\User\AppData\Roaming\Wondershare
2014-10-07 15:28:17 -------- d-----w- C:\Users\User\.android
2014-10-06 12:00:31 1188440 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FB4ED93-23AA-4EE1-95B5-6DC3C1EBA272}\gapaengine.dll
2014-10-06 11:51:43 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-06 11:51:43 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-24 15:51:36 -------- d-----w- C:\ProgramData\DigiDNA
2014-09-24 15:51:35 -------- d-----w- C:\Users\User\AppData\Roaming\iMazing
2014-09-24 15:51:35 -------- d-----w- C:\Users\User\AppData\Local\DigiDNA
2014-09-24 12:50:28 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-24 12:50:28 -------- d-----w- C:\Program Files\iTunes
2014-09-24 12:50:28 -------- d-----w- C:\Program Files\iPod
2014-09-24 07:05:00 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 07:05:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-23 08:09:19 -------- d-----w- C:\Users\User\AppData\Local\D2B23928-2604-4CDC-8CAA-F19C1FC32377.aplzod
2014-09-17 06:55:20 -------- d-----w- C:\Program Files (x86)\Skype
.
==================== Find3M  ====================
.
2014-10-10 11:25:28 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-08 17:45:27 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 11:42:52 534104 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2014-09-24 07:03:46 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 07:03:46 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42:39 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-05 02:10:43 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-05 02:05:42 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-30 07:39:45 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-07-29 13:11:29 51228 ----a-w- C:\ProgramData\SPLF05D.tmp
2014-07-28 13:52:00 6112072 ----a-w- C:\Windows\System32\usbaaplrc.dll
2014-07-28 13:52:00 54784 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2014-07-25 01:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 22:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-17 17:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-17 17:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH:  9:41:58.27 ===============
 


#4 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 14 October 2014 - 08:44 AM

Hello redbullpower,

 

my name is Dave and I'll be helping you out here.  Please allow me some time to review the information you have provided.  In the mean time, please refrain from making any additional changes to the computer as this can make it difficult for me to assist you.  Thanks, and I'll post back here as soon as possible!


//Dave

#5 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 15 October 2014 - 07:03 AM

Okay, after reviewing your log files, I have a few comments for you.

  • Your computer's C: drive is very low on space (only 0.68 GB free).  This can cause your computer to be very slow (and possibly unresponsive).  Try to free up some space on that drive by moving data to your secondary hard drives.  If this is not possible, you might consider uninstalling some programs and then installing them to a directory on your secondary hard drive.  Finally, if neither of those solution works, you could always purchase a larger drive on which to store windows.
     
  • This next issue caught my eye, but it occurred to me that perhaps it is something that you set up yourself.
    StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\skype delay start.bat
    If you know what this is, we can leave it alone.  Otherwise, if you don't, we can go through and fix it. 
     
  • Lastly, there are a couple programs on your computer that I would recommend removing.  To remove them, follow these instructions:
     
    Click the "Start" orb on the taskbar, and then click the "Control Panel" button.
    A list of programs installed will be "populated" (this may take a bit of time).
    If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

    If you use Category mode, click on Uninstall a Program.
    If you use Icons mode, click on Program and Features.
    • Glary Utilities 3.9.2
    • iFunbox (v2.8.2414.748), iFunbox DevTeam
    Additional instructions can be found here if needed.

//Dave

#6 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 17 October 2014 - 02:23 AM

Dave:

 

Thanks for helping out. For some reason your response was not emailed to me however your original one was. I will check the settings.

I now have approx 3.5 gigs on the C: drive.

I have uninstalled Glary Utilities. iFunbox I use regularly to update my phone but I will remove if you think it is malware.

The skype bat file I setup to start 2 different instances of the program. It seems to work fine.

As I mentioned in the previous post there was a rootkit found on my system when everything was unresponsive. 

I also noticed, but not sure if it is related, that when using chrome and shift clicking a link (or when a new window opens, not a new tab) that the window remains white and crashes.

Could the rollback of the computer to "last known good config" have solved the lag issues?

 

Thanks

Redbullpower



#7 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 20 October 2014 - 12:10 AM

This is sort of a long post, so bear with me.  First, I'll address the questions you laid out in your previous post, then I have some instructions and questions of my own :)

Regarding your previous post:
 

For some reason your response was not emailed to me however your original one was. I will check the settings.

 Happens to the best of us sometimes, no worries!
 

I now have approx 3.5 gigs on the C: drive.

That's still pretty tight, but it should be workable.
 

I have uninstalled Glary Utilities. iFunbox I use regularly to update my phone but I will remove if you think it is malware.

I don't think that iFunbox is malware, it falls under the category of potentially unwanted program.  This is to say that it's not malicious, but some people find it annoying and want to get rid of it.
 

The skype bat file I setup to start 2 different instances of the program. It seems to work fine.

I thought that might be the case.  We'll just leave it alone then.
 

I also noticed, but not sure if it is related, that when using chrome and shift clicking a link (or when a new window opens, not a new tab) that the window remains white and crashes.

At this point, I'm not sure about why this is happening.  We will get some other logs (see below) to try to figure out what else might be going on).
 

Could the rollback of the computer to "last known good config" have solved the lag issues?

Not to my knowledge.  Those settings are saved every time the computer boots up and shuts down properly. 
 
 
Further Questions/Instructions:

  • First off, please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
    • When the tool opens, click Yes to disclaimer.
    • Press the Scan button.
    • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
    • Please copy and paste the log in your next reply.
    Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
  • Next, I'd like to see your TDSSKiller log file(s). 
     
    When TDSSKiller runs, it makes a log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).  Please grab any and all of these that you see and attach (or paste) them to your next reply.
     
  • Lastly, a question: after freeing up some disk space, is the computer more responsive?  How would you say that it is doing as of now (aside from the browser issue)?

//Dave

#8 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 20 October 2014 - 03:58 AM

Dave:

 

Here are the log files you requested. I have attached a recent TDSSkiller log file and the original log when 1 item was detected.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2014
Ran by User at 2014-10-20 09:46:46
Running from D:\Desktop\stuff
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
1Password 1.0.9.337 (HKLM-x32\...\1Password_is1) (Version: 1.0 - AgileBits)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.338 - ABBYY)
ACID Pro 7.0 (HKLM-x32\...\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}) (Version: 7.0.713 - Sony)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Advanced Archive Password Recovery (HKCU\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.20 - Hulubulu Software)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3C378793-5288-0165-FCA4-D319D5E4A490}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avid Pro Tools Express (HKLM-x32\...\{4C77F4F5-DFFC-4A18-A5A5-913350B70865}) (Version: 10.3.3 - Avid Technology, Inc.)
Avid Virtual Instruments (HKLM-x32\...\{9239E44D-E688-4FF4-A1CA-3F1706B3B10B}) (Version: 10.0.0 - Avid Technology, Inc.)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Basic PAYE Tools (HKLM-x32\...\Basic PAYE Tools) (Version: 3.1.2.15508 - HM Revenue & Customs)
BBC iPlayer Downloads (HKLM-x32\...\{3DD343EA-B76B-4886-87FC-E5B127A8E035}) (Version: 1.7.4 - BBC)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.7 - CSR Plc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J4710DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Calendar Sync V2 (HKLM-x32\...\Calendar Sync V2) (Version:  - )
calibre (HKLM-x32\...\{69402281-8050-417B-93D8-9C2DB46C9DDC}) (Version: 2.1.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{57ADE316-7B2D-4DD0-BA95-11AF9B58B3DA}) (Version: 2.2.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC)
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
Citrix Online Launcher (HKLM-x32\...\{307ECD26-43D7-4AD4-82CF-794B63EDF096}) (Version: 1.0.141 - Citrix)
CloudShare RDP Extension for IE (HKLM-x32\...\{4616558A-FE4D-4B8C-805A-5D2088062D68}) (Version: 1.1.0 - CloudShare Ltd.)
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
dLAN Cockpit (HKLM-x32\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.4.1.1606 - Sanford, L.P.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eSupport UndeletePlus 3.0.4.918 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version:  - Copyright © 2013 eSupport.com • All Rights Reserved)
Excel To CSV Converter v1.0.0.1 (HKLM-x32\...\Excel To CSV Converter) (Version: v1.0.0.1 - crm-now GmbH)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FL Studio v7.0 (HKLM-x32\...\FL Studio_is1) (Version:  - AiR, Inc.)
GoGear Spark Device Manager (HKLM-x32\...\{CCF22908-ECD2-4068-84F1-BA02DA1EC72D}) (Version: 0.1 - Philips)
GoGear Spark Device Manager (x32 Version: 0.1 - Philips) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCamSource (HKLM-x32\...\{064BA90A-C58A-498F-950F-370A3471C1B9}) (Version: 2.5 - SKJM, LLC)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version:  - Hex-Rays SA)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Ignite (HKLM-x32\...\{9A731246-E02E-44DC-940D-0F8110C1789D}) (Version: 1.2.0 - AIR Music Technology)
Ignite (x32 Version: 1.2.0 - AIR Music Technology) Hidden
iLok Client Helper (HKLM-x32\...\InstallShield_{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
iLok Client Helper (x32 Version: 5.9.7 - PACE Anti-Piracy, Inc.) Hidden
iMazing 1.0.2.0 (HKLM\...\iMazing_is1) (Version: 1.0.2.0 - DigiDNA)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1124 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Network Connections 19.3.141.0 (Version: 19.3.141.0 - Intel) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Codec Pack 9.5.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version:  - Lexmark International, Inc.)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
LinkedIn Outlook Connector (HKLM\...\LinkedIn Outlook Connector) (Version: 1.1.10.0 - LinkedIn)
Logitech QuickCam (HKLM\...\{192E85C6-2B8A-4217-AD30-ECA5CE19DB23}) (Version: 10.51.2029 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Loopmaster Samples version 1.0 (HKLM-x32\...\{EF29801F-C87A-481B-B4D1-6D1FBDEA954B}_is1) (Version: 1.0 - Serato LP INC)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
M-Audio Axiom AIR 1.0.2 (x64) (HKLM\...\{094ED462-4C6E-4D08-8D7F-C3C63C38BF61}) (Version: 1.0.2 - M-Audio)
M-Audio Axiom AIR HyperControl for Cubase 5 1.0.0 (x64) (HKLM\...\{364ABAFD-A0B4-4AA6-A917-40C72146574B}) (Version: 1.0.0 - M-Audio)
MDI To TIFF File Converter (HKLM-x32\...\{90120000-00A6-0409-0000-0000000FF1CE}) (Version: 12.0.6661.5002 - Microsoft Corporation)
Media Player Codec Pack 4.2.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.8 - Media Player Codec Pack)
MediaInfo 0.7.62 (HKLM\...\MediaInfo) (Version: 0.7.62 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0081-0409-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MKVToolNix 7.1.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.1.0 - Moritz Bunkus)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.02.910 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.07.00 - Huawei Technologies Co.,Ltd)
Mozilla Thunderbird 14.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 14.0 (x86 en-GB)) (Version: 14.0 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.1.10169 - Native Instruments) Hidden
NETGEAR XE102 Powerline Encryption Utility (HKLM-x32\...\{76109814-439E-46A1-8BD3-A3D5DEEF1FD6}) (Version: 1.0.1.0 - NETGEAR)
NETGEAR XE102 Powerline Ethernet Adapter (HKLM-x32\...\{EA4ABA3D-10ED-449F-8D79-503CA2CFB373}) (Version: 1.00.0000 - Intellon)
NETGEAR XE104 Powerline Encryption Utility (HKLM-x32\...\InstallShield_{BFC45AAD-EB5D-4DF3-87B5-B7AD3849A096}) (Version: 2.0.0.4 - NETGEAR)
NETGEAR XE104 Powerline Encryption Utility (x32 Version: 2.0.0.4 - NETGEAR) Hidden
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )
Omron Health Management Software (HKLM-x32\...\{E01DFD45-F13A-4F12-AC38-8EEE2163E52E}) (Version: 1.60.0003 - Omron Healthcare)
PC Connectivity Solution (HKLM-x32\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Personal Renamer (HKLM-x32\...\{D29BA5EE-70F9-475E-9B32-A1091716E271}) (Version: 3.0 - Balisteor)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picture Collage Maker Pro 4.0.5 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.0.5 - PearlMountain Technology Co., Ltd)
Plex Media Server (HKLM-x32\...\{bcb7db0e-500f-445b-8200-bdde7f3c7f08}) (Version: 0.9.910 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.910 - Plex, Inc.) Hidden
plist Editor Pro 2.1.0 (HKLM-x32\...\plist Editor Pro) (Version: 2.1.0 - VOWSoft, Ltd.)
Power Packet5.0 _x86Setup (HKLM-x32\...\{45BB7607-083D-4759-873E-41EC0461F8E5}) (Version: 1.0.6 - Intellon)
Prey Anti-theft (x32 Version: 1.1.3 - Prey, Inc.) Hidden
Prezi Desktop (HKLM-x32\...\{7FAE73A4-F0BC-4B65-81CF-52C417383407}) (Version: 4.7.4 - Prezi.com)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
QRreader (HKLM-x32\...\com.dansl.QRreader) (Version: 1.5 - UNKNOWN)
QRreader (x32 Version: 1.5 - UNKNOWN) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapport (x32 Version: 3.5.1404.19 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
SEO PowerSuite (HKLM-x32\...\seopowersuite) (Version:  - )
Serato DJ  (HKLM-x32\...\{2f847b43-65de-4cc9-91bb-f89e12555b26}) (Version: 1.5.1.6 - )
Serato DJ  (x32 Version: 1.5.1.6 - Serato) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sophos Free Encryption 2.40.1 (HKLM-x32\...\{64C13A35-B44C-47E5-88DC-0916FCE1E7C1}) (Version: 2.40.1.1 - Sophos)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
SuperCollider Version 3.6.6 (HKLM-x32\...\SuperCollider-3.6.6) (Version: 3.6.6 - )
SyncBack (HKLM-x32\...\SyncBack_is1) (Version:  - 2BrightSparks)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Tenorshare iPhone 5(5s,5c) Data Recovery  (HKLM-x32\...\Tenorshare iPhone 5(5s,5c) Data Recovery) (Version:  - Tenorshare, Inc.)
TheSage (HKLM\...\TheSage) (Version: 6.0.1798 - Sequence Publishing)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.19 - Trusteer)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update or Uninstall SENukeX - 2  (HKCU\...\a10c648895c21ba6) (Version: 3.0.0.13 - SENukeX)
UTF-8 Konverter v2.0.0.1 (HKLM-x32\...\UTF-8 Konverter) (Version: v2.0.0.1 - crm-now GmbH)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) (HKLM\...\B3F27F12C500003EFE44A668CE685DE4B46A735C) (Version: 11/30/2009 3.0.0.6 - Apple Inc.)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.47-27 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
Wondershare MobileTrans ( Version 6.0.2 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 6.0.2 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-0 - BitNami)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{6BAF9852-E49B-0C90-C3C3-8E3974012C7D}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\User\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
20-10-2014 08:43:57 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0EB73951-1161-4BA9-A9C2-96377A1222AF} - System32\Tasks\asdf => D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {4E21FFAA-A474-432F-9C62-997408A4D2FB} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-10-13] ()
Task: {537DD094-2444-405B-95A9-99CC6D56DCD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {57ADDE4A-F12A-476C-AA2C-B710DA722C96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21] (Google Inc.)
Task: {91BADEE5-BD7A-4638-9A68-3A58252BFD7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-20 14:56 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll
2013-04-10 06:58 - 2013-04-10 06:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-10-17 14:01 - 2013-03-01 07:33 - 00650240 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-04-24 12:41 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Program Files\Notepad++\NppShell_05.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 08817986 _____ () C:\Program Files\pia_manager\pia_manager.exe
2012-09-11 15:30 - 2011-01-23 20:47 - 00770728 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
2012-09-11 15:30 - 2011-01-23 20:47 - 00148280 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
2007-02-08 02:13 - 2007-02-08 02:13 - 00774168 _____ () D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
2014-10-13 12:05 - 2014-10-13 12:05 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-09-04 05:50 - 2014-09-04 05:50 - 03445656 _____ () D:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () D:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-10-20 15:19 - 2010-10-20 15:19 - 00166240 _____ () D:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-05 09:34 - 2014-05-05 09:34 - 00016896 _____ () D:\Windows\Prey\versions\1.1.3\bin\windows\Cronsvclib.dll
2014-10-17 14:01 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-10-17 14:01 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-10-17 14:01 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-10-17 14:01 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-10-17 14:02 - 2013-03-01 07:33 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-10-17 14:02 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-09-11 15:30 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
2012-09-11 15:30 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
2012-09-11 15:30 - 2009-05-27 08:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccats.dll
2012-09-11 15:30 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll
2012-09-11 15:30 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
2012-08-20 14:55 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxecsm.dll
2012-08-20 14:55 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxecsmr.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL
2012-09-11 15:30 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
2012-09-11 15:30 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL
2012-09-11 15:30 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL
2012-09-11 15:30 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL
2012-09-11 15:30 - 2010-04-05 06:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll
2012-09-11 15:30 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
2012-09-11 15:30 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
2012-06-20 18:42 - 2012-06-20 18:42 - 00085504 _____ () D:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00098816 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32api.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pywintypes27.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00364544 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pythoncom27.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00045568 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_socket.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01160704 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_ssl.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00320512 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32com.shell.shell.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00713216 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_hashlib.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01175040 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._core_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00805888 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._gdi_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00811008 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._windows_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01062400 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._controls_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00735232 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._misc_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_elementtree.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00127488 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pyexpat.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00557056 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pysqlite2._sqlite.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00007168 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\hashobjs_ext.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_ctypes.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00119808 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32file.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00108544 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32security.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00018432 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32event.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00038912 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32inet.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00070656 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._html2.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00167936 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32gui.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00011264 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32crypt.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00027136 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_multiprocessing.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00686080 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\unicodedata.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00122368 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._wizard.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00010240 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\select.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00024064 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32pipe.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00025600 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32pdh.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00525640 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\windows._lib_cacheinvalidation.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00035840 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32process.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00017408 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32profile.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00022528 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32ts.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00078336 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._animate.pyd
2014-10-07 16:28 - 2014-09-11 18:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-10-07 16:28 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplanwfh.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00035976 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2007-02-08 02:13 - 2007-02-08 02:13 - 00022040 _____ () C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LCMServerPS.dll
2007-02-08 02:18 - 2007-02-08 02:18 - 01119768 _____ () D:\Program Files (x86)\Logitech\QuickCam10\LAppRes.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2014-04-24 12:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-07 14:04 - 2013-04-23 10:59 - 00376832 _____ () D:\Program Files (x86)\1Password\js3215R.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00012800 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00009728 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00014848 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\src\rgloader\rgloader193.mswin.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00009216 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00126976 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00016384 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00127316 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\bin\libffi-6.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00013312 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00095744 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-10-20 09:31 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00012800 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00009728 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00014848 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\src\rgloader\rgloader193.mswin.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00118784 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00069120 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00083968 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\bin\zlib1.dll
2014-10-20 09:32 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00275968 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00015360 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008192 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00009216 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00023552 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00036352 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00126976 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00016384 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00127316 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\bin\libffi-6.dll
2014-10-20 09:32 - 2014-10-20 09:32 - 00013312 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00095744 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-10-13 12:05 - 2014-10-13 12:05 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-17 07:31 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libexif.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:2md5VRXQJh3evo47jMBv
AlternateDataStreams: C:\ProgramData\Microsoft:MeBMXBoxhfaGemPblh8R
AlternateDataStreams: C:\ProgramData\Microsoft:MTPRysEtGqUtxQcNLogj96Vy1xc1h
AlternateDataStreams: C:\ProgramData\Microsoft:ybYv9vtNILvClFEoQqKW
AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\User\Local Settings:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local\Application Data:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local\azCSgIkbN492:CmIOGluBXcguxKjXY474pvf1emS3
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:rZ7uuCsRgjrt63A0MNd3Jw
AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:71Rzt3TlNoMjsILMBl2
AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:iCJtTdz2FxvKjxKRKJ6YlW6nTzuCs
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55602653.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55602653.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcEptMapper => 2
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: Schedule => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VFPRadioSupportService => 2
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WcesComm => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: pamela.exe => "D:\Program Files (x86)\Pamela\Pamela.exe"
MSCONFIG\startupreg: SEnukeX => "D:\zips\seo\active programs\senuke x 3.0.17\senuke.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-825264560-3987513241-950090240-500 - Administrator - Disabled)
ASPNET (S-1-5-21-825264560-3987513241-950090240-1005 - Limited - Enabled)
BC3D0FBA14E44AE4A3EC (S-1-5-21-825264560-3987513241-950090240-1003 - Limited - Enabled)
Guest (S-1-5-21-825264560-3987513241-950090240-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-825264560-3987513241-950090240-1002 - Limited - Enabled)
User (S-1-5-21-825264560-3987513241-950090240-1000 - Administrator - Enabled) => C:\Users\User
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/20/2014 09:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/20/2014 09:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (10/20/2014 09:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 09:31:37 AM) (Source: PreyCronService) (EventID: 0) (User: )
Description: Monitoring node process with id: 3884
 
Error: (10/18/2014 09:45:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/18/2014 09:45:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (10/18/2014 09:39:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/18/2014 09:39:30 PM) (Source: PreyCronService) (EventID: 0) (User: )
Description: Monitoring node process with id: 4440
 
Error: (10/17/2014 02:34:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/17/2014 02:34:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (10/20/2014 09:43:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:17 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:14 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:11 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:08 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:05 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:59 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:56 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:53 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-01 13:19:52.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 12:40:14.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 12:16:05.898
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 11:35:21.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 10:49:58.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 09:18:32.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 09:04:46.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 08:53:58.669
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-31 21:48:29.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-31 19:54:25.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 16357.91 MB
Available physical RAM: 11779.55 MB
Total Pagefile: 32714 MB
Available Pagefile: 27499.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:59.4 GB) (Free:3.09 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:735.45 GB) NTFS
Drive e: (GSP1RMCPRXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: A2F1B11C)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2AD8FE9A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2014
Ran by User at 2014-10-20 09:46:46
Running from D:\Desktop\stuff
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
1Password 1.0.9.337 (HKLM-x32\...\1Password_is1) (Version: 1.0 - AgileBits)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.338 - ABBYY)
ACID Pro 7.0 (HKLM-x32\...\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}) (Version: 7.0.713 - Sony)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Advanced Archive Password Recovery (HKCU\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.20 - Hulubulu Software)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3C378793-5288-0165-FCA4-D319D5E4A490}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avid Pro Tools Express (HKLM-x32\...\{4C77F4F5-DFFC-4A18-A5A5-913350B70865}) (Version: 10.3.3 - Avid Technology, Inc.)
Avid Virtual Instruments (HKLM-x32\...\{9239E44D-E688-4FF4-A1CA-3F1706B3B10B}) (Version: 10.0.0 - Avid Technology, Inc.)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Basic PAYE Tools (HKLM-x32\...\Basic PAYE Tools) (Version: 3.1.2.15508 - HM Revenue & Customs)
BBC iPlayer Downloads (HKLM-x32\...\{3DD343EA-B76B-4886-87FC-E5B127A8E035}) (Version: 1.7.4 - BBC)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.7 - CSR Plc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J4710DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Calendar Sync V2 (HKLM-x32\...\Calendar Sync V2) (Version:  - )
calibre (HKLM-x32\...\{69402281-8050-417B-93D8-9C2DB46C9DDC}) (Version: 2.1.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{57ADE316-7B2D-4DD0-BA95-11AF9B58B3DA}) (Version: 2.2.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC)
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
Citrix Online Launcher (HKLM-x32\...\{307ECD26-43D7-4AD4-82CF-794B63EDF096}) (Version: 1.0.141 - Citrix)
CloudShare RDP Extension for IE (HKLM-x32\...\{4616558A-FE4D-4B8C-805A-5D2088062D68}) (Version: 1.1.0 - CloudShare Ltd.)
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
dLAN Cockpit (HKLM-x32\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.4.1.1606 - Sanford, L.P.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eSupport UndeletePlus 3.0.4.918 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version:  - Copyright © 2013 eSupport.com • All Rights Reserved)
Excel To CSV Converter v1.0.0.1 (HKLM-x32\...\Excel To CSV Converter) (Version: v1.0.0.1 - crm-now GmbH)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FL Studio v7.0 (HKLM-x32\...\FL Studio_is1) (Version:  - AiR, Inc.)
GoGear Spark Device Manager (HKLM-x32\...\{CCF22908-ECD2-4068-84F1-BA02DA1EC72D}) (Version: 0.1 - Philips)
GoGear Spark Device Manager (x32 Version: 0.1 - Philips) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCamSource (HKLM-x32\...\{064BA90A-C58A-498F-950F-370A3471C1B9}) (Version: 2.5 - SKJM, LLC)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version:  - Hex-Rays SA)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Ignite (HKLM-x32\...\{9A731246-E02E-44DC-940D-0F8110C1789D}) (Version: 1.2.0 - AIR Music Technology)
Ignite (x32 Version: 1.2.0 - AIR Music Technology) Hidden
iLok Client Helper (HKLM-x32\...\InstallShield_{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
iLok Client Helper (x32 Version: 5.9.7 - PACE Anti-Piracy, Inc.) Hidden
iMazing 1.0.2.0 (HKLM\...\iMazing_is1) (Version: 1.0.2.0 - DigiDNA)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1124 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Network Connections 19.3.141.0 (Version: 19.3.141.0 - Intel) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Codec Pack 9.5.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version:  - Lexmark International, Inc.)
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
LinkedIn Outlook Connector (HKLM\...\LinkedIn Outlook Connector) (Version: 1.1.10.0 - LinkedIn)
Logitech QuickCam (HKLM\...\{192E85C6-2B8A-4217-AD30-ECA5CE19DB23}) (Version: 10.51.2029 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Loopmaster Samples version 1.0 (HKLM-x32\...\{EF29801F-C87A-481B-B4D1-6D1FBDEA954B}_is1) (Version: 1.0 - Serato LP INC)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
M-Audio Axiom AIR 1.0.2 (x64) (HKLM\...\{094ED462-4C6E-4D08-8D7F-C3C63C38BF61}) (Version: 1.0.2 - M-Audio)
M-Audio Axiom AIR HyperControl for Cubase 5 1.0.0 (x64) (HKLM\...\{364ABAFD-A0B4-4AA6-A917-40C72146574B}) (Version: 1.0.0 - M-Audio)
MDI To TIFF File Converter (HKLM-x32\...\{90120000-00A6-0409-0000-0000000FF1CE}) (Version: 12.0.6661.5002 - Microsoft Corporation)
Media Player Codec Pack 4.2.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.8 - Media Player Codec Pack)
MediaInfo 0.7.62 (HKLM\...\MediaInfo) (Version: 0.7.62 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0081-0409-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MKVToolNix 7.1.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.1.0 - Moritz Bunkus)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.02.910 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.07.00 - Huawei Technologies Co.,Ltd)
Mozilla Thunderbird 14.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 14.0 (x86 en-GB)) (Version: 14.0 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.1.10169 - Native Instruments) Hidden
NETGEAR XE102 Powerline Encryption Utility (HKLM-x32\...\{76109814-439E-46A1-8BD3-A3D5DEEF1FD6}) (Version: 1.0.1.0 - NETGEAR)
NETGEAR XE102 Powerline Ethernet Adapter (HKLM-x32\...\{EA4ABA3D-10ED-449F-8D79-503CA2CFB373}) (Version: 1.00.0000 - Intellon)
NETGEAR XE104 Powerline Encryption Utility (HKLM-x32\...\InstallShield_{BFC45AAD-EB5D-4DF3-87B5-B7AD3849A096}) (Version: 2.0.0.4 - NETGEAR)
NETGEAR XE104 Powerline Encryption Utility (x32 Version: 2.0.0.4 - NETGEAR) Hidden
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )
Omron Health Management Software (HKLM-x32\...\{E01DFD45-F13A-4F12-AC38-8EEE2163E52E}) (Version: 1.60.0003 - Omron Healthcare)
PC Connectivity Solution (HKLM-x32\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Personal Renamer (HKLM-x32\...\{D29BA5EE-70F9-475E-9B32-A1091716E271}) (Version: 3.0 - Balisteor)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picture Collage Maker Pro 4.0.5 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.0.5 - PearlMountain Technology Co., Ltd)
Plex Media Server (HKLM-x32\...\{bcb7db0e-500f-445b-8200-bdde7f3c7f08}) (Version: 0.9.910 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.910 - Plex, Inc.) Hidden
plist Editor Pro 2.1.0 (HKLM-x32\...\plist Editor Pro) (Version: 2.1.0 - VOWSoft, Ltd.)
Power Packet5.0 _x86Setup (HKLM-x32\...\{45BB7607-083D-4759-873E-41EC0461F8E5}) (Version: 1.0.6 - Intellon)
Prey Anti-theft (x32 Version: 1.1.3 - Prey, Inc.) Hidden
Prezi Desktop (HKLM-x32\...\{7FAE73A4-F0BC-4B65-81CF-52C417383407}) (Version: 4.7.4 - Prezi.com)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
QRreader (HKLM-x32\...\com.dansl.QRreader) (Version: 1.5 - UNKNOWN)
QRreader (x32 Version: 1.5 - UNKNOWN) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapport (x32 Version: 3.5.1404.19 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
SEO PowerSuite (HKLM-x32\...\seopowersuite) (Version:  - )
Serato DJ  (HKLM-x32\...\{2f847b43-65de-4cc9-91bb-f89e12555b26}) (Version: 1.5.1.6 - )
Serato DJ  (x32 Version: 1.5.1.6 - Serato) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sophos Free Encryption 2.40.1 (HKLM-x32\...\{64C13A35-B44C-47E5-88DC-0916FCE1E7C1}) (Version: 2.40.1.1 - Sophos)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
SuperCollider Version 3.6.6 (HKLM-x32\...\SuperCollider-3.6.6) (Version: 3.6.6 - )
SyncBack (HKLM-x32\...\SyncBack_is1) (Version:  - 2BrightSparks)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Tenorshare iPhone 5(5s,5c) Data Recovery  (HKLM-x32\...\Tenorshare iPhone 5(5s,5c) Data Recovery) (Version:  - Tenorshare, Inc.)
TheSage (HKLM\...\TheSage) (Version: 6.0.1798 - Sequence Publishing)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.19 - Trusteer)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update or Uninstall SENukeX - 2  (HKCU\...\a10c648895c21ba6) (Version: 3.0.0.13 - SENukeX)
UTF-8 Konverter v2.0.0.1 (HKLM-x32\...\UTF-8 Konverter) (Version: v2.0.0.1 - crm-now GmbH)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) (HKLM\...\B3F27F12C500003EFE44A668CE685DE4B46A735C) (Version: 11/30/2009 3.0.0.6 - Apple Inc.)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinHTTrack Website Copier 3.47-27 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
Wondershare MobileTrans ( Version 6.0.2 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 6.0.2 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-0 - BitNami)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{6BAF9852-E49B-0C90-C3C3-8E3974012C7D}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\User\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-825264560-3987513241-950090240-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
20-10-2014 08:43:57 Windows Update
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0EB73951-1161-4BA9-A9C2-96377A1222AF} - System32\Tasks\asdf => D:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {4E21FFAA-A474-432F-9C62-997408A4D2FB} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-10-13] ()
Task: {537DD094-2444-405B-95A9-99CC6D56DCD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {57ADDE4A-F12A-476C-AA2C-B710DA722C96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21] (Google Inc.)
Task: {91BADEE5-BD7A-4638-9A68-3A58252BFD7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-20 14:56 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll
2013-04-10 06:58 - 2013-04-10 06:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-10-17 14:01 - 2013-03-01 07:33 - 00650240 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-04-24 12:41 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Program Files\Notepad++\NppShell_05.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 08817986 _____ () C:\Program Files\pia_manager\pia_manager.exe
2012-09-11 15:30 - 2011-01-23 20:47 - 00770728 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
2012-09-11 15:30 - 2011-01-23 20:47 - 00148280 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
2007-02-08 02:13 - 2007-02-08 02:13 - 00774168 _____ () D:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
2014-10-13 12:05 - 2014-10-13 12:05 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-09-04 05:50 - 2014-09-04 05:50 - 03445656 _____ () D:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () D:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2010-10-20 15:19 - 2010-10-20 15:19 - 00166240 _____ () D:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-05 09:34 - 2014-05-05 09:34 - 00016896 _____ () D:\Windows\Prey\versions\1.1.3\bin\windows\Cronsvclib.dll
2014-10-17 14:01 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-10-17 14:01 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-10-17 14:01 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-10-17 14:01 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-10-17 14:02 - 2013-03-01 07:33 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-10-17 14:02 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-09-11 15:30 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
2012-09-11 15:30 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
2012-09-11 15:30 - 2009-05-27 08:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccats.dll
2012-09-11 15:30 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll
2012-09-11 15:30 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
2012-08-20 14:55 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxecsm.dll
2012-08-20 14:55 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxecsmr.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL
2012-09-11 15:30 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
2012-09-11 15:30 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL
2012-09-11 15:30 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL
2012-09-11 15:30 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL
2012-09-11 15:30 - 2010-04-05 06:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
2012-09-11 15:30 - 2010-04-05 06:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll
2012-09-11 15:30 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
2012-09-11 15:30 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
2012-06-20 18:42 - 2012-06-20 18:42 - 00085504 _____ () D:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00098816 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32api.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pywintypes27.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00364544 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pythoncom27.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00045568 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_socket.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01160704 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_ssl.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00320512 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32com.shell.shell.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00713216 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_hashlib.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01175040 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._core_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00805888 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._gdi_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00811008 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._windows_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 01062400 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._controls_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00735232 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._misc_.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_elementtree.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00127488 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pyexpat.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00557056 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\pysqlite2._sqlite.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00007168 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\hashobjs_ext.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_ctypes.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00119808 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32file.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00108544 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32security.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00018432 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32event.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00038912 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32inet.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00070656 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._html2.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00167936 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32gui.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00011264 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32crypt.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00027136 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\_multiprocessing.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00686080 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\unicodedata.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00122368 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._wizard.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00010240 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\select.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00024064 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32pipe.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00025600 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32pdh.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00525640 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\windows._lib_cacheinvalidation.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00035840 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32process.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00017408 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32profile.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00022528 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\win32ts.pyd
2014-10-20 09:31 - 2014-10-20 09:31 - 00078336 _____ () C:\Users\User\AppData\Local\Temp\_MEI56282\wx._animate.pyd
2014-10-07 16:28 - 2014-09-11 18:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-10-07 16:28 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplanwfh.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00035976 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-04-09 16:28 - 2014-04-09 16:28 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-04-09 16:28 - 2014-04-09 16:28 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2007-02-08 02:13 - 2007-02-08 02:13 - 00022040 _____ () C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LCMServerPS.dll
2007-02-08 02:18 - 2007-02-08 02:18 - 01119768 _____ () D:\Program Files (x86)\Logitech\QuickCam10\LAppRes.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2014-04-24 12:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-07 14:04 - 2013-04-23 10:59 - 00376832 _____ () D:\Program Files (x86)\1Password\js3215R.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00012800 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00009728 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00014848 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\src\rgloader\rgloader193.mswin.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00009216 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00126976 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00016384 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00127316 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\bin\libffi-6.dll
2014-10-20 09:31 - 2014-10-20 09:31 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00013312 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-10-20 09:31 - 2014-10-20 09:31 - 00095744 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-10-20 09:31 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocr784A.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00012800 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00009728 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00014848 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\src\rgloader\rgloader193.mswin.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00094208 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00118784 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00069120 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00083968 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\bin\zlib1.dll
2014-10-20 09:32 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00275968 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00015360 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008192 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00009216 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00023552 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00008704 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00036352 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00126976 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00087552 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00016384 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00127316 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\bin\libffi-6.dll
2014-10-20 09:32 - 2014-10-20 09:32 - 00013312 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00095744 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2014-10-20 09:32 - 2014-10-20 09:32 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\ocrE780.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-10-13 12:05 - 2014-10-13 12:05 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2014-10-13 12:05 - 2014-10-13 12:05 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () D:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-17 07:31 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-17 07:31 - 2014-10-10 03:03 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libexif.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:2md5VRXQJh3evo47jMBv
AlternateDataStreams: C:\ProgramData\Microsoft:MeBMXBoxhfaGemPblh8R
AlternateDataStreams: C:\ProgramData\Microsoft:MTPRysEtGqUtxQcNLogj96Vy1xc1h
AlternateDataStreams: C:\ProgramData\Microsoft:ybYv9vtNILvClFEoQqKW
AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\User\Local Settings:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local\Application Data:2gEgLPy4kYdMpRgrpFoMM2
AlternateDataStreams: C:\Users\User\AppData\Local\azCSgIkbN492:CmIOGluBXcguxKjXY474pvf1emS3
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:rZ7uuCsRgjrt63A0MNd3Jw
AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:71Rzt3TlNoMjsILMBl2
AlternateDataStreams: C:\Users\User\AppData\Local\Temporary Internet Files:iCJtTdz2FxvKjxKRKJ6YlW6nTzuCs
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55602653.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55602653.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: RapportMgmtService => 2
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcEptMapper => 2
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: Schedule => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VFPRadioSupportService => 2
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WcesComm => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: pamela.exe => "D:\Program Files (x86)\Pamela\Pamela.exe"
MSCONFIG\startupreg: SEnukeX => "D:\zips\seo\active programs\senuke x 3.0.17\senuke.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-825264560-3987513241-950090240-500 - Administrator - Disabled)
ASPNET (S-1-5-21-825264560-3987513241-950090240-1005 - Limited - Enabled)
BC3D0FBA14E44AE4A3EC (S-1-5-21-825264560-3987513241-950090240-1003 - Limited - Enabled)
Guest (S-1-5-21-825264560-3987513241-950090240-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-825264560-3987513241-950090240-1002 - Limited - Enabled)
User (S-1-5-21-825264560-3987513241-950090240-1000 - Administrator - Enabled) => C:\Users\User
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/20/2014 09:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/20/2014 09:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (10/20/2014 09:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/20/2014 09:31:37 AM) (Source: PreyCronService) (EventID: 0) (User: )
Description: Monitoring node process with id: 3884
 
Error: (10/18/2014 09:45:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/18/2014 09:45:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (10/18/2014 09:39:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/18/2014 09:39:30 PM) (Source: PreyCronService) (EventID: 0) (User: )
Description: Monitoring node process with id: 4440
 
Error: (10/17/2014 02:34:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (10/17/2014 02:34:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (10/20/2014 09:43:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:17 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:14 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:11 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:08 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:05 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:43:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:59 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:56 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (10/20/2014 09:42:53 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-01 13:19:52.307
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 12:40:14.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 12:16:05.898
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 11:35:21.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 10:49:58.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 09:18:32.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 09:04:46.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-01 08:53:58.669
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-31 21:48:29.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-31 19:54:25.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 16357.91 MB
Available physical RAM: 11779.55 MB
Total Pagefile: 32714 MB
Available Pagefile: 27499.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:59.4 GB) (Free:3.09 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:735.45 GB) NTFS
Drive e: (GSP1RMCPRXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: A2F1B11C)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2AD8FE9A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 

Attached Files



#9 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 23 October 2014 - 12:28 AM

Hello there,

 

Judging by your logs, it appears as though there may be a problem with one of your hard drives.  I'd like to investigate this further before we continue. 

 

Please download gsmartcontrol and save it to your Desktop.

  • Extract gsmartcontrol-0.8.7-win32.zip to a folder, double-click on gsmartcontrol.exe
  • A list of hard drives will appear, for each drive in the list, please do the following:
    • Double-click on the hard drive to see detailed Device Information
    • Click on Save As at the bottom of the Device Information window
    • Save the file to your desktop.
  • Attach all of the saved files to your next reply.

//Dave

#10 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 23 October 2014 - 02:56 AM

Dave:

 

Please see attached files.

Attached Files



#11 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 24 October 2014 - 11:30 AM

Dave:

 

I have a new update since yesterday. My second drive D: was making a clicking sound. I shutdown the computer. Now on restart the drive does not start. It is not in bios either. I took the case off and tried another restart. I can hear the D: drive making the clicking noise (successive times) for about 5 tries then stops.

I am still able to start the computer as the OS is on C: but most of the programs are on D:

Thanks



#12 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 25 October 2014 - 08:13 AM

redbullpower,

 

Thanks for the update.  The log files you provided me also indicate that your secondary hard drive is failing.  The clicking noise you refer to (commonly known as the click of death) is a common symptom of hard drive failure.  Given that the drive is making those noises and is no longer being seen the by the BIOS, data recovery will be more difficult (more on that later). 

Given that many of your programs were installed on this drive, it makes sense that your computer was slow or unresponsive that times.  Dying hard drives can cause any number of different issues (both in terms of stability and speed). 

 

Before we proceed, here are some questions I have for you:

  1. How important is the data on the secondary hard drive to you?
  2. Is any of it backed up?
  3. If you have backups, were they recent?

Here's why I ask.  If you want to try to recover data yourself, there are some things you could potentially do to coax the drive to spin up for you again.  Through doing this however, you may cause further damage to the drive (depending on the specific nature of the HDD failure).  There are also companies that specialize in data recovery.  These companies are very good at recovering data, but that skill comes at a fairly high price.  It is important to decide which direction to go however, because if the drive is used too much, it may become damaged further and thus render it useless to a recovery company too. 

 

Let me know and I can help you weigh your options.


//Dave

#13 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 27 October 2014 - 10:04 AM

redbullpower,

 

It's been over 48 hours since our last contact here.  Are you still in need of my assistance?  If so, please post back here and let me know (even if just to say that you need more time).  If this topic remains active, it will be closed by a moderator.


//Dave

#14 redbullpower

redbullpower
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 28 October 2014 - 12:09 PM

Dave:

 

Sorry for the late post. I was away from the computer a couple of days. Per your last response.

1. I have some of the data backed up but certainly not all and there will be some data that is important (photos etc) which I was consolidating recently from a NAS drive in order to purchase a new one. (bad timing). I will have access to my unhealthy computer tomorrow.

What would be involved in trying to recover the data myself? Are there tools to help with this?

 

thanks



#15 The Pugilist

The Pugilist

  • Members
  • 826 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:13 PM

Posted 28 October 2014 - 02:00 PM

What would be involved in trying to recover the data myself? Are there tools to help with this?

 

Unfortunately, given the description of the problem with your hard drive (the clicking noise specificaly), it would seem that your drive's failure is mechanical.  This limits our options.  While there are some utilities to help recover data from drives, they will not help in the case of a head crash or other types of mechanical problems.

 

In this case, your best bet is to take the drive out of the computer case and then attach it to the computer in such a way that you can change it's orientation.  Then, try turning on the computer with the drive in different positions (upside down, on it's side, etc) to see if that allows you to access some data from it. 

 

Of course, be careful not to knock the drive over when it is outside the computer case because this can cause more damage. 

 

This is by no means a foolproof method of recovery, but it is pretty much your only option for recovering data (short of sending the drive off to a professional recovery facility).

 

Hope this helps.


//Dave




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users