Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dds.txt scan for previous spyware process detector infection


  • This topic is locked This topic is locked
44 replies to this topic

#1 mbienert

mbienert

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 22 December 2014 - 02:41 AM

Some files are still attached or hidden by the Spyware Process Detector that started the problem.

I can't install, uninstall, repair or change these programs

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.71.2
Run by Home at 22:33:09 on 2014-12-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6126.2347 [GMT -8:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE
C:\Windows\SysWOW64\ENAgent.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Windows\system32\EscSvc64.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
C:\Program Files\Online Backup\OnlineBackup.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ContentWatch\bin\cwdaemon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\System32\vds.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Windows\splwow64.exe
C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
mDefault_Page_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [2C7603FDC7C6FB00CF7E7DE775158BA13E682513._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [QuickenScheduledUpdates] C:\Program Files (x86)\Quicken\bagent.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [Google Update] "C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIKEE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3620 Series" /EF "HKCU"
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe"
uRun: [OnlineBackupScheduler] C:\Program Files\Online Backup\OnlineBackup.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [ApMsgFwd.exe] C:\Program Files\Apoint\ApMsgFwd.exe
uRun: [39.0.2171.95_39.0.2171.71_chrome_updater.exe] 39.0.2171.95_39.0.2171.71_chrome_updater.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
mRun: [ACQTMOUSE] "C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Home\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: RestrictRun = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: RestrictRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X7\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001065-0002-0065-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CC620A71-7FC7-44CA-80F6-986595FAEE65} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CC620A71-7FC7-44CA-80F6-986595FAEE65}\2656C6B696E6E2636656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CC620A71-7FC7-44CA-80F6-986595FAEE65}\2656C6B696E6E2636656F58747 : DHCPNameServer = 192.168.206.1
TCP: Interfaces\{CC620A71-7FC7-44CA-80F6-986595FAEE65}\7556D4F6E2633454 : DHCPNameServer = 10.22.22.1
TCP: Interfaces\{CC620A71-7FC7-44CA-80F6-986595FAEE65}\D456C696E6461602249656E65627472E08993702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{EFC18E6B-A7CB-4671-AB27-5E8B2CD83F7A} : DHCPNameServer = 172.20.10.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001067-0002-0067-ABCDEFFEDCBC} - <orphaned>
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on\plugins\npEWPSPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-12-16 449936]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-12-16 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-12-16 267632]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-21 28008]
R1 adgnetworktdi;adgnetworktdi;C:\Windows\System32\drivers\adgnetworktdi.sys [2014-8-13 59408]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2014-12-16 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-12-16 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-12-16 436624]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-10-10 172344]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-12-16 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-12-16 83280]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-16 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-12-16 104416]
R2 CWDaemon;ContentWatch Daemon;C:\Program Files\ContentWatch\bin\cwdaemon.exe [2014-12-6 4100264]
R2 DM3220HV_0002_0;DM3220HV_0002_0;C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE [2014-10-31 417280]
R2 ENAgent;Epson Redirect Agent;C:\Windows\SysWOW64\ENAgent.exe [2014-11-18 4209856]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2014-11-11 152640]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2014-11-4 661488]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2014-11-11 144560]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-12-19 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-12-19 969016]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-19 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-19 18956064]
R2 piaservice;Network Inventory Advisor Service by ClearApps Software;C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe [2014-9-28 646656]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2014-4-23 481816]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2014-3-19 93184]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2014-5-20 77312]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2014-4-22 259192]
R2 SOHDms;Sony Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-1-16 495248]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-7-30 411936]
R2 UsbService;Eltima USB Network Gate;C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe [2014-10-30 3897640]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2014-5-20 334888]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-5-20 39464]
R3 ELTIMA_USB_HUB_FILTER;Eltima usb hub filter;C:\Program Files\Eltima Software\USB Network Gate\drv\NT6x64\fusbhub.sys [2014-10-30 88296]
R3 eustub;Usb Stub (Eltima software);C:\Windows\System32\drivers\eusbstub.sys [2014-10-30 17640]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-12-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-19 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-12-19 63704]
R3 narcpi_wfp;narcpi_wfp;C:\Windows\System32\drivers\narcpi_wfp.sys [2014-12-6 33584]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-30 40392]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2014-3-18 12032]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2014-5-21 574320]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-4-22 44736]
R3 vuhub;Virtual Usb Hub;C:\Windows\System32\drivers\vuhub.sys [2014-10-30 77032]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2012-3-27 398112]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-12-16 116728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S2 spd3ssl;S*pyware P*rocess D*etector v3.23.2;C:\Program Files (x86)\Spyware Process Detector\spd323.sys [2014-11-16 15872]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2014-5-5 44640]
S3 CWUpdaterDaemon;ContentWatch Updater Daemon;C:\Program Files\ContentWatch\bin\cwupdater.exe [2014-5-29 7736488]
S3 HPFXFAX;HPFXFAX;C:\Windows\System32\drivers\hpfx64fax.sys [2007-7-16 23064]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-18 77592]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-18 13080]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-8-6 23040]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-18 19456]
S3 SOHDs;Sony Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2013-12-3 79000]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-18 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-18 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-18 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-12-19 08:34:47    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-19 08:34:28    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-12-19 08:34:28    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-12-19 08:34:28    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-12-19 08:34:28    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-12-19 08:34:28    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-18 03:03:31    --------    d-----w-    C:\Program Files (x86)\ESET
2014-12-17 19:46:18    --------    d-----w-    C:\AdwCleaner
2014-12-17 18:09:11    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-12-17 18:09:11    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-12-17 07:53:55    --------    d-----w-    C:\Users\Home\AppData\Roaming\AVAST Software
2014-12-17 07:49:33    116728    ----a-w-    C:\Windows\System32\drivers\aswStm.sys
2014-12-17 07:49:32    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-12-17 07:49:32    267632    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-12-17 07:49:29    83280    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-12-17 07:49:28    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-12-17 07:49:28    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-12-17 07:49:26    1050432    ----a-w-    C:\Windows\System32\drivers\aswsnx.sys
2014-12-17 07:49:25    28184    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2014-12-17 07:49:12    43152    ----a-w-    C:\Windows\avastSS.scr
2014-12-17 07:49:04    449936    ----a-w-    C:\Windows\System32\drivers\aswNdisFlt.sys
2014-12-17 07:42:58    --------    d-----w-    C:\Program Files\AVAST Software
2014-12-15 19:59:47    --------    d-----r-    C:\Users\Home\iCloudDrive
2014-12-15 19:59:41    --------    d-----w-    C:\Users\Home\AppData\Local\Apple Inc
2014-12-13 07:21:50    0    ----a-w-    C:\Users\Home\chrome.sys
2014-12-13 07:21:36    0    ----a-w-    C:\Users\Home\AdobeCollabSync.sys
2014-12-13 07:21:11    8640    ----a-w-    C:\Users\Home\AppleMobileDeviceService.sys
2014-12-11 17:17:42    --------    d-----w-    C:\Program Files (x86)\SafeIP
2014-12-11 16:27:27    --------    d-----w-    C:\ProgramData\QFX Software
2014-12-11 06:21:55    --------    d-----w-    C:\Program Files (x86)\KeyScrambler
2014-12-10 15:16:08    3209728    ----a-w-    C:\Windows\SysWow64\mf.dll
2014-12-10 15:16:06    4121600    ----a-w-    C:\Windows\System32\mf.dll
2014-12-10 05:39:22    --------    d-----w-    C:\Users\Home\AppData\Roaming\DropIt
2014-12-09 22:42:38    --------    d-----w-    C:\Program Files\DropIt
2014-12-09 07:33:09    --------    d-----w-    C:\Users\Home\AppData\Local\ContentWatch
2014-12-07 22:52:47    --------    d-----w-    C:\Users\Home\AppData\Local\Macromedia
2014-12-07 07:22:47    --------    d-----w-    C:\Program Files\FileViewPro
2014-12-07 07:22:10    --------    d-----w-    C:\Spacekace
2014-12-07 04:23:14    33584    ----a-w-    C:\Windows\System32\drivers\narcpi_wfp.sys
2014-12-07 04:18:50    --------    d-----w-    C:\ProgramData\ContentWatch
2014-12-07 04:18:50    --------    d-----w-    C:\Program Files\ContentWatch
2014-12-07 00:49:03    --------    d-----w-    C:\NVIDIA
2014-12-06 07:37:41    --------    d-----w-    C:\Program Files\Defraggler
2014-12-06 07:36:23    --------    d-----w-    C:\Program Files\Speccy
2014-12-06 07:32:06    --------    d-----w-    C:\Program Files\CCleaner
2014-12-05 20:02:50    --------    d-----w-    C:\Users\Home\AppData\Local\C0723A44-78D8-497A-BA50-F70977CE9324.aplzod
2014-12-04 05:20:46    --------    d-----r-    C:\Program Files (x86)\Skype
2014-12-03 18:17:56    --------    d-----w-    C:\Users\Home\AppData\Roaming\Online Backup
2014-12-03 18:17:37    --------    d-----w-    C:\Program Files\Online Backup
2014-11-30 11:07:08    --------    d-----w-    C:\Windows\Downloaded Program Files
2014-11-28 00:33:27    --------    d-----w-    C:\Users\Home\AppData\Roaming\.minecraft
2014-11-27 08:04:33    --------    d-s---w-    C:\Windows\SysWow64\Microsoft
2014-11-25 22:24:28    24294072    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 21:59:38    18638520    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-23 21:53:44    --------    d-----w-    C:\Program Files (x86)\Adobe Download Assistant
.
==================== Find3M  ====================
.
2014-12-17 18:31:57    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-17 18:31:57    701616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-16 02:38:11    18960    ----a-w-    C:\Windows\System32\drivers\LNonPnP.sys
2014-11-24 22:04:56    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-11-22 03:06:23    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07    6039552    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58    2125312    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26    4299264    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21    2358272    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-22 01:22:49    2052096    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20    1888256    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-19 12:26:34    1614504    ----a-w-    C:\Windows\System32\FM20.DLL
2014-11-11 03:09:06    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52    241152    ----a-w-    C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32    186880    ----a-w-    C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26    119296    ----a-w-    C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-11-08 02:45:09    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-11-03 02:18:01    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-30 02:03:43    165888    ----a-w-    C:\Windows\System32\charmap.exe
2014-10-30 01:45:43    155136    ----a-w-    C:\Windows\SysWow64\charmap.exe
2014-10-28 05:38:50    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-25 01:57:59    77824    ----a-w-    C:\Windows\System32\packager.dll
2014-10-25 01:32:37    67584    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37    155064    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06    683520    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-10-14 02:12:57    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31    681984    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02    681984    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42    3198976    ----a-w-    C:\Windows\System32\win32k.sys
2014-10-03 02:12:23    310272    ----a-w-    C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23    2020352    ----a-w-    C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22    346624    ----a-w-    C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22    181248    ----a-w-    C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00    500224    ----a-w-    C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54    284672    ----a-w-    C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51    680960    ----a-w-    C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51    440832    ----a-w-    C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51    296448    ----a-w-    C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49    266240    ----a-w-    C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03    248832    ----a-w-    C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03    214016    ----a-w-    C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03    145920    ----a-w-    C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03    1177088    ----a-w-    C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42    442880    ----a-w-    C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26    374784    ----a-w-    C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26    195584    ----a-w-    C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25    198656    ----a-w-    C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-10-02 22:23:20    94208    ----a-w-    C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 22:23:20    69632    ----a-w-    C:\Windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38    371712    ----a-w-    C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50    519680    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2014-03-31 02:45:44    29532392    ----a-w-    C:\Program Files (x86)\ios-data-recovery.exe
.
============= FINISH: 22:35:12.66 ===============

 

Here's the second one...

 

5049906024825390.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/18/2014 9:21:16 AM
System Uptime: 12/21/2014 12:19:58 AM (22 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core™ i7 CPU       Q 740  @ 1.73GHz | N/A | 1734/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 550.878 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Microsoft Teredo Tunneling Adapter
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP337: 12/18/2014 3:00:33 AM - Windows Update
.
==== Installed Programs ======================
.
4Team Outlook Duplicate Remover
4Team PST Merger
4Team PST Splitter
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
7-Zip 9.22 (x64 edition)
Adobe Acrobat XI Pro
Adobe AIR
Adobe Creative Cloud
Adobe Download Assistant
Adobe Extension Manager CC
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.1
All  In  One - Key logger
Alps Pointing-device for VAIO
Anti-Dupe for Microsoft Outlook
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft WebCam Companion 3
Avast Premier
Bazooka Scanner
Belarc Advisor 8.4
Bonjour
CCleaner
D3DX10
Definition Update for Microsoft Office 2010 (KB2910899) 64-Bit Edition
Defraggler
DeviceDiscovery
Dropbox
DropIt (v8.0)
Epson Connect Printer Setup
EPSON Connect version 1.0
Epson Customer Participation
Epson E-Web Print
Epson Event Manager
Epson FAX Utility
EPSON Scan
EPSON WF-3620 Series Printer Uninstall
Epson WF-3620 User's Guide version 1.0
EpsonNet Print
eReg
ESET Online Scanner v3
FileViewPro
Google Chrome
Google Update Helper
Google+ Auto Backup
iCloud
iFunbox (v2.8.2414.748), iFunbox DevTeam
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam
Intel® Rapid Storage Technology
iSEEK AnswerWorks English Runtime
iTunes
Java 7 Update 71
Java 7 Update 71 (64-bit)
Java Auto Updater
Logitech SetPoint 6.65
Logitech Unifying Software 2.10
LTCM Client
Malwarebytes Anti-Malware version 2.0.4.1028
Marvell Miniport Driver
MergeModule_x64
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 4 Runtime
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Windows Debugging Symbols
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
Net Nanny
Network Inventory Advisor 4.3
NirSoft BulletsPassView
NirSoft IPNetInfo
NirSoft Mail PassView
NirSoft NK2Edit
NirSoft Password Security Scanner
NirSoft ProduKey
NirSoft RegScanner
NirSoft SniffPass
NirSoft VideoCacheView
NirSoft WebVideoCap
NirSoft WhoisThisDomain
NVIDIA 3D Vision Driver 340.52
NVIDIA Control Panel 340.52
NVIDIA GeForce Experience 2.1.1
NVIDIA Graphics Driver 340.52
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 15.3.33
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 15.3.33
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
OneTouch 4.6
Online Backup
Picasa 3
PlayMemories Home
Quicken 2012
Quicken 2013
Quicken WillMaker Plus 2013
QuickTime 7
Realtek High Definition Audio Driver
Recover Keys
Recuva
Remote Keyboard
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Excel 2010 (KB2910902) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553154) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2899519) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SetIP
Setting Utility Series
SHIELD Streaming
Skype Click to Call
SkypeT 6.22
Software Updater
SOHLib for PlayMemories Home
Speccy
Spyware Process Detector v3.23.2
StoryBook Creator 4.0
SUPERAntiSpyware
swMSM
System Requirements Lab for Intel
Tilt Mouse Software 4.1
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition
USB Network Gate 6.2 (Build 6.2.671)
VAIO - Remote Keyboard
VAIO - Xperia Link
VAIO Care
VAIO Control Center
VAIO Event Service
VAIO Health Report
VAIO Power Management
VC80CRTRedist - 8.0.50727.6195
VirusTotal Uploader 2.0
VirusTotal Uploader 2.2
Visioneer Acuity Assets V1
VLC media player
WIDCOMM Bluetooth Software
Windows 7 Upgrade Advisor
Windows Driver Package - Atheros Communications Inc. (athr) Net  (02/12/2010 9.0.0.125)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/12/2010 6.3.0.3820)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/28/2010 6.3.0.3850)
Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500)
Windows Driver Package - Ricoh Company (risdsnpe) hdc  (12/25/2009 6.13.03.02)
Windows Driver Package - Ricoh Company MS Host Controller (12/21/2009 6.13.03.02)
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/27/2009 8.0.1.2)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WordPerfect Office IFilter 64-bit
WordPerfect Office X7
Xerox DocuMate 3220 Driver
XperiaLinkx86
.
==== Event Viewer Messages From Past Week ========
.
12/21/2014 12:24:25 AM, Error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
12/21/2014 12:22:16 AM, Error: Service Control Manager [7000]  - The S*pyware P*rocess D*etector v3.23.2 service failed to start due to the following error:  This driver has been blocked from loading
12/21/2014 12:22:16 AM, Error: Application Popup [1060]  - \??\C:\Program Files (x86)\Spyware Process Detector\spd323.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/21/2014 12:21:02 AM, Error: SNMP [1500]  - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
12/21/2014 12:20:31 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
12/20/2014 7:50:40 AM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.5 with the system having network hardware address 78-61-7C-D9-81-15. Network operations on this system may be disrupted as a result.
12/20/2014 2:49:11 PM, Error: Service Control Manager [7022]  - The VAIO Care Performance Service service hung on starting.
12/20/2014 2:47:10 PM, Error: Schannel [36887]  - The following fatal alert was received: 0.
12/20/2014 11:53:34 PM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
12/20/2014 11:05:39 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.3 with the system having network hardware address EC-1A-59-FE-4D-88. Network operations on this system may be disrupted as a result.
12/18/2014 5:59:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
12/18/2014 5:57:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
12/18/2014 5:55:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the BITS service.
12/18/2014 5:53:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the SENS service.
12/18/2014 5:51:26 PM, Error: Service Control Manager [7038]  - The CWDaemon service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/18/2014 5:51:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the Browser service.
12/18/2014 5:51:26 PM, Error: Service Control Manager [7000]  - The ContentWatch Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
12/18/2014 5:51:26 PM, Error: Service Control Manager [7000]  - The Computer Browser service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/18/2014 5:50:32 PM, Error: Service Control Manager [7043]  - The Sony Digital Media Server service did not shut down properly after receiving a preshutdown control.
12/18/2014 5:49:59 PM, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
12/18/2014 5:47:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/18/2014 5:45:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
12/18/2014 5:43:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
12/18/2014 5:39:26 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
12/18/2014 3:12:03 PM, Error: Service Control Manager [7011]  - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/18/2014 2:07:56 PM, Error: volmgr [45]  - The system could not sucessfully load the crash dump driver.
12/18/2014 10:23:31 AM, Error: Schannel [36887]  - The following fatal alert was received: 40.
.
==== End Of File ===========================

 


Edited by mbienert, 22 December 2014 - 02:59 AM.


BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 24 December 2014 - 01:39 PM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 25 December 2014 - 09:01 PM

OK, got it. One question...do I need to disable firewall before I scan also? If not, here is the scan reports for FRST:

1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-12-2014
Ran by Home (administrator) on HOME-PC on 25-12-2014 17:28:51
Running from C:\Users\Home\Downloads
Loaded Profile: Home (Available profiles: Home & Guest & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Visioneer Inc.) C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Visioneer Inc.) C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
() C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(ELTIMA Software) C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ContentWatch, Inc.) C:\Program Files\ContentWatch\bin\cwdaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SwapDrive, Inc.) C:\Program Files\Online Backup\OnlineBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ContentWatch, Inc.) C:\Program Files\ContentWatch\bin\cwregistration.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-06-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [ACQTMOUSE] => C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe [501760 2007-07-08] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [2C7603FDC7C6FB00CF7E7DE775158BA13E682513._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [76072 2013-04-09] (Intuit Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Google Update] => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-23] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [OnlineBackupScheduler] => C:\Program Files\Online Backup\OnlineBackup.exe [595592 2014-12-03] (SwapDrive, Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApMsgFwd.exe] => C:\Program Files\Apoint\ApMsgFwd.exe [66856 2010-03-17] (Alps Electric Co., Ltd.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [39.0.2171.95_39.0.2171.71_chrome_updater.exe] => 39.0.2171.95_39.0.2171.71_chrome_updater.exe
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\RunOnce: [Adobe Speed Launcher] => 1419337274
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2190783691-814972009-3028242154-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\searchplugins\web-search.xml
FF Extension: iCloud Bookmarks - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\firefoxdav@icloud.com [2014-12-15]
FF Extension: Bookmark Duplicate Cleaner - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\bookmarkdup@localghost.net.xpi [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-12-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]
FF Extension: No Name - {F003DA68-8256-4b37-A6C4-350FA04494DF} [Not Found]
FF Extension: No Name - web2pdfextension@web2pdf.adobedotcom [Not Found]
FF Extension: No Name - e-webprint@epson.com [Not Found]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-18]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-18]
CHR Extension: (Business Valuation Software) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcngldahbgolgipnkmdpdgmbegakiokm [2014-12-06]
CHR Extension: (Mortgage and loan calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhagicmkabhoiamildffgfhdpfanapbo [2014-12-06]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-03-19]
CHR Extension: (Invoicera) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\edpnhgjhpakkoojbgaakfgildhipljab [2014-12-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-25]
CHR Extension: (iCloud Bookmarks) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-04-05]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-08-12]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-05-20]
CHR Extension: (Protect My Choices) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2014-08-12]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-08-12]
CHR Extension: (Loan Comparison Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkdodeilmjdkkdammcbialadkoikjhl [2014-12-06]
CHR Extension: (Income Tax Calculator for USA) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcecfljoakpeoalbffhkajdeljkabaem [2014-12-06]
CHR Extension: (Compound Interest Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbnlgammlfchoaicmiammeeolplakdg [2014-12-06]
CHR Extension: (Goodbudget) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhffmghajhedigppmcgiefaddneijge [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-18]
CHR Extension: (BudgetBuddy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonmeobjhhgmnnpmlbkdhdonmbdellle [2014-12-06]
CHR Extension: (Home Finance) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehlijeionoaacbmakjgjgcggdkbaikc [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-18]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-16] (AVAST Software)
R2 CWDaemon; C:\Program Files\ContentWatch\bin\cwdaemon.exe [4100264 2014-12-06] (ContentWatch, Inc.)
S3 CWUpdaterDaemon; C:\Program Files\ContentWatch\bin\cwupdater.exe [7736488 2014-05-29] (ContentWatch, Inc.)
R2 DM3220HV_0002_0; C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE [417280 2013-05-27] (Visioneer Inc.)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [231936 2013-12-09] (Visioneer Inc.) [File not signed]
R2 piaservice; C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe [646656 2014-09-28] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 UsbService; C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe [3897640 2013-12-10] (ELTIMA Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACRUSBTM; C:\Windows\SysWOW64\drivers\ACRUSBTM.SYS [28672 2007-08-02] () [File not signed]
R1 adgnetworktdi; C:\Windows\System32\drivers\adgnetworktdi.sys [59408 2014-03-13] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-05-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
R3 ELTIMA_USB_HUB_FILTER; C:\Program Files\Eltima Software\USB Network Gate\drv\NT6x64\fusbhub.sys [88296 2013-12-10] (ELTIMA Software)
R3 eustub; C:\Windows\System32\DRIVERS\eusbstub.sys [17640 2013-12-10] (ELTIMA Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 narcpi_wfp; C:\Windows\System32\DRIVERS\narcpi_wfp.sys [33584 2014-12-06] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 spd3ssl; C:\Program Files (x86)\Spyware Process Detector\spd323.sys [15872 2013-02-25] () [File not signed]
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-22] ()
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [77032 2013-12-10] (ELTIMA Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Home\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 17:28 - 2014-12-25 17:29 - 00034903 _____ () C:\Users\Home\Downloads\FRST.txt
2014-12-25 17:28 - 2014-12-25 17:28 - 00000000 ____D () C:\FRST
2014-12-25 08:11 - 2014-12-25 08:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 00:55 - 2014-12-25 00:55 - 02122240 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2014-12-24 00:42 - 2014-12-24 11:13 - 00012353 _____ () C:\Users\Home\Desktop\Christmas 2014.xlsx
2014-12-23 16:46 - 2014-12-23 16:46 - 00003254 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2190783691-814972009-3028242154-1000
2014-12-23 15:17 - 2014-12-23 15:18 - 00000000 ____D () C:\Users\Home\Desktop\Screen Shots
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\IsolatedStorage
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Local\FileViewPro
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-12-22 21:54 - 2014-12-22 21:54 - 05176539 ____N () C:\Users\Home\Desktop\QDATA_20060621_20070126.zip
2014-12-22 21:54 - 2014-12-22 21:54 - 05076648 ____N () C:\Users\Home\Desktop\QDATA_20060621_20070123.QDF
2014-12-22 19:19 - 2014-12-23 04:08 - 00000000 ____D () C:\Users\Home\Desktop\Scans
2014-12-22 12:35 - 2014-12-22 12:35 - 00000000 ____D () C:\INET
2014-12-21 23:35 - 2014-12-21 23:35 - 00653428 _____ () C:\Users\Home\Downloads\QuickenWin_092014_122014.qfx
2014-12-21 23:35 - 2014-12-21 23:35 - 00293511 _____ () C:\Users\Home\Downloads\QuickenWin_122014_122014.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00575881 _____ () C:\Users\Home\Downloads\QuickenWin_032013_062013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(1).qfx
2014-12-21 22:03 - 2014-12-21 22:03 - 00688992 ____R (Swearware) C:\Users\Home\Downloads\dds.com
2014-12-21 20:32 - 2014-12-21 20:32 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player.exe
2014-12-21 20:32 - 2014-12-21 20:32 - 17541296 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player_ax.exe
2014-12-21 02:20 - 2014-12-21 02:20 - 00000000 ____D () C:\Users\Home\Documents\Taxes
2014-12-21 01:40 - 2014-12-21 01:40 - 39426560 _____ () C:\Users\Home\Downloads\Net_Nanny_for_Windows_7.2.3.0-8335_x86_64_NN_release.msi
2014-12-19 11:45 - 2014-12-19 11:45 - 00186568 _____ (ESET) C:\Users\Home\Downloads\ESETPoweliksCleaner.exe
2014-12-19 00:34 - 2014-12-25 00:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 00:34 - 2014-12-19 00:34 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-18 23:50 - 2014-12-18 23:50 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Home\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-17 19:03 - 2014-12-17 19:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-17 19:02 - 2014-12-17 19:03 - 02347384 _____ (ESET) C:\Users\Home\Downloads\esetsmartinstaller_enu.exe
2014-12-17 17:01 - 2014-12-16 23:49 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-17 14:04 - 2014-12-17 14:04 - 01707646 _____ (Thisisu) C:\Users\Home\Downloads\JRT.exe
2014-12-17 11:46 - 2014-12-20 16:02 - 00000000 ____D () C:\AdwCleaner
2014-12-17 11:45 - 2014-12-17 11:45 - 02166272 _____ () C:\Users\Home\Downloads\adwcleaner_4.105.exe
2014-12-17 11:28 - 2014-12-17 11:28 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
2014-12-17 11:19 - 2014-12-20 16:16 - 00000000 ____D () C:\Users\Home\Downloads\JavaRa-2.3
2014-12-17 11:18 - 2014-12-17 11:19 - 00157265 _____ () C:\Users\Home\Downloads\JavaRa-2.3.zip
2014-12-17 10:09 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 10:09 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 23:53 - 2014-12-16 23:53 - 00000000 ____D () C:\Users\Home\AppData\Roaming\AVAST Software
2014-12-16 23:51 - 2014-12-17 17:02 - 00001970 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-16 23:51 - 2014-12-17 17:02 - 00001910 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-12-16 23:51 - 2014-12-16 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-16 23:49 - 2014-12-25 17:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 23:49 - 2014-12-16 23:50 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-16 23:49 - 2014-12-16 23:49 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-16 23:42 - 2014-12-16 23:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-16 23:40 - 2014-12-16 23:40 - 00001795 _____ () C:\Users\Home\Downloads\license(1).avastlic
2014-12-16 22:39 - 2014-12-16 22:39 - 01054912 _____ (Adobe) C:\Users\Home\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2014-12-16 22:24 - 2014-12-16 22:24 - 00000000 ____D () C:\Users\Home\Documents\Bluetooth Exchange Folder
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_premier_antivirus_setup_online.exe
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_premier_antivirus_setup_online.exe
2014-12-16 21:01 - 2014-12-16 22:19 - 00014628 _____ () C:\Users\Home\Documents\Bella's Uniform.xlsx
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_internet_security_setup_online.exe
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup_online.exe
2014-12-16 17:55 - 2014-12-16 18:00 - 186654536 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup.exe
2014-12-16 17:55 - 2014-12-16 17:55 - 00001769 _____ () C:\Users\Home\Downloads\license.avastlic
2014-12-16 12:32 - 2014-12-16 12:32 - 00000000 ____D () C:\Users\Home\Documents\My OneTouch Archive
2014-12-15 13:45 - 2014-12-23 04:02 - 00000000 ____D () C:\Users\Home\Desktop\Credit Report.1_files
2014-12-15 13:41 - 2014-12-16 10:23 - 00777995 _____ () C:\Users\Home\Desktop\Backup of IRA 83880 Securities sold.wbk
2014-12-15 13:17 - 2014-12-15 13:17 - 00400384 _____ () C:\Users\Home\Downloads\outlooktoolssetup.msi
2014-12-15 12:50 - 2014-12-15 12:50 - 00030795 _____ () C:\Users\Home\Desktop\Family Sharing - iCloud Help.htm
2014-12-15 12:49 - 2014-12-15 12:49 - 00421565 _____ () C:\Users\Home\Desktop\Credit Report.htm
2014-12-15 12:19 - 2014-12-15 12:33 - 00000000 ____D () C:\Users\Home\Documents\Fax
2014-12-15 11:59 - 2014-12-22 12:27 - 00000000 ___RD () C:\Users\Home\iCloudDrive
2014-12-15 11:59 - 2014-12-15 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple Inc
2014-12-15 01:14 - 2014-12-15 01:14 - 00251350 _____ () C:\Users\Home\Desktop\St Johns trip.htm
2014-12-15 01:14 - 2014-12-15 01:14 - 00000000 ____D () C:\Users\Home\Desktop\St Johns trip_files
2014-12-14 22:18 - 2014-12-14 22:18 - 00320222 _____ () C:\Users\Home\Documents\Backup of error.wbk
2014-12-13 17:22 - 2014-12-13 17:23 - 00038327 _____ () C:\Windows\SysWOW64\Result.txt
2014-12-13 12:31 - 2014-12-13 12:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Home\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 12:28 - 2014-12-13 12:29 - 00401920 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2014-12-12 23:37 - 2014-12-12 23:37 - 00000042 _____ () C:\Windows\SysWOW64\AK083E209605E394C.lie
2014-12-12 23:21 - 2014-12-12 23:21 - 00008640 _____ () C:\Users\Home\AppleMobileDeviceService.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000073 _____ () C:\Users\Home\AdobeCollabSync.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000063 _____ () C:\Users\Home\chrome.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000032 _____ () C:\Users\Home\AppleMobileDeviceService.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.map
2014-12-12 13:45 - 2014-12-21 21:01 - 00052607 _____ () C:\Users\Home\Downloads\Result.txt
2014-12-11 23:36 - 2014-12-11 23:36 - 10547200 _____ () C:\Users\Guest\nvtray.mem
2014-12-11 23:36 - 2014-12-11 23:36 - 00007560 _____ () C:\Users\Guest\nvtray.map
2014-12-11 23:36 - 2014-12-11 23:36 - 00000058 _____ () C:\Users\Guest\nvtray.sav
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Exchange Folder
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\AppData\Local\Broadcom
2014-12-11 22:50 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Epson
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\My OneTouch Archive
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\Mail Attachments
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony Corporation
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\LinkManager 4.0
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Leader Technologies
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Acer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Local\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 _____ () C:\Users\Guest\Sti_Trace.log
2014-12-11 10:14 - 2014-12-11 10:17 - 00000000 ____D () C:\Users\Home\Downloads\backups
2014-12-11 09:44 - 2014-12-12 21:24 - 00021231 _____ () C:\Users\Home\Downloads\hijackthis.log
2014-12-11 09:17 - 2014-12-12 23:04 - 00000000 ____D () C:\Program Files (x86)\SafeIP
2014-12-11 09:17 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeIP
2014-12-11 08:27 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\QFX Software
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files (x86)\KeyScrambler
2014-12-10 22:08 - 2014-12-10 22:08 - 01553104 _____ () C:\Users\Home\Downloads\KeyScrambler_Setup.exe
2014-12-10 22:06 - 2014-12-10 22:07 - 05490752 _____ (Secunia) C:\Users\Home\Downloads\PSISetup.exe
2014-12-10 20:07 - 2014-12-10 20:07 - 00509440 _____ (Tech Support Guy System) C:\Users\Home\Downloads\SysInfo.exe
2014-12-10 19:53 - 2014-12-10 19:53 - 00852497 _____ () C:\Users\Home\Downloads\SecurityCheck.exe
2014-12-10 14:47 - 2014-12-10 14:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-12-10 09:50 - 2014-12-10 09:50 - 00000000 _____ () C:\Users\Home\Sti_Trace.log
2014-12-10 07:16 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:16 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 04:00 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 04:00 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 04:00 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 04:00 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 04:00 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 04:00 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 04:00 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 04:00 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 04:00 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 04:00 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 04:00 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 04:00 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 04:00 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 04:00 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 04:00 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 04:00 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 04:00 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 04:00 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 04:00 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 04:00 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 04:00 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 04:00 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 04:00 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 04:00 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 04:00 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 04:00 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 04:00 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 04:00 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 04:00 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 21:39 - 2014-12-09 21:39 - 01070592 _____ () C:\Users\Home\Downloads\MicrosoftFixit50569.msi
2014-12-09 21:39 - 2014-12-09 21:39 - 00000000 ____D () C:\Users\Home\AppData\Roaming\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000772 _____ () C:\Users\Home\Desktop\DropIt.lnk
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\Program Files\DropIt
2014-12-09 14:15 - 2014-12-09 14:15 - 04224708 _____ (Lupo PenSuite Team ) C:\Users\Home\Downloads\DropIt_v8.0_Setup.exe
2014-12-08 23:58 - 2014-12-08 23:59 - 05631912 _____ (j2 Global) C:\Users\Home\Downloads\msgrplus.exe
2014-12-08 23:33 - 2014-12-25 17:29 - 00000000 ____D () C:\Users\Home\AppData\Local\ContentWatch
2014-12-08 22:54 - 2014-12-08 23:02 - 71648048 _____ (Apple Inc.) C:\Users\Home\Downloads\iCloudSetup.exe
2014-12-08 21:31 - 2014-12-08 21:31 - 00001159 _____ () C:\Users\Home\Desktop\Mozilla Firefox.lnk
2014-12-08 10:05 - 2014-12-08 10:05 - 00022528 _____ () C:\Users\Home\Documents\QDRO's and call  with Mr. Bender.msg
2014-12-07 19:04 - 2014-12-20 16:02 - 00377042 _____ () C:\Windows\PFRO.log
2014-12-07 14:52 - 2014-12-07 14:52 - 00000000 ____D () C:\Users\Home\AppData\Local\Macromedia
2014-12-07 14:44 - 2014-12-07 14:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Local\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-06 23:22 - 2014-12-06 23:22 - 00000808 _____ () C:\Users\Public\Desktop\FileViewPro.lnk
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Spacekace
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Program Files\FileViewPro
2014-12-06 23:21 - 2014-12-06 23:22 - 03071160 _____ () C:\Users\Home\Downloads\Setup_FileViewPro_2015.exe
2014-12-06 23:18 - 2014-12-07 02:42 - 00000000 ____D () C:\Users\Home\Desktop\Nutrition
2014-12-06 20:23 - 2014-12-06 20:22 - 00033584 _____ () C:\Windows\system32\Drivers\narcpi_wfp.sys
2014-12-06 20:19 - 2014-12-22 12:27 - 00002091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Nanny.lnk
2014-12-06 20:18 - 2014-12-06 20:23 - 00000000 ____D () C:\Program Files\ContentWatch
2014-12-06 20:18 - 2014-12-06 20:18 - 00000000 ____D () C:\ProgramData\ContentWatch
2014-12-06 20:04 - 2014-12-06 20:05 - 00244104 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-06 19:15 - 2014-12-06 19:15 - 00000610 _____ () C:\Users\Home\Downloads\iCal-TribeEvents.ics
2014-12-06 18:48 - 2014-12-07 14:10 - 00000000 ____D () C:\Users\Home\Desktop\Stanford
2014-12-06 16:56 - 2014-12-06 17:00 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x86
2014-12-06 16:55 - 2014-12-06 16:55 - 02479498 _____ () C:\Users\Home\Downloads\CalCheck_x86.zip
2014-12-06 16:49 - 2014-12-06 16:49 - 00000000 ____D () C:\NVIDIA
2014-12-06 16:27 - 2014-12-06 16:29 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x64
2014-12-06 16:26 - 2014-12-06 16:27 - 03039177 _____ () C:\Users\Home\Downloads\CalCheck_x64.zip
2014-12-06 12:10 - 2014-12-22 12:25 - 00003673 _____ () C:\Windows\setupact.log
2014-12-06 12:10 - 2014-12-06 12:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 12:08 - 2014-12-15 18:38 - 00000792 _____ () C:\Windows\LkmdfCoInst.log
2014-12-06 00:20 - 2014-12-06 00:20 - 00004374 _____ () C:\Users\Home\Documents\cc_20141206_002053.reg
2014-12-06 00:19 - 2014-12-06 00:20 - 00137580 _____ () C:\Users\Home\Documents\cc_20141206_001939.reg
2014-12-05 23:37 - 2014-12-06 11:50 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-05 23:37 - 2014-12-05 23:39 - 00001684 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-12-05 23:37 - 2014-12-05 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Speccy
2014-12-05 23:36 - 2014-12-05 23:37 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Recuva
2014-12-05 23:33 - 2014-12-05 23:33 - 00001618 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-05 23:32 - 2014-12-05 23:32 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-05 12:02 - 2014-12-23 17:43 - 00000000 ____D () C:\Users\Home\AppData\Local\C0723A44-78D8-497A-BA50-F70977CE9324.aplzod
2014-12-05 10:16 - 2014-12-05 10:16 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-12-03 21:20 - 2014-12-04 23:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 21:20 - 2014-12-03 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 11:38 - 2014-12-03 11:38 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143833.csv
2014-12-03 11:31 - 2014-12-03 11:31 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143153.csv
2014-12-03 10:17 - 2014-12-03 10:18 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Program Files\Online Backup
2014-12-02 13:23 - 2014-12-23 17:33 - 00000000 ____D () C:\Users\Home\Documents\Outlook Files
2014-12-02 10:28 - 2014-12-02 10:28 - 00033465 _____ () C:\Users\Home\Downloads\stmt (19).qfx
2014-12-02 00:58 - 2014-12-02 00:58 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433 (1).qfx
2014-12-02 00:56 - 2014-12-02 00:56 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (2).qfx
2014-12-02 00:52 - 2014-12-02 00:52 - 00001854 _____ () C:\Users\Home\Desktop\Quicken 2013.lnk
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (18).qfx
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (17).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (16).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (15).qfx
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (3).qbo
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (2).qbo
2014-12-02 00:40 - 2014-12-02 00:40 - 00001167 _____ () C:\Users\Home\Downloads\stmt (1).qbo
2014-12-02 00:39 - 2014-12-02 00:39 - 00001143 _____ () C:\Users\Home\Downloads\stmt (14).qfx
2014-12-02 00:38 - 2014-12-02 00:38 - 00001143 _____ () C:\Users\Home\Downloads\stmt (13).qfx
2014-12-02 00:37 - 2014-12-02 00:37 - 00000982 _____ () C:\Users\Home\Downloads\stmt (12).qfx
2014-12-02 00:36 - 2014-12-02 00:36 - 00007221 _____ () C:\Users\Home\Downloads\stmt (11).qfx
2014-12-02 00:25 - 2014-12-02 00:25 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (1).qfx
2014-12-02 00:23 - 2014-12-02 00:23 - 00032512 _____ () C:\Users\Home\Downloads\stmt (10).qfx
2014-12-01 13:53 - 2014-12-01 13:53 - 12198204 _____ () C:\Users\Home\Downloads\Your Adobe Workspaces Files.zip
2014-12-01 11:19 - 2014-12-01 11:20 - 00561916 _____ () C:\Users\Home\Downloads\QuickenWin_032013_052013.qfx
2014-12-01 11:18 - 2014-12-01 11:18 - 00590340 _____ () C:\Users\Home\Downloads\QuickenWin_122012_022013.qfx
2014-11-30 14:00 - 2014-11-30 14:00 - 07994347 _____ () C:\Users\Home\Downloads\USB Control Center_v200_Windows.exe
2014-11-30 10:16 - 2014-11-30 10:16 - 00001470 _____ () C:\Users\Home\Desktop\Backup files 2.zip - Shortcut.lnk
2014-11-30 03:00 - 2014-11-30 03:01 - 67882768 _____ (Intuit ) C:\Users\Home\Downloads\QW2013R12Patch.exe
2014-11-30 00:18 - 2014-11-30 00:18 - 00347816 _____ (Microsoft Corporation) C:\Users\Home\Downloads\MicrosoftFixit.WinFileFolder.RNP.1340762677194257.1.1.Run.exe
2014-11-28 03:31 - 2014-11-28 03:31 - 00003166 _____ () C:\Windows\System32\Tasks\{63BDAFB3-4E7F-46DD-9BB8-A091540C5890}
2014-11-27 21:53 - 2014-11-27 21:53 - 00002151 _____ () C:\Users\Home\Downloads\Transactions (1).qfx
2014-11-27 21:52 - 2014-11-27 21:52 - 00001004 _____ () C:\Users\Home\Downloads\Transactions.qfx
2014-11-27 21:47 - 2014-11-27 21:47 - 00001674 _____ () C:\Users\Home\Downloads\Transaction (3).qfx
2014-11-27 16:33 - 2014-11-30 20:12 - 00000000 ____D () C:\Users\Home\AppData\Roaming\.minecraft
2014-11-26 13:03 - 2014-11-26 13:03 - 00029985 _____ () C:\Users\Home\Downloads\ExportData26112014160311.csv
2014-11-26 13:01 - 2014-11-26 13:01 - 00027736 _____ () C:\Users\Home\Downloads\ExportData26112014160102.csv
2014-11-26 12:54 - 2014-11-26 12:54 - 00025214 _____ () C:\Users\Home\Downloads\ExportData26112014155359.csv
2014-11-26 12:27 - 2014-11-26 12:27 - 00031474 _____ () C:\Users\Home\Downloads\ExportData26112014152736.csv
2014-11-26 12:08 - 2014-11-26 12:08 - 00000987 _____ () C:\Users\Home\Downloads\stmt (9).qfx
2014-11-26 12:02 - 2014-11-26 12:02 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433.qfx
2014-11-26 02:36 - 2014-11-26 02:36 - 00009413 _____ () C:\Users\Home\Downloads\MBFS_TransHist_20141126.xls
2014-11-25 23:37 - 2014-11-25 23:37 - 00194908 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-11-25 18:08 - 2014-11-25 18:08 - 00789138 _____ () C:\Users\Home\Downloads\QuickenWin_052014_082014 (8).qfx
2014-11-25 18:08 - 2014-11-25 18:08 - 00733696 _____ () C:\Users\Home\Downloads\QuickenWin_082014_112014 (8).qfx
2014-11-25 18:08 - 2014-11-25 18:08 - 00310570 _____ () C:\Users\Home\Downloads\QuickenWin_112014_112014 (8).qfx
2014-11-25 18:07 - 2014-11-25 18:07 - 00706619 _____ () C:\Users\Home\Downloads\QuickenWin_022014_052014 (8).qfx
2014-11-25 18:07 - 2014-11-25 18:07 - 00689666 _____ () C:\Users\Home\Downloads\QuickenWin_112013_022014 (8).qfx
2014-11-25 18:07 - 2014-11-25 18:07 - 00681993 _____ () C:\Users\Home\Downloads\QuickenWin_082013_112013 (8).qfx
2014-11-25 18:05 - 2014-11-25 18:05 - 00578668 _____ () C:\Users\Home\Downloads\QuickenWin_022013_052013 (9).qfx
2014-11-25 18:05 - 2014-11-25 18:05 - 00576508 _____ () C:\Users\Home\Downloads\QuickenWin_052013_082013 (8).qfx
2014-11-25 18:05 - 2014-11-25 18:05 - 00566856 _____ () C:\Users\Home\Downloads\QuickenWin_112012_022013 (10).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00004214 _____ () C:\Users\Home\Downloads\QuickenWin_052014_082014 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00003830 _____ () C:\Users\Home\Downloads\QuickenWin_022013_052013 (8).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00003827 _____ () C:\Users\Home\Downloads\QuickenWin_022014_052014 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002577 _____ () C:\Users\Home\Downloads\QuickenWin_112014_112014 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002577 _____ () C:\Users\Home\Downloads\QuickenWin_112013_022014 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002577 _____ () C:\Users\Home\Downloads\QuickenWin_082014_112014 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002577 _____ () C:\Users\Home\Downloads\QuickenWin_082013_112013 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002577 _____ () C:\Users\Home\Downloads\QuickenWin_052013_082013 (7).qfx
2014-11-25 17:58 - 2014-11-25 17:58 - 00002081 _____ () C:\Users\Home\Downloads\QuickenWin_112012_022013 (9).qfx
2014-11-25 15:15 - 2014-11-25 15:15 - 00001699 _____ () C:\Users\Home\Downloads\MC_790_CURRENT_VIEW (3).QFX
2014-11-25 15:09 - 2014-11-25 15:09 - 00001299 _____ () C:\Users\Home\Downloads\MC_790_CURRENT_VIEW (2).QFX
2014-11-25 15:03 - 2014-11-25 15:03 - 00000000 _____ () C:\autoexec.bat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 17:29 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-25 17:24 - 2014-11-11 13:00 - 00000911 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-25 17:24 - 2014-11-11 13:00 - 00000725 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-25 17:24 - 2014-04-23 18:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA.job
2014-12-25 17:24 - 2014-04-04 14:10 - 00000000 ___RD () C:\Users\Home\Desktop\Dropbox
2014-12-25 17:24 - 2014-04-03 21:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 17:24 - 2014-03-18 08:21 - 01564597 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 16:26 - 2014-07-14 23:41 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe
2014-12-25 08:51 - 2014-04-23 18:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core.job
2014-12-25 08:01 - 2014-03-18 11:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 14:53 - 2014-09-26 15:32 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashDumps
2014-12-23 12:26 - 2014-03-31 14:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-23 10:58 - 2014-03-21 14:07 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-22 19:20 - 2014-03-18 08:21 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore
2014-12-22 19:19 - 2014-03-18 08:21 - 00000000 ___RD () C:\Users\Home
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:34 - 2014-04-04 14:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox
2014-12-22 12:28 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype
2014-12-22 12:25 - 2014-03-19 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-22 12:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 02:19 - 2014-11-20 23:16 - 00000000 ____D () C:\Users\Home\Desktop\VALIDATE
2014-12-20 16:21 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-20 15:07 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-20 15:07 - 2014-04-22 15:55 - 00000000 ____D () C:\ProgramData\DivX
2014-12-20 15:00 - 2014-04-22 15:59 - 00000000 ____D () C:\Program Files\DivX
2014-12-18 23:27 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple
2014-12-18 15:10 - 2009-07-13 21:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-17 10:31 - 2014-04-03 21:28 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-17 10:31 - 2014-04-03 21:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-17 10:30 - 2014-04-03 21:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-16 22:26 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-16 19:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2014-12-16 17:51 - 2014-05-05 10:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-15 18:38 - 2014-03-19 20:34 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-12-14 16:58 - 2014-05-20 21:57 - 00000000 ____D () C:\Users\Home\Documents\Sony PMB
2014-12-14 16:55 - 2014-06-08 20:02 - 00000000 ____D () C:\Users\Home\Documents\MAKO Foundation
2014-12-14 16:37 - 2014-11-20 09:48 - 00000000 ____D () C:\Users\Home\Desktop\Quicken Reports
2014-12-14 03:18 - 2014-03-19 23:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 01:13 - 2014-11-16 21:50 - 00000000 ____D () C:\Program Files (x86)\Spyware Process Detector
2014-12-13 00:54 - 2014-05-21 00:39 - 00103642 _____ () C:\test.xml
2014-12-12 23:03 - 2014-10-30 02:08 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft IPNetInfo
2014-12-12 23:03 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-12 23:03 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest
2014-12-12 23:03 - 2014-03-18 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-12 23:03 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 15:44 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-12-12 15:43 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2014-12-12 12:22 - 2011-04-12 00:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 11:37 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer
2014-12-11 23:19 - 2014-10-11 11:31 - 00117192 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 22:51 - 2014-10-11 11:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-12-10 13:10 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 09:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 07:51 - 2014-03-18 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:20 - 2014-03-18 10:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 10:36 - 2014-04-04 14:05 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-08 21:39 - 2014-03-18 08:21 - 00001413 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-07 14:39 - 2014-11-17 00:28 - 00000000 ____D () C:\Program Files (x86)\Bazooka Scanner
2014-12-07 14:38 - 2014-03-18 11:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-06 17:10 - 2009-07-13 21:13 - 00828724 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 11:13 - 2014-11-11 10:30 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-12-06 00:26 - 2014-05-05 15:29 - 00000000 ____D () C:\Windows\pss
2014-12-05 23:58 - 2014-03-18 09:10 - 00000000 ____D () C:\Windows\Panther
2014-12-05 23:57 - 2014-05-11 23:59 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 10:25 - 2014-08-25 22:05 - 00117192 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-05 10:23 - 2014-08-27 08:55 - 00435480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-05 10:16 - 2014-03-20 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-05 10:12 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\ShellNew
2014-12-05 10:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-05 10:06 - 2009-07-13 18:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-04 23:36 - 2014-03-18 11:55 - 00000000 ____D () C:\ProgramData\Skype
2014-12-01 22:33 - 2014-11-23 23:59 - 00000000 ____D () C:\Users\Home\Desktop\BACKUP
2014-11-30 16:14 - 2014-05-20 13:58 - 00007673 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
2014-11-30 14:07 - 2014-03-18 13:45 - 00821338 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-27 19:45 - 2014-03-18 11:59 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-26 00:09 - 2014-11-20 23:33 - 03288144 _____ () C:\Users\Home\Desktop\774523-1-20-2014 (3)OFXLOG.DAT
2014-11-25 19:40 - 2014-11-20 23:32 - 116056064 _____ () C:\Users\Home\Desktop\774523-1-20-2014 (3).QDF

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqp7win.dll
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 19:27

==================== End Of Log ============================

 

and 

2. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-12-2014
Ran by Home at 2014-12-25 17:30:09
Running from C:\Users\Home\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Team Outlook Duplicate Remover (HKLM\...\{D1E252D1-51A5-42B1-8C6C-DD4A208D2371}) (Version: 3.21.0118 - 4Team Corporation)
4Team PST Merger (HKLM\...\{8601237C-7B73-4CD1-B53F-0909077F0D83}) (Version: 1.0.4994 - 4Team Corporation)
4Team PST Merger (HKLM-x32\...\{5841172B-2B1E-43C5-AA8E-A56CABFFFF38}) (Version: 1.0.4994 - 4Team Corporation)
4Team PST Splitter (HKLM-x32\...\{BF6D7475-92D9-45E4-B811-6891EEFBB85F}) (Version: 1.0.4913 - 4Team Corporation)
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
All  In  One - Key logger (HKLM-x32\...\HojO9psdv_is1) (Version:  - )
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anti-Dupe for Microsoft Outlook (HKLM-x32\...\Anti-Dupe for Microsoft Outlook) (Version: 3.0 - Lookout Software, Ltd.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.278 - ArcSoft)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bazooka Scanner (HKLM-x32\...\{CB0888EE-96D8-4713-84DC-36462C33AEB4}) (Version:  - Kephyr)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DropIt (v8.0) (HKLM\...\DropIt_is1) (Version: 8.0 - Lupo PenSuite Team)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{682A3328-9621-4BAD-91FA-873A076610C4}) (Version: 1.21.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
Google Chrome (HKLM-x32\...\{FBD50733-2ABE-3D23-88B4-7B0C0A0ADDA0}) (Version: 65.181.32922 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam (HKLM-x32\...\iFunBox 2014_is1) (Version: v3.1.562.425 - )
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\MyFreeCodec) (Version:  - )
Net Nanny (HKLM\...\{16DADBB0-4E2B-47E2-80A0-F26FFDB549BE}) (Version: 7.2.2.0 - ContentWatch)
Network Inventory Advisor 4.3 (HKLM-x32\...\Network Inventory Advisor) (Version: 4.3 - ClearApps, Inc.)
NirSoft BulletsPassView (HKLM-x32\...\NirSoft BulletsPassView) (Version:  - )
NirSoft IPNetInfo (HKLM-x32\...\NirSoft IPNetInfo) (Version:  - )
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
NirSoft NK2Edit (HKLM-x32\...\NirSoft NK2Edit) (Version:  - )
NirSoft Password Security Scanner (HKLM-x32\...\NirSoft Password Security Scanner) (Version:  - )
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version:  - )
NirSoft RegScanner (HKLM-x32\...\NirSoft RegScanner) (Version:  - )
NirSoft SniffPass (HKLM-x32\...\NirSoft SniffPass) (Version:  - )
NirSoft VideoCacheView (HKLM-x32\...\NirSoft VideoCacheView) (Version:  - )
NirSoft WebVideoCap (HKLM-x32\...\NirSoft WebVideoCap) (Version:  - )
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version:  - )
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OneTouch 4.6 (HKLM-x32\...\{AF8B1525-17EF-4D2E-A018-8D79CE260BA8}) (Version: 4.6.1913.12093 - Visioneer Inc.)
Online Backup (HKLM-x32\...\Online Backup) (Version: 2.33 - www.backup.com)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
Quicken WillMaker Plus 2013 (HKLM-x32\...\{8065044B-2AF3-434E-A6E2-B7C60CDB978B}) (Version: 1.0.0.0 - Nolo)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 8.0.3.112 - Recover Keys)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 1.04.01.00 - Samsung Electronics Co., Ltd.)
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.2.0.14250 - Sony Corporation)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spyware Process Detector v3.23.2 (HKLM-x32\...\Spyware Process Detector_is1) (Version: 3.23.2 - System SoftLab)
StoryBook Creator 4.0 (HKLM\...\{4518D70B-8A8B-4A4D-826F-8E16DCAC674E}) (Version: 4.0.4335 - Creative Memories)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Tilt Mouse Software 4.1 (HKLM-x32\...\Tilt Mouse Software_is1) (Version:  - )
USB Network Gate 6.2 (Build 6.2.671) (HKLM\...\USB to Ethernet Connector_is1) (Version:  - ELTIMA Software)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.2.0.15020 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.2.0.15020 - Sony Corporation)
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.1.0.13200 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version:  - )
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
Visioneer Acuity Assets V1 (HKLM-x32\...\{B18BA00A-8857-4A54-B1CF-82BBB33CBF96}) (Version: 5.1.1114.7042 - Visioneer Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.3950 - Broadcom Corporation)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Atheros Communications Inc. (athr) Net  (02/12/2010 9.0.0.125) (HKLM\...\62D2521666DCF9EBEC983E0344A3DEE15CF2C6D3) (Version: 02/12/2010 9.0.0.125 - Atheros Communications Inc.)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/12/2010 6.3.0.3820) (HKLM\...\C3D0C7A1290AAA6A45D0D0422262CE3370E27BE5) (Version: 02/12/2010 6.3.0.3820 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/28/2010 6.3.0.3850) (HKLM\...\D9022850BCF278EAFBF9EDC8741DC09A1AE20B6B) (Version: 02/28/2010 6.3.0.3850 - Broadcom Corporation)
Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500) (HKLM\...\3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003) (Version: 09/11/2009 6.3.0.1500 - Broadcom)
Windows Driver Package - Ricoh Company (risdsnpe) hdc  (12/25/2009 6.13.03.02) (HKLM\...\181DCE8F6E8325736063FE20BB12023D439F671C) (Version: 12/25/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Ricoh Company MS Host Controller (12/21/2009 6.13.03.02) (HKLM\...\398F0BAAFBB5C68EB2C413A98F8C385C3E0897D6) (Version: 12/21/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/27/2009 8.0.1.2) (HKLM\...\4E827A70BAA738C408DBDD024BCACE5085D946F1) (Version: 11/27/2009 8.0.1.2 - Sony Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
WordPerfect Office X7 (x32 Version: 17.0 - Corel Corporation) Hidden
Xerox DocuMate 3220 Driver (HKLM-x32\...\{1122C086-8788-4A44-A341-97A9E0D912D2}) (Version: 5.1.13.5279 - Visioneer Inc.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

23-12-2014 08:44:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2014-08-18 11:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0929E915-F795-44C4-98BE-F4B1C2460891} - System32\Tasks\{79161F90-53AD-4DF5-842F-1247BF7F4A46} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {097D5FF9-7508-441E-97A1-127C8CEA2737} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [2013-01-18] ()
Task: {0F7FE823-39C9-4DA8-BD6E-C82B955B8D81} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {140E8480-5C26-4FC4-9F72-82A065601062} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {16D5F3E7-92AB-43FA-9EA8-912FCEA9BC25} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {176A51B7-04E8-4B17-B375-678021AD0549} - System32\Tasks\{B4D31E76-A68E-482F-9627-308A1CEF529F} => C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {1A9F76BC-D516-49C5-B49E-E29E96B1C9C6} - System32\Tasks\{2EB2A81C-EB29-423A-9A29-939724553204} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1DED06A3-4B29-4DC8-A2C0-3778A2D4FEB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {1F0C73A2-2429-4B91-8C04-65F87459E72A} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {20C1965C-CB8B-47DC-BBE1-06B9D17344DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {255C4A49-E0D4-4F5B-823E-ECFA0321948B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {2A102BAF-14EF-4601-80DA-C44508D1F358} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-17] ()
Task: {2C6D121C-D8C3-41B4-A569-B8F08922D6D6} - System32\Tasks\{85245CB0-E498-4BF1-9B97-B567625B9EDD} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64.msi"
Task: {34A7EE91-D8FE-41D9-8B9B-E6D5FD7F518D} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {35F51BFF-BFC0-4B2C-A018-F37392AE2ABA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {3CD9B40D-ECFC-4C74-97D3-5EE380266B59} - System32\Tasks\{6E5B0750-1281-4210-AD1E-862ABC01DA38} => C:\Users\Home\Downloads\tdsskiller.exe
Task: {3DEB4C01-7EA5-4EBB-9F47-616B3A7F578D} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {4378ADC4-226E-46B1-82C1-03C2D873E10C} - System32\Tasks\{CA30ED9E-17D2-44A6-83E4-551AC3C695D4} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {44040576-19D6-4A1D-BA1C-FD0330BB994C} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - Home => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2011-04-07] (Leader Technologies Inc.)
Task: {45B45B16-3BD1-4094-9234-43992945B801} - System32\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {4AFD3446-3132-445A-BEA8-AC1F24A5C3EB} - System32\Tasks\{54DB93A2-8398-4565-9C04-0E74F7FC6E41} => C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {4D24CAEA-2214-4C62-B4F3-837F57E7FFF5} - System32\Tasks\{D7C904C6-C596-4DD1-8765-36D4FB9F47FC} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {4DB0C5C5-95CB-4723-BA33-44CC9841F77B} - System32\Tasks\{02739DE2-6B98-4A16-A375-775FFE31E64B} => pcalua.exe -a C:\Users\Home\Downloads\passrec_setup.exe -d C:\Users\Home\Downloads
Task: {53391675-9BA8-4F63-97A1-BEBC2CA74404} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {53A859D6-024B-4119-B250-CA549A82F331} - System32\Tasks\{7E90C16F-741D-42CE-8A2A-14E1182A76FB} => pcalua.exe -a C:\Users\Home\Downloads\REDAUD-00207646-0042.EXE -d C:\Users\Home\Downloads
Task: {544468DD-0CEF-4769-BA0E-9F49AA1EDE36} - System32\Tasks\{586EEC20-11DF-4BA3-9974-3811C75DB757} => pcalua.exe -a C:\Users\Home\Downloads\NVOOTH-00290897-100E.EXE -d C:\Users\Home\Downloads
Task: {5B9EB2C9-3B0E-4953-AB28-A1D2BC90ED49} - System32\Tasks\{8C656FFF-29BE-4EB3-B862-4E7AFE3B9107} => pcalua.exe -a C:\Users\Home\Downloads\SOAOTH-04122011-1040.EXE -d C:\Users\Home\Desktop
Task: {619B9CC1-4F2F-4366-9B7B-FA6FDA604373} - System32\Tasks\{B1BCB132-E8B9-40DB-AF2E-2BB5C24908AB} => pcalua.exe -a "C:\Users\Home\Downloads\SODOTH-00215540-0042 (1).EXE" -d C:\Users\Home\Downloads
Task: {6696A398-7B06-463C-87C6-79C5E963B424} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
Task: {7022BE3A-D215-401B-9FF7-E1A0373BED09} - System32\Tasks\{829E51C0-75BE-4F98-A391-8D5658736A86} => pcalua.exe -a "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQN8A04V\INDOTH-00215023-0042.EXE" -d C:\Users\Home\Desktop
Task: {702C7DE4-6C7D-4CF2-B409-00CB0693B799} - System32\Tasks\{A62FFE83-D172-448A-BE27-62BD0A841746} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {7484F73A-4EC1-4745-9B04-C67974FEA63A} - System32\Tasks\{2A56A1B4-5571-4426-90A7-6B0250B3E74A} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2014-11-21] (Malwarebytes Corporation)
Task: {7946F788-09CD-4E7C-9BEB-F240B5CF4C50} - System32\Tasks\{BEA95078-5C8D-4C69-818B-508513608B48} => pcalua.exe -a C:\Users\Home\Desktop\SOAOTH-00263500-1040.EXE -d C:\Users\Home\Desktop
Task: {7973F706-E3BE-4FBC-87F6-9E8CB8DEBF7B} - System32\Tasks\{80168FF8-518C-4D48-AAD1-0044C486B2F0} => pcalua.exe -a C:\Users\Home\Downloads\vcredist_x86.exe -d C:\Users\Home\Desktop
Task: {7FB04FBF-6818-428E-B524-4E900DF61DC9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8395AD18-226D-4777-86FB-AA74AE9C0012} - System32\Tasks\{4990B9F3-9A2E-40BC-8D9D-81B0B4F585D0} => pcalua.exe -a C:\Users\Home\Desktop\NVOOTH-00290897-100E.EXE -d C:\Users\Home\Desktop
Task: {87BEE1F5-6D17-4BBB-A1A6-4940D9AA0012} - System32\Tasks\{15C18651-6E5E-4EA7-BE20-AC3CDB42359B} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {9052FA5F-16CF-4386-9FC0-E78E116F4C92} - System32\Tasks\{807B02E0-29F5-480E-974F-CB4C70ABB41E} => C:\Program Files (x86)\Google\Cloud Print Service\28.0.1493.2\cloud_print_service_config.exe
Task: {91A677A4-2A74-4221-BC3A-0E732801906A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {952A2B4E-A77B-456B-97D6-35308E8163B0} - System32\Tasks\{26BBD571-E8DC-4E04-9AFF-6DD611ED99E9} => pcalua.exe -a "C:\Users\Home\Downloads\passrec_setup (1).exe" -d C:\Users\Home\Downloads
Task: {95D65755-2EDD-4E8E-BCCB-1C97CC864E0D} - System32\Tasks\{0DA4AA18-B394-48E1-B408-2A70D4F54D51} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {9B9C485C-47A4-4C4E-8AC7-696A5502DA41} - System32\Tasks\{A531B4EF-C7F1-402E-98CC-0A237F2C5AAF} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {9D16DA63-1D1D-4D57-B1B1-FA71CDB265F5} - System32\Tasks\avastBCLRestartS-1-5-21-2190783691-814972009-3028242154-1000 => Firefox.exe
Task: {A6A8B3F6-8FF5-48B8-B8ED-F99A6FA55298} - System32\Tasks\{E2A3A7D3-BC64-49FD-88BF-EF8F667EDA2A} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {A720E596-4D3E-416F-93C8-91FE42657BE5} - System32\Tasks\{D7A8F961-EC61-41A3-857D-360C5A344CC3} => pcalua.exe -a C:\Users\Home\Downloads\197.13_desktop_win7_winvista_64bit_english.exe -d C:\Users\Home\Downloads
Task: {A7307463-A836-4442-AD17-C72FEAB97AC1} - System32\Tasks\{9EB58C4E-64D6-407B-9D1A-3764405F7D73} => C:\Users\Home\Downloads\SOAOTH-00263500-1040.EXE
Task: {A979C690-07CA-4823-BC9B-81A08714D62C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AA060EBA-C9CD-4B1F-8BCF-DFE9B0BBF432} - System32\Tasks\{65E15EFF-DC5C-4FE0-BFC9-BC0C5535F9EF} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {ADC92118-9465-47C2-9585-260F660EECB5} - System32\Tasks\{52F24963-CDC2-496F-9439-91241CEB016B} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {B23B76B6-E1E8-4F36-B53C-1C03D59FD079} - System32\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B7D52DF1-2E3C-4356-9E16-C5EF21BEF35E} - System32\Tasks\{A7B36438-8DCD-4443-9DAD-E1133FD9A535} => pcalua.exe -a "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1GGD9F0\AIBSYS-00235840-1040.EXE" -d C:\Users\Home\Desktop
Task: {BABC9FA9-E606-4F6E-85D8-65AD4B71DF0B} - System32\Tasks\{4F791B2F-5AB5-4FE2-861D-17C218E8CEDF} => pcalua.exe -a C:\Users\Home\Desktop\MicrosoftInstaller.exe -d C:\Users\Home\Desktop
Task: {BEE5D7D6-C039-4761-B75F-A8E9C7B9D9FE} - System32\Tasks\{9779476B-0FE0-45A2-8046-C1C31E28068C} => pcalua.exe -a E:\Root\Update\SOAOTH-00263500-1040\SOAOTH-00263500-1040.EXE -d E:\Root\Update\SOAOTH-00263500-1040
Task: {C003FA26-A191-485F-A9DD-D1F186593B1B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {C030E869-3C75-428E-8D43-8B065BD8D958} - System32\Tasks\{67017664-AA64-4914-8AB9-775FC2FDE59C} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {CA6477DD-ECB5-4D1A-86F4-274FD01B3A5C} - System32\Tasks\{5C0145C0-55FF-4E8F-9BC0-FD62B3E98D66} => pcalua.exe -a C:\Users\Home\Desktop\AIBSYS-00235840-1040.EXE -d C:\Users\Home\Desktop
Task: {CEE0264D-9B56-4A14-944F-AFC50D1A5FD7} - System32\Tasks\{56593237-37C7-46D0-BF89-A4D6A0BEAF5A} => pcalua.exe -a C:\Users\Home\Downloads\SOAOTH-00263500-1040.EXE -d C:\Users\Home\Downloads
Task: {CF9F3988-F039-4FF8-88DA-B85DC474C894} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CFA3E47C-77F0-41DA-AD92-34B014C52604} - System32\Tasks\{CFDD93D1-9180-4823-9B43-C8C78AAEB25F} => pcalua.exe -a C:\Users\Home\Downloads\webvideocap_setup.exe -d C:\Users\Home\Downloads
Task: {D6FAB474-307F-4E32-B869-30CF99A541A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {D98D91B2-3F77-4B49-85C8-0D21569B5341} - System32\Tasks\{970BF166-E8B0-4224-8DD5-14AE6199E549} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2014-11-21] (Malwarebytes Corporation)
Task: {DB6151A6-D0FF-4DC7-B995-FC98F15ABAF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {DC173FB0-637F-43AB-ADB5-3700F3511666} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {E09C8A3E-7BF8-47AD-8749-AE9081366C44} - System32\Tasks\{0822A7D8-A950-45C8-A276-970892D072B2} => pcalua.exe -a C:\Users\Home\Downloads\netpass_setup.exe -d C:\Users\Home\Downloads
Task: {E3780914-0528-43D2-9DD1-B38F8CC424D3} - System32\Tasks\{90361E4B-50CF-43D7-8095-DBF3C90B08E3} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {E4C507B0-ADFC-426A-9832-AE2BCB77A7C1} - System32\Tasks\{A1F784F7-C8AD-4AAF-A12B-51702A584B03} => pcalua.exe -a "C:\Users\Home\Downloads\RIDMSC-00203446-764 (1).EXE" -d C:\Users\Home\Downloads
Task: {E56BC4FC-7A47-483F-89EB-6623BB9BCA83} - System32\Tasks\{F2AE37F9-48D1-4E93-BC61-D9F7483221E4} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {E5F5E760-E6A9-4748-8311-543983A50333} - System32\Tasks\{D6470D88-0505-43B6-BD46-D9D1B5E6F58B} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {E75261A8-C5E4-44B4-B144-1E57223EF63F} - System32\Tasks\{63BDAFB3-4E7F-46DD-9BB8-A091540C5890} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.64.107&amp;LastError=12002
Task: {EAA4DE7F-86E8-4AFF-9EC2-51C60CED631F} - System32\Tasks\{FFE5DA7A-0A1F-4CF5-9832-0756C5AC083C} => pcalua.exe -a C:\Users\Home\AppData\Local\Temp\GLFDF27\TROUBL~1.EXE -d C:\Users\Home\AppData\Local\Temp\GLFDF27
Task: {EEA94B79-B2A0-4287-BDC4-E59FE97F67DF} - System32\Tasks\{3F8D0152-2A27-4B1A-BCF2-4285493716B8} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {EEAB79B0-5C24-4CB7-9D0B-F28238AD39E8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F675E59C-B7AD-46B1-B0C1-1CE2AF1A5A2D} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {F7C76C1E-592B-4A96-B02C-ED19E323C711} - System32\Tasks\{BE57316D-EE7C-4364-A61A-CA31791D0F81} => C:\Users\Home\Downloads\Odin-v3-09\Odin3 v3.09.exe
Task: {FD87CE4B-9C2E-4F79-AFD4-57D84ECB5816} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\Windows\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-19 17:24 - 2014-07-02 10:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-28 21:02 - 2014-09-28 21:02 - 00646656 _____ () C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
2014-12-06 20:23 - 2014-12-06 20:23 - 01333760 _____ () C:\Program Files\ContentWatch\bin\libxml2.dll
2014-12-06 20:23 - 2014-12-06 20:23 - 00120320 _____ () C:\Program Files\ContentWatch\bin\curlpp.dll
2014-12-06 20:23 - 2014-12-06 20:22 - 00767144 _____ () C:\Program Files\ContentWatch\bin\db.dll
2014-12-06 20:23 - 2014-12-06 20:22 - 00468648 _____ () C:\Program Files\ContentWatch\bin\cp_activity_recorder.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 01920680 _____ () C:\Program Files\ContentWatch\bin\cp_advisor.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 00613544 _____ () C:\Program Files\ContentWatch\bin\encrypt_handler.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 00745128 _____ () C:\Program Files\ContentWatch\bin\web_handler.plugin
2014-08-18 17:17 - 2007-07-08 23:44 - 00501760 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-22 12:30 - 2011-02-25 16:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-22 11:37 - 2014-12-22 11:37 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122201\algo.dll
2014-12-25 12:13 - 2014-12-25 12:13 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122501\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-21 13:27 - 2010-03-02 15:22 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-03-21 13:27 - 2010-03-02 15:22 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-08-18 17:17 - 2007-07-11 11:27 - 00400896 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQDEVCL.DLL
2014-08-18 17:17 - 2007-06-24 14:14 - 00029696 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMDLL.DLL
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-22 12:34 - 2014-12-22 12:34 - 00043008 _____ () c:\users\home\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqp7win.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-12-16 23:49 - 2014-12-16 23:49 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:058E79EB
AlternateDataStreams: C:\ProgramData\TEMP:44EAFCDF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10523712.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15078343.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10523712.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15078343.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CWDaemon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\narcpi_wfp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\narcpi_wfp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: MSiSCSI => 2
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

========================= Accounts: ==========================

Administrator (S-1-5-21-2190783691-814972009-3028242154-500 - Administrator - Disabled)
Guest (S-1-5-21-2190783691-814972009-3028242154-501 - Limited - Enabled) => C:\Users\Guest
Home (S-1-5-21-2190783691-814972009-3028242154-1000 - Administrator - Enabled) => C:\Users\Home

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/25/2014 05:27:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3447217

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3447217

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10015

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10015

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9017

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/24/2014 08:53:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VAIO Entertainment Common Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/23/2014 04:50:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {85DE1C45-2C66-101B-B02E-04021C009402}

Error: (12/22/2014 09:59:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/22/2014 00:27:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/22/2014 00:25:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The S*pyware P*rocess D*etector v3.23.2 service failed to start due to the following error:
%%1275

Error: (12/22/2014 00:25:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\Spyware Process Detector\spd323.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (12/22/2014 00:25:21 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (12/22/2014 00:25:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/22/2014 00:23:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (12/22/2014 00:23:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {60A90A2F-858D-42AF-8929-82BE9D99E8A1}


Microsoft Office Sessions:
=========================
Error: (12/25/2014 05:27:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Home\Downloads\esetsmartinstaller_enu.exe

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3447217

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3447217

Error: (12/25/2014 05:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10015

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10015

Error: (12/25/2014 04:26:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9017

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9017

Error: (12/25/2014 04:26:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-12-22 12:25:24.888
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-22 12:25:24.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-21 00:22:16.463
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-21 00:22:16.413
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 16:04:32.645
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 16:04:32.598
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 14:43:19.476
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 14:43:19.444
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-18 23:54:12.476
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-18 23:54:12.429
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 54%
Total physical RAM: 6126.06 MB
Available physical RAM: 2764.54 MB
Total Pagefile: 12250.3 MB
Available Pagefile: 7920.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:559.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 392A8E47)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

If yes, let me know and I will redo it.

Thank you!!



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 26 December 2014 - 04:47 AM

Running from C:\Users\Home\Downloads

Would you please follow my instructions?

And yes, disable your AVs before you run the tools.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 26 December 2014 - 06:34 AM

I don't understand.  I did follow your instructions... I was only asking for clarification. Perhaps my question was vague but I was only asking about "Windows Firewall" adn if you consider that to be av or AM...

 

I have Avast AV installed on my PC but did not know that there is also "Windows Firewall" installed. I was asking if you considered this to be "antivirus and/or anti-malware software" also? becuase had asked me to "Disable all anti-virus and anti-malware software".

 

I disabled Avast but when I also saw this "Windows Firewall" installed on my computer, I was asking if this also needs to be disabled before the scan...I am sorry if my question was vague. I am trying to understand so i can follow your instructions correctly...? I appreciate your help and am no expert to be sure. Please be patient with  me as well.



#6 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 26 December 2014 - 07:13 AM

New scan with both avast and windows firewall disabled:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-12-2014
Ran by Home (administrator) on HOME-PC on 26-12-2014 03:53:30
Running from C:\Users\Home\Downloads
Loaded Profiles: Home &  (Available profiles: Home & Guest & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Visioneer Inc.) C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Visioneer Inc.) C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
() C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(ELTIMA Software) C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ContentWatch, Inc.) C:\Program Files\ContentWatch\bin\cwdaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SwapDrive, Inc.) C:\Program Files\Online Backup\OnlineBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Adobe) C:\Users\Home\Downloads\acrobatpro11_I0BYAdigQqmzdp7y0IVOBg0409.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-06-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [ACQTMOUSE] => C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe [501760 2007-07-08] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [2C7603FDC7C6FB00CF7E7DE775158BA13E682513._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [76072 2013-04-09] (Intuit Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Google Update] => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-23] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [OnlineBackupScheduler] => C:\Program Files\Online Backup\OnlineBackup.exe [595592 2014-12-03] (SwapDrive, Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApMsgFwd.exe] => C:\Program Files\Apoint\ApMsgFwd.exe [66856 2010-03-17] (Alps Electric Co., Ltd.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [39.0.2171.95_39.0.2171.71_chrome_updater.exe] => 39.0.2171.95_39.0.2171.71_chrome_updater.exe
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\RunOnce: [Adobe Speed Launcher] => 1419337274
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [2C7603FDC7C6FB00CF7E7DE775158BA13E682513._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [76072 2013-04-09] (Intuit Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-23] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OnlineBackupScheduler] => C:\Program Files\Online Backup\OnlineBackup.exe [595592 2014-12-03] (SwapDrive, Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApMsgFwd.exe] => C:\Program Files\Apoint\ApMsgFwd.exe [66856 2010-03-17] (Alps Electric Co., Ltd.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [39.0.2171.95_39.0.2171.71_chrome_updater.exe] => 39.0.2171.95_39.0.2171.71_chrome_updater.exe
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1419337274
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2190783691-814972009-3028242154-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2190783691-814972009-3028242154-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2190783691-814972009-3028242154-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\searchplugins\web-search.xml
FF Extension: iCloud Bookmarks - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\firefoxdav@icloud.com [2014-12-15]
FF Extension: Bookmark Duplicate Cleaner - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\bookmarkdup@localghost.net.xpi [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-12-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]
FF Extension: No Name - {F003DA68-8256-4b37-A6C4-350FA04494DF} [Not Found]
FF Extension: No Name - web2pdfextension@web2pdf.adobedotcom [Not Found]
FF Extension: No Name - e-webprint@epson.com [Not Found]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-18]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-18]
CHR Extension: (Business Valuation Software) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcngldahbgolgipnkmdpdgmbegakiokm [2014-12-06]
CHR Extension: (Mortgage and loan calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhagicmkabhoiamildffgfhdpfanapbo [2014-12-06]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-03-19]
CHR Extension: (Invoicera) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\edpnhgjhpakkoojbgaakfgildhipljab [2014-12-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-25]
CHR Extension: (iCloud Bookmarks) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-04-05]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-08-12]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-05-20]
CHR Extension: (Protect My Choices) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2014-08-12]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-08-12]
CHR Extension: (Loan Comparison Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkdodeilmjdkkdammcbialadkoikjhl [2014-12-06]
CHR Extension: (Income Tax Calculator for USA) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcecfljoakpeoalbffhkajdeljkabaem [2014-12-06]
CHR Extension: (Compound Interest Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbnlgammlfchoaicmiammeeolplakdg [2014-12-06]
CHR Extension: (Goodbudget) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhffmghajhedigppmcgiefaddneijge [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-18]
CHR Extension: (BudgetBuddy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonmeobjhhgmnnpmlbkdhdonmbdellle [2014-12-06]
CHR Extension: (Home Finance) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehlijeionoaacbmakjgjgcggdkbaikc [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-18]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-16] (AVAST Software)
R2 CWDaemon; C:\Program Files\ContentWatch\bin\cwdaemon.exe [4100264 2014-12-06] (ContentWatch, Inc.)
S3 CWUpdaterDaemon; C:\Program Files\ContentWatch\bin\cwupdater.exe [7736488 2014-05-29] (ContentWatch, Inc.)
R2 DM3220HV_0002_0; C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE [417280 2013-05-27] (Visioneer Inc.)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [231936 2013-12-09] (Visioneer Inc.) [File not signed]
R2 piaservice; C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe [646656 2014-09-28] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 UsbService; C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe [3897640 2013-12-10] (ELTIMA Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACRUSBTM; C:\Windows\SysWOW64\drivers\ACRUSBTM.SYS [28672 2007-08-02] () [File not signed]
R1 adgnetworktdi; C:\Windows\System32\drivers\adgnetworktdi.sys [59408 2014-03-13] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-05-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
R3 ELTIMA_USB_HUB_FILTER; C:\Program Files\Eltima Software\USB Network Gate\drv\NT6x64\fusbhub.sys [88296 2013-12-10] (ELTIMA Software)
R3 eustub; C:\Windows\System32\DRIVERS\eusbstub.sys [17640 2013-12-10] (ELTIMA Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 narcpi_wfp; C:\Windows\System32\DRIVERS\narcpi_wfp.sys [33584 2014-12-06] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 spd3ssl; C:\Program Files (x86)\Spyware Process Detector\spd323.sys [15872 2013-02-25] () [File not signed]
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-22] ()
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [77032 2013-12-10] (ELTIMA Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Home\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 00:56 - 2014-12-26 00:56 - 00022156 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(3).qfx
2014-12-25 23:48 - 2014-12-25 23:48 - 00022156 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(2).qfx
2014-12-25 22:19 - 2014-12-25 22:19 - 01711896 _____ (Adobe) C:\Users\Home\Downloads\acrobatpro11_I0BYAdigQqmzdp7y0IVOBg0409.exe
2014-12-25 17:58 - 2014-12-25 17:58 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-25 17:30 - 2014-12-25 17:31 - 00055845 _____ () C:\Users\Home\Downloads\Addition.txt
2014-12-25 17:28 - 2014-12-26 03:53 - 00041887 _____ () C:\Users\Home\Downloads\FRST.txt
2014-12-25 17:28 - 2014-12-26 03:53 - 00000000 ____D () C:\FRST
2014-12-25 08:11 - 2014-12-25 08:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 00:55 - 2014-12-25 00:55 - 02122240 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2014-12-24 00:42 - 2014-12-24 11:13 - 00012353 _____ () C:\Users\Home\Desktop\Christmas 2014.xlsx
2014-12-23 16:46 - 2014-12-23 16:46 - 00003254 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2190783691-814972009-3028242154-1000
2014-12-23 15:17 - 2014-12-23 15:18 - 00000000 ____D () C:\Users\Home\Desktop\Screen Shots
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\IsolatedStorage
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Local\FileViewPro
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-12-22 19:19 - 2014-12-23 04:08 - 00000000 ____D () C:\Users\Home\Desktop\Scans
2014-12-22 12:35 - 2014-12-22 12:35 - 00000000 ____D () C:\INET
2014-12-21 23:35 - 2014-12-21 23:35 - 00653428 _____ () C:\Users\Home\Downloads\QuickenWin_092014_122014.qfx
2014-12-21 23:35 - 2014-12-21 23:35 - 00293511 _____ () C:\Users\Home\Downloads\QuickenWin_122014_122014.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00575881 _____ () C:\Users\Home\Downloads\QuickenWin_032013_062013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(1).qfx
2014-12-21 22:03 - 2014-12-21 22:03 - 00688992 ____R (Swearware) C:\Users\Home\Downloads\dds.com
2014-12-21 20:32 - 2014-12-21 20:32 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player.exe
2014-12-21 20:32 - 2014-12-21 20:32 - 17541296 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player_ax.exe
2014-12-21 02:20 - 2014-12-21 02:20 - 00000000 ____D () C:\Users\Home\Documents\Taxes
2014-12-21 01:40 - 2014-12-21 01:40 - 39426560 _____ () C:\Users\Home\Downloads\Net_Nanny_for_Windows_7.2.3.0-8335_x86_64_NN_release.msi
2014-12-19 11:45 - 2014-12-19 11:45 - 00186568 _____ (ESET) C:\Users\Home\Downloads\ESETPoweliksCleaner.exe
2014-12-19 00:34 - 2014-12-26 01:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 00:34 - 2014-12-19 00:34 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-18 23:50 - 2014-12-18 23:50 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Home\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-17 19:03 - 2014-12-17 19:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-17 19:02 - 2014-12-17 19:03 - 02347384 _____ (ESET) C:\Users\Home\Downloads\esetsmartinstaller_enu.exe
2014-12-17 17:01 - 2014-12-16 23:49 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-17 14:04 - 2014-12-17 14:04 - 01707646 _____ (Thisisu) C:\Users\Home\Downloads\JRT.exe
2014-12-17 11:46 - 2014-12-20 16:02 - 00000000 ____D () C:\AdwCleaner
2014-12-17 11:45 - 2014-12-17 11:45 - 02166272 _____ () C:\Users\Home\Downloads\adwcleaner_4.105.exe
2014-12-17 11:28 - 2014-12-17 11:28 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
2014-12-17 11:19 - 2014-12-20 16:16 - 00000000 ____D () C:\Users\Home\Downloads\JavaRa-2.3
2014-12-17 11:18 - 2014-12-17 11:19 - 00157265 _____ () C:\Users\Home\Downloads\JavaRa-2.3.zip
2014-12-17 10:09 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 10:09 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 23:53 - 2014-12-16 23:53 - 00000000 ____D () C:\Users\Home\AppData\Roaming\AVAST Software
2014-12-16 23:51 - 2014-12-17 17:02 - 00001970 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-16 23:51 - 2014-12-17 17:02 - 00001910 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-12-16 23:51 - 2014-12-16 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-16 23:49 - 2014-12-25 17:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 23:49 - 2014-12-16 23:50 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-16 23:49 - 2014-12-16 23:49 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-16 23:42 - 2014-12-16 23:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-16 23:40 - 2014-12-16 23:40 - 00001795 _____ () C:\Users\Home\Downloads\license(1).avastlic
2014-12-16 22:39 - 2014-12-16 22:39 - 01054912 _____ (Adobe) C:\Users\Home\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2014-12-16 22:24 - 2014-12-16 22:24 - 00000000 ____D () C:\Users\Home\Documents\Bluetooth Exchange Folder
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_premier_antivirus_setup_online.exe
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_premier_antivirus_setup_online.exe
2014-12-16 21:01 - 2014-12-16 22:19 - 00014628 _____ () C:\Users\Home\Documents\Bella's Uniform.xlsx
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_internet_security_setup_online.exe
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup_online.exe
2014-12-16 17:55 - 2014-12-16 18:00 - 186654536 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup.exe
2014-12-16 17:55 - 2014-12-16 17:55 - 00001769 _____ () C:\Users\Home\Downloads\license.avastlic
2014-12-16 12:32 - 2014-12-16 12:32 - 00000000 ____D () C:\Users\Home\Documents\My OneTouch Archive
2014-12-15 13:45 - 2014-12-23 04:02 - 00000000 ____D () C:\Users\Home\Desktop\Credit Report.1_files
2014-12-15 13:41 - 2014-12-16 10:23 - 00777995 _____ () C:\Users\Home\Desktop\Backup of IRA 83880 Securities sold.wbk
2014-12-15 13:17 - 2014-12-15 13:17 - 00400384 _____ () C:\Users\Home\Downloads\outlooktoolssetup.msi
2014-12-15 12:50 - 2014-12-15 12:50 - 00030795 _____ () C:\Users\Home\Desktop\Family Sharing - iCloud Help.htm
2014-12-15 12:49 - 2014-12-15 12:49 - 00421565 _____ () C:\Users\Home\Desktop\Credit Report.htm
2014-12-15 12:19 - 2014-12-15 12:33 - 00000000 ____D () C:\Users\Home\Documents\Fax
2014-12-15 11:59 - 2014-12-22 12:27 - 00000000 ___RD () C:\Users\Home\iCloudDrive
2014-12-15 11:59 - 2014-12-15 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple Inc
2014-12-15 01:14 - 2014-12-15 01:14 - 00251350 _____ () C:\Users\Home\Desktop\St Johns trip.htm
2014-12-15 01:14 - 2014-12-15 01:14 - 00000000 ____D () C:\Users\Home\Desktop\St Johns trip_files
2014-12-14 22:18 - 2014-12-14 22:18 - 00320222 _____ () C:\Users\Home\Documents\Backup of error.wbk
2014-12-13 17:22 - 2014-12-13 17:23 - 00038327 _____ () C:\Windows\SysWOW64\Result.txt
2014-12-13 12:31 - 2014-12-13 12:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Home\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 12:28 - 2014-12-13 12:29 - 00401920 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2014-12-12 23:37 - 2014-12-12 23:37 - 00000042 _____ () C:\Windows\SysWOW64\AK083E209605E394C.lie
2014-12-12 23:21 - 2014-12-12 23:21 - 00008640 _____ () C:\Users\Home\AppleMobileDeviceService.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000073 _____ () C:\Users\Home\AdobeCollabSync.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000063 _____ () C:\Users\Home\chrome.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000032 _____ () C:\Users\Home\AppleMobileDeviceService.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.map
2014-12-12 13:45 - 2014-12-21 21:01 - 00052607 _____ () C:\Users\Home\Downloads\Result.txt
2014-12-11 23:36 - 2014-12-11 23:36 - 10547200 _____ () C:\Users\Guest\nvtray.mem
2014-12-11 23:36 - 2014-12-11 23:36 - 00007560 _____ () C:\Users\Guest\nvtray.map
2014-12-11 23:36 - 2014-12-11 23:36 - 00000058 _____ () C:\Users\Guest\nvtray.sav
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Exchange Folder
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\AppData\Local\Broadcom
2014-12-11 22:50 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Epson
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\My OneTouch Archive
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\Mail Attachments
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony Corporation
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\LinkManager 4.0
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Leader Technologies
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Acer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Local\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 _____ () C:\Users\Guest\Sti_Trace.log
2014-12-11 10:14 - 2014-12-11 10:17 - 00000000 ____D () C:\Users\Home\Downloads\backups
2014-12-11 09:44 - 2014-12-12 21:24 - 00021231 _____ () C:\Users\Home\Downloads\hijackthis.log
2014-12-11 09:17 - 2014-12-12 23:04 - 00000000 ____D () C:\Program Files (x86)\SafeIP
2014-12-11 09:17 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeIP
2014-12-11 08:27 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\QFX Software
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files (x86)\KeyScrambler
2014-12-10 22:08 - 2014-12-10 22:08 - 01553104 _____ () C:\Users\Home\Downloads\KeyScrambler_Setup.exe
2014-12-10 22:06 - 2014-12-10 22:07 - 05490752 _____ (Secunia) C:\Users\Home\Downloads\PSISetup.exe
2014-12-10 20:07 - 2014-12-10 20:07 - 00509440 _____ (Tech Support Guy System) C:\Users\Home\Downloads\SysInfo.exe
2014-12-10 19:53 - 2014-12-10 19:53 - 00852497 _____ () C:\Users\Home\Downloads\SecurityCheck.exe
2014-12-10 14:47 - 2014-12-10 14:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-12-10 09:50 - 2014-12-10 09:50 - 00000000 _____ () C:\Users\Home\Sti_Trace.log
2014-12-10 07:16 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:16 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 04:00 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 04:00 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 04:00 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 04:00 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 04:00 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 04:00 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 04:00 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 04:00 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 04:00 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 04:00 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 04:00 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 04:00 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 04:00 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 04:00 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 04:00 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 04:00 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 04:00 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 04:00 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 04:00 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 04:00 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 04:00 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 04:00 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 04:00 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 04:00 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 04:00 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 04:00 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 04:00 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 04:00 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 04:00 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 21:39 - 2014-12-09 21:39 - 01070592 _____ () C:\Users\Home\Downloads\MicrosoftFixit50569.msi
2014-12-09 21:39 - 2014-12-09 21:39 - 00000000 ____D () C:\Users\Home\AppData\Roaming\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000772 _____ () C:\Users\Home\Desktop\DropIt.lnk
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\Program Files\DropIt
2014-12-09 14:15 - 2014-12-09 14:15 - 04224708 _____ (Lupo PenSuite Team ) C:\Users\Home\Downloads\DropIt_v8.0_Setup.exe
2014-12-08 23:58 - 2014-12-08 23:59 - 05631912 _____ (j2 Global) C:\Users\Home\Downloads\msgrplus.exe
2014-12-08 23:33 - 2014-12-26 03:51 - 00000000 ____D () C:\Users\Home\AppData\Local\ContentWatch
2014-12-08 22:54 - 2014-12-08 23:02 - 71648048 _____ (Apple Inc.) C:\Users\Home\Downloads\iCloudSetup.exe
2014-12-08 21:31 - 2014-12-08 21:31 - 00001159 _____ () C:\Users\Home\Desktop\Mozilla Firefox.lnk
2014-12-08 10:05 - 2014-12-08 10:05 - 00022528 _____ () C:\Users\Home\Documents\QDRO's and call  with Mr. Bender.msg
2014-12-07 19:04 - 2014-12-20 16:02 - 00377042 _____ () C:\Windows\PFRO.log
2014-12-07 14:52 - 2014-12-07 14:52 - 00000000 ____D () C:\Users\Home\AppData\Local\Macromedia
2014-12-07 14:44 - 2014-12-07 14:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Local\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-06 23:22 - 2014-12-06 23:22 - 00000808 _____ () C:\Users\Public\Desktop\FileViewPro.lnk
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Spacekace
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Program Files\FileViewPro
2014-12-06 23:21 - 2014-12-06 23:22 - 03071160 _____ () C:\Users\Home\Downloads\Setup_FileViewPro_2015.exe
2014-12-06 23:18 - 2014-12-07 02:42 - 00000000 ____D () C:\Users\Home\Desktop\Nutrition
2014-12-06 20:23 - 2014-12-06 20:22 - 00033584 _____ () C:\Windows\system32\Drivers\narcpi_wfp.sys
2014-12-06 20:19 - 2014-12-22 12:27 - 00002091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Nanny.lnk
2014-12-06 20:18 - 2014-12-06 20:23 - 00000000 ____D () C:\Program Files\ContentWatch
2014-12-06 20:18 - 2014-12-06 20:18 - 00000000 ____D () C:\ProgramData\ContentWatch
2014-12-06 20:04 - 2014-12-06 20:05 - 00244104 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-06 19:15 - 2014-12-06 19:15 - 00000610 _____ () C:\Users\Home\Downloads\iCal-TribeEvents.ics
2014-12-06 18:48 - 2014-12-07 14:10 - 00000000 ____D () C:\Users\Home\Desktop\Stanford
2014-12-06 16:56 - 2014-12-06 17:00 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x86
2014-12-06 16:55 - 2014-12-06 16:55 - 02479498 _____ () C:\Users\Home\Downloads\CalCheck_x86.zip
2014-12-06 16:49 - 2014-12-06 16:49 - 00000000 ____D () C:\NVIDIA
2014-12-06 16:27 - 2014-12-06 16:29 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x64
2014-12-06 16:26 - 2014-12-06 16:27 - 03039177 _____ () C:\Users\Home\Downloads\CalCheck_x64.zip
2014-12-06 12:10 - 2014-12-22 12:25 - 00003673 _____ () C:\Windows\setupact.log
2014-12-06 12:10 - 2014-12-06 12:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 12:08 - 2014-12-15 18:38 - 00000792 _____ () C:\Windows\LkmdfCoInst.log
2014-12-06 00:20 - 2014-12-06 00:20 - 00004374 _____ () C:\Users\Home\Documents\cc_20141206_002053.reg
2014-12-06 00:19 - 2014-12-06 00:20 - 00137580 _____ () C:\Users\Home\Documents\cc_20141206_001939.reg
2014-12-05 23:37 - 2014-12-06 11:50 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-05 23:37 - 2014-12-05 23:39 - 00001684 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-12-05 23:37 - 2014-12-05 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Speccy
2014-12-05 23:36 - 2014-12-05 23:37 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Recuva
2014-12-05 23:33 - 2014-12-05 23:33 - 00001618 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-05 23:32 - 2014-12-05 23:32 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-05 12:02 - 2014-12-23 17:43 - 00000000 ____D () C:\Users\Home\AppData\Local\C0723A44-78D8-497A-BA50-F70977CE9324.aplzod
2014-12-05 10:16 - 2014-12-05 10:16 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-12-03 21:20 - 2014-12-04 23:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 21:20 - 2014-12-03 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 11:38 - 2014-12-03 11:38 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143833.csv
2014-12-03 11:31 - 2014-12-03 11:31 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143153.csv
2014-12-03 10:17 - 2014-12-03 10:18 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Program Files\Online Backup
2014-12-02 13:23 - 2014-12-23 17:33 - 00000000 ____D () C:\Users\Home\Documents\Outlook Files
2014-12-02 10:28 - 2014-12-02 10:28 - 00033465 _____ () C:\Users\Home\Downloads\stmt (19).qfx
2014-12-02 00:58 - 2014-12-02 00:58 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433 (1).qfx
2014-12-02 00:56 - 2014-12-02 00:56 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (2).qfx
2014-12-02 00:52 - 2014-12-02 00:52 - 00001854 _____ () C:\Users\Home\Desktop\Quicken 2013.lnk
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (18).qfx
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (17).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (16).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (15).qfx
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (3).qbo
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (2).qbo
2014-12-02 00:40 - 2014-12-02 00:40 - 00001167 _____ () C:\Users\Home\Downloads\stmt (1).qbo
2014-12-02 00:39 - 2014-12-02 00:39 - 00001143 _____ () C:\Users\Home\Downloads\stmt (14).qfx
2014-12-02 00:38 - 2014-12-02 00:38 - 00001143 _____ () C:\Users\Home\Downloads\stmt (13).qfx
2014-12-02 00:37 - 2014-12-02 00:37 - 00000982 _____ () C:\Users\Home\Downloads\stmt (12).qfx
2014-12-02 00:36 - 2014-12-02 00:36 - 00007221 _____ () C:\Users\Home\Downloads\stmt (11).qfx
2014-12-02 00:25 - 2014-12-02 00:25 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (1).qfx
2014-12-02 00:23 - 2014-12-02 00:23 - 00032512 _____ () C:\Users\Home\Downloads\stmt (10).qfx
2014-12-01 13:53 - 2014-12-01 13:53 - 12198204 _____ () C:\Users\Home\Downloads\Your Adobe Workspaces Files.zip
2014-12-01 11:19 - 2014-12-01 11:20 - 00561916 _____ () C:\Users\Home\Downloads\QuickenWin_032013_052013.qfx
2014-12-01 11:18 - 2014-12-01 11:18 - 00590340 _____ () C:\Users\Home\Downloads\QuickenWin_122012_022013.qfx
2014-11-30 14:00 - 2014-11-30 14:00 - 07994347 _____ () C:\Users\Home\Downloads\USB Control Center_v200_Windows.exe
2014-11-30 10:16 - 2014-11-30 10:16 - 00001470 _____ () C:\Users\Home\Desktop\Backup files 2.zip - Shortcut.lnk
2014-11-30 03:00 - 2014-11-30 03:01 - 67882768 _____ (Intuit ) C:\Users\Home\Downloads\QW2013R12Patch.exe
2014-11-30 00:18 - 2014-11-30 00:18 - 00347816 _____ (Microsoft Corporation) C:\Users\Home\Downloads\MicrosoftFixit.WinFileFolder.RNP.1340762677194257.1.1.Run.exe
2014-11-28 03:31 - 2014-11-28 03:31 - 00003166 _____ () C:\Windows\System32\Tasks\{63BDAFB3-4E7F-46DD-9BB8-A091540C5890}
2014-11-27 21:53 - 2014-11-27 21:53 - 00002151 _____ () C:\Users\Home\Downloads\Transactions (1).qfx
2014-11-27 21:52 - 2014-11-27 21:52 - 00001004 _____ () C:\Users\Home\Downloads\Transactions.qfx
2014-11-27 21:47 - 2014-11-27 21:47 - 00001674 _____ () C:\Users\Home\Downloads\Transaction (3).qfx
2014-11-27 16:33 - 2014-11-30 20:12 - 00000000 ____D () C:\Users\Home\AppData\Roaming\.minecraft
2014-11-26 13:03 - 2014-11-26 13:03 - 00029985 _____ () C:\Users\Home\Downloads\ExportData26112014160311.csv
2014-11-26 13:01 - 2014-11-26 13:01 - 00027736 _____ () C:\Users\Home\Downloads\ExportData26112014160102.csv
2014-11-26 12:54 - 2014-11-26 12:54 - 00025214 _____ () C:\Users\Home\Downloads\ExportData26112014155359.csv
2014-11-26 12:27 - 2014-11-26 12:27 - 00031474 _____ () C:\Users\Home\Downloads\ExportData26112014152736.csv
2014-11-26 12:08 - 2014-11-26 12:08 - 00000987 _____ () C:\Users\Home\Downloads\stmt (9).qfx
2014-11-26 12:02 - 2014-11-26 12:02 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433.qfx
2014-11-26 02:36 - 2014-11-26 02:36 - 00009413 _____ () C:\Users\Home\Downloads\MBFS_TransHist_20141126.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 03:54 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-26 03:51 - 2014-04-23 18:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA.job
2014-12-26 03:46 - 2014-04-03 21:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 03:38 - 2014-04-04 14:10 - 00000000 ___RD () C:\Users\Home\Desktop\Dropbox
2014-12-26 03:33 - 2014-03-18 08:21 - 01594910 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 03:14 - 2014-11-20 23:16 - 00000000 ____D () C:\Users\Home\Desktop\VALIDATE
2014-12-26 03:00 - 2014-11-11 13:00 - 00000911 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-26 03:00 - 2014-11-11 13:00 - 00000725 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-26 02:02 - 2014-03-31 14:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-26 00:59 - 2014-07-22 19:17 - 00000000 ____D () C:\Users\Home\Desktop\Quicken Backup
2014-12-25 22:22 - 2014-03-18 11:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-25 16:26 - 2014-07-14 23:41 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe
2014-12-25 08:51 - 2014-04-23 18:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core.job
2014-12-25 08:01 - 2014-03-18 11:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 14:53 - 2014-09-26 15:32 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashDumps
2014-12-23 10:58 - 2014-03-21 14:07 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-22 19:20 - 2014-03-18 08:21 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore
2014-12-22 19:19 - 2014-03-18 08:21 - 00000000 ___RD () C:\Users\Home
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:34 - 2014-04-04 14:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox
2014-12-22 12:28 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype
2014-12-22 12:25 - 2014-03-19 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-22 12:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-20 16:21 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-20 15:07 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-20 15:07 - 2014-04-22 15:55 - 00000000 ____D () C:\ProgramData\DivX
2014-12-20 15:00 - 2014-04-22 15:59 - 00000000 ____D () C:\Program Files\DivX
2014-12-18 23:27 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple
2014-12-18 15:10 - 2009-07-13 21:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-17 10:31 - 2014-04-03 21:28 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-17 10:31 - 2014-04-03 21:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-17 10:30 - 2014-04-03 21:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-16 22:26 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-16 19:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2014-12-16 17:51 - 2014-05-05 10:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-15 18:38 - 2014-03-19 20:34 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-12-14 16:58 - 2014-05-20 21:57 - 00000000 ____D () C:\Users\Home\Documents\Sony PMB
2014-12-14 16:55 - 2014-06-08 20:02 - 00000000 ____D () C:\Users\Home\Documents\MAKO Foundation
2014-12-14 16:37 - 2014-11-20 09:48 - 00000000 ____D () C:\Users\Home\Desktop\Quicken Reports
2014-12-14 03:18 - 2014-03-19 23:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 01:13 - 2014-11-16 21:50 - 00000000 ____D () C:\Program Files (x86)\Spyware Process Detector
2014-12-13 00:54 - 2014-05-21 00:39 - 00103642 _____ () C:\test.xml
2014-12-12 23:03 - 2014-10-30 02:08 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft IPNetInfo
2014-12-12 23:03 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-12 23:03 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest
2014-12-12 23:03 - 2014-03-18 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-12 23:03 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 15:44 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-12-12 15:43 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2014-12-12 12:22 - 2011-04-12 00:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 11:37 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer
2014-12-11 23:19 - 2014-10-11 11:31 - 00117192 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 22:51 - 2014-10-11 11:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-12-10 13:10 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 09:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 07:51 - 2014-03-18 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:20 - 2014-03-18 10:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 10:36 - 2014-04-04 14:05 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-08 21:39 - 2014-03-18 08:21 - 00001413 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-07 14:39 - 2014-11-17 00:28 - 00000000 ____D () C:\Program Files (x86)\Bazooka Scanner
2014-12-06 17:10 - 2009-07-13 21:13 - 00828724 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 11:13 - 2014-11-11 10:30 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-12-06 00:26 - 2014-05-05 15:29 - 00000000 ____D () C:\Windows\pss
2014-12-05 23:58 - 2014-03-18 09:10 - 00000000 ____D () C:\Windows\Panther
2014-12-05 23:57 - 2014-05-11 23:59 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 10:25 - 2014-08-25 22:05 - 00117192 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-05 10:23 - 2014-08-27 08:55 - 00435480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-05 10:16 - 2014-03-20 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-05 10:12 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\ShellNew
2014-12-05 10:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-05 10:06 - 2009-07-13 18:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-04 23:36 - 2014-03-18 11:55 - 00000000 ____D () C:\ProgramData\Skype
2014-12-01 22:33 - 2014-11-23 23:59 - 00000000 ____D () C:\Users\Home\Desktop\BACKUP
2014-11-30 16:14 - 2014-05-20 13:58 - 00007673 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
2014-11-30 14:07 - 2014-03-18 13:45 - 00821338 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-27 19:45 - 2014-03-18 11:59 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-26 00:09 - 2014-11-20 23:33 - 03288144 _____ () C:\Users\Home\Desktop\774523-1-20-2014 (3)OFXLOG.DAT

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqp7win.dll
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 19:27

==================== End Of Log ============================

 

There was only one scan this time...??



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 26 December 2014 - 07:37 AM

I said:

Please download FRST (by Farbar) from the link below and save it to your Desktop.

What did you?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 26 December 2014 - 03:57 PM

Machiavelli, my computer automatically saves downloads to the download folder in my User folder and does not give me the option as to where to save it. I am sure I can figure out how to change those settings if you need me to.



#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 26 December 2014 - 04:03 PM

Then move the FRST64.exe file to your Desktop. :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 26 December 2014 - 04:33 PM

Got it!

 

1.)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Home (administrator) on HOME-PC on 26-12-2014 13:28:02
Running from C:\Users\Home\Desktop
Loaded Profile: Home (Available profiles: Home & Guest & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Visioneer Inc.) C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Visioneer Inc.) C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
() C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(ELTIMA Software) C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ContentWatch, Inc.) C:\Program Files\ContentWatch\bin\cwdaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SwapDrive, Inc.) C:\Program Files\Online Backup\OnlineBackup.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Adobe) C:\Users\Home\Downloads\acrobatpro11_I0BYAdigQqmzdp7y0IVOBg0409.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-06-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [ACQTMOUSE] => C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe [501760 2007-07-08] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [2C7603FDC7C6FB00CF7E7DE775158BA13E682513._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [76072 2013-04-09] (Intuit Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Google Update] => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-23] (Google Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [OnlineBackupScheduler] => C:\Program Files\Online Backup\OnlineBackup.exe [595592 2014-12-03] (SwapDrive, Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApMsgFwd.exe] => C:\Program Files\Apoint\ApMsgFwd.exe [66856 2010-03-17] (Alps Electric Co., Ltd.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [39.0.2171.95_39.0.2171.71_chrome_updater.exe] => 39.0.2171.95_39.0.2171.71_chrome_updater.exe
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\RunOnce: [Adobe Speed Launcher] => 1419337274
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2190783691-814972009-3028242154-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2190783691-814972009-3028242154-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-2190783691-814972009-3028242154-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2190783691-814972009-3028242154-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\searchplugins\web-search.xml
FF Extension: iCloud Bookmarks - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\firefoxdav@icloud.com [2014-12-15]
FF Extension: Bookmark Duplicate Cleaner - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\Extensions\bookmarkdup@localghost.net.xpi [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-12-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]
FF Extension: No Name - {F003DA68-8256-4b37-A6C4-350FA04494DF} [Not Found]
FF Extension: No Name - web2pdfextension@web2pdf.adobedotcom [Not Found]
FF Extension: No Name - e-webprint@epson.com [Not Found]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-18]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-18]
CHR Extension: (Business Valuation Software) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcngldahbgolgipnkmdpdgmbegakiokm [2014-12-06]
CHR Extension: (Mortgage and loan calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhagicmkabhoiamildffgfhdpfanapbo [2014-12-06]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-03-19]
CHR Extension: (Invoicera) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\edpnhgjhpakkoojbgaakfgildhipljab [2014-12-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-25]
CHR Extension: (iCloud Bookmarks) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-04-05]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-08-12]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2014-05-20]
CHR Extension: (Protect My Choices) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2014-08-12]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-08-12]
CHR Extension: (Loan Comparison Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkdodeilmjdkkdammcbialadkoikjhl [2014-12-06]
CHR Extension: (Income Tax Calculator for USA) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcecfljoakpeoalbffhkajdeljkabaem [2014-12-06]
CHR Extension: (Compound Interest Calculator) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbnlgammlfchoaicmiammeeolplakdg [2014-12-06]
CHR Extension: (Goodbudget) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhffmghajhedigppmcgiefaddneijge [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-18]
CHR Extension: (BudgetBuddy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonmeobjhhgmnnpmlbkdhdonmbdellle [2014-12-06]
CHR Extension: (Home Finance) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehlijeionoaacbmakjgjgcggdkbaikc [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-18]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-12-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-16] (AVAST Software)
R2 CWDaemon; C:\Program Files\ContentWatch\bin\cwdaemon.exe [4100264 2014-12-06] (ContentWatch, Inc.)
S3 CWUpdaterDaemon; C:\Program Files\ContentWatch\bin\cwupdater.exe [7736488 2014-05-29] (ContentWatch, Inc.)
R2 DM3220HV_0002_0; C:\Program Files\Visioneer\DM3220\DM3220HV_0002_0.EXE [417280 2013-05-27] (Visioneer Inc.)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OneTouch 4.0 Monitor; C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe [231936 2013-12-09] (Visioneer Inc.) [File not signed]
R2 piaservice; C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe [646656 2014-09-28] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 UsbService; C:\Program Files\Eltima Software\USB Network Gate\UsbService64.exe [3897640 2013-12-10] (ELTIMA Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACRUSBTM; C:\Windows\SysWOW64\drivers\ACRUSBTM.SYS [28672 2007-08-02] () [File not signed]
R1 adgnetworktdi; C:\Windows\System32\drivers\adgnetworktdi.sys [59408 2014-03-13] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-05-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
R3 ELTIMA_USB_HUB_FILTER; C:\Program Files\Eltima Software\USB Network Gate\drv\NT6x64\fusbhub.sys [88296 2013-12-10] (ELTIMA Software)
R3 eustub; C:\Windows\System32\DRIVERS\eusbstub.sys [17640 2013-12-10] (ELTIMA Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R3 narcpi_wfp; C:\Windows\System32\DRIVERS\narcpi_wfp.sys [33584 2014-12-06] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 spd3ssl; C:\Program Files (x86)\Spyware Process Detector\spd323.sys [15872 2013-02-25] () [File not signed]
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-09-22] ()
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [77032 2013-12-10] (ELTIMA Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Home\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 13:28 - 2014-12-26 13:28 - 00035612 _____ () C:\Users\Home\Desktop\FRST.txt
2014-12-26 13:04 - 2014-12-26 13:04 - 02122752 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2014-12-26 00:56 - 2014-12-26 00:56 - 00022156 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(3).qfx
2014-12-25 23:48 - 2014-12-25 23:48 - 00022156 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(2).qfx
2014-12-25 22:19 - 2014-12-25 22:19 - 01711896 _____ (Adobe) C:\Users\Home\Downloads\acrobatpro11_I0BYAdigQqmzdp7y0IVOBg0409.exe
2014-12-25 17:58 - 2014-12-25 17:58 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-25 17:30 - 2014-12-25 17:31 - 00055845 _____ () C:\Users\Home\Downloads\Addition.txt
2014-12-25 17:28 - 2014-12-26 13:28 - 00000000 ____D () C:\FRST
2014-12-25 17:28 - 2014-12-26 04:06 - 00083425 _____ () C:\Users\Home\Downloads\FRST.txt
2014-12-25 08:11 - 2014-12-25 08:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 00:55 - 2014-12-25 00:55 - 02122240 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
2014-12-24 00:42 - 2014-12-24 11:13 - 00012353 _____ () C:\Users\Home\Desktop\Christmas 2014.xlsx
2014-12-23 16:46 - 2014-12-23 16:46 - 00003254 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2190783691-814972009-3028242154-1000
2014-12-23 15:17 - 2014-12-23 15:18 - 00000000 ____D () C:\Users\Home\Desktop\Screen Shots
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\IsolatedStorage
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\Users\Home\AppData\Local\FileViewPro
2014-12-23 15:03 - 2014-12-23 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-12-22 19:19 - 2014-12-23 04:08 - 00000000 ____D () C:\Users\Home\Desktop\Scans
2014-12-22 12:35 - 2014-12-22 12:35 - 00000000 ____D () C:\INET
2014-12-21 23:35 - 2014-12-21 23:35 - 00653428 _____ () C:\Users\Home\Downloads\QuickenWin_092014_122014.qfx
2014-12-21 23:35 - 2014-12-21 23:35 - 00293511 _____ () C:\Users\Home\Downloads\QuickenWin_122014_122014.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00575881 _____ () C:\Users\Home\Downloads\QuickenWin_032013_062013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013.qfx
2014-12-21 23:34 - 2014-12-21 23:34 - 00565969 _____ () C:\Users\Home\Downloads\QuickenWin_122012_032013(1).qfx
2014-12-21 22:03 - 2014-12-21 22:03 - 00688992 ____R (Swearware) C:\Users\Home\Downloads\dds.com
2014-12-21 20:32 - 2014-12-21 20:32 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player.exe
2014-12-21 20:32 - 2014-12-21 20:32 - 17541296 _____ (Adobe Systems Incorporated) C:\Users\Home\Downloads\install_flash_player_ax.exe
2014-12-21 02:20 - 2014-12-21 02:20 - 00000000 ____D () C:\Users\Home\Documents\Taxes
2014-12-21 01:40 - 2014-12-21 01:40 - 39426560 _____ () C:\Users\Home\Downloads\Net_Nanny_for_Windows_7.2.3.0-8335_x86_64_NN_release.msi
2014-12-19 11:45 - 2014-12-19 11:45 - 00186568 _____ (ESET) C:\Users\Home\Downloads\ESETPoweliksCleaner.exe
2014-12-19 00:34 - 2014-12-26 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 00:34 - 2014-12-19 00:34 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-19 00:34 - 2014-12-19 00:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-19 00:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-19 00:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-18 23:50 - 2014-12-18 23:50 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Home\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-17 19:03 - 2014-12-17 19:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-17 19:02 - 2014-12-17 19:03 - 02347384 _____ (ESET) C:\Users\Home\Downloads\esetsmartinstaller_enu.exe
2014-12-17 17:01 - 2014-12-16 23:49 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-17 14:04 - 2014-12-17 14:04 - 01707646 _____ (Thisisu) C:\Users\Home\Downloads\JRT.exe
2014-12-17 11:46 - 2014-12-20 16:02 - 00000000 ____D () C:\AdwCleaner
2014-12-17 11:45 - 2014-12-17 11:45 - 02166272 _____ () C:\Users\Home\Downloads\adwcleaner_4.105.exe
2014-12-17 11:28 - 2014-12-17 11:28 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
2014-12-17 11:19 - 2014-12-20 16:16 - 00000000 ____D () C:\Users\Home\Downloads\JavaRa-2.3
2014-12-17 11:18 - 2014-12-17 11:19 - 00157265 _____ () C:\Users\Home\Downloads\JavaRa-2.3.zip
2014-12-17 10:09 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 10:09 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 23:53 - 2014-12-16 23:53 - 00000000 ____D () C:\Users\Home\AppData\Roaming\AVAST Software
2014-12-16 23:51 - 2014-12-17 17:02 - 00001970 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-16 23:51 - 2014-12-17 17:02 - 00001910 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-12-16 23:51 - 2014-12-16 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-16 23:49 - 2014-12-25 17:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 23:49 - 2014-12-16 23:50 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-16 23:49 - 2014-12-16 23:49 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-16 23:49 - 2014-12-16 23:49 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-16 23:42 - 2014-12-16 23:42 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-16 23:40 - 2014-12-16 23:40 - 00001795 _____ () C:\Users\Home\Downloads\license(1).avastlic
2014-12-16 22:39 - 2014-12-16 22:39 - 01054912 _____ (Adobe) C:\Users\Home\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2014-12-16 22:24 - 2014-12-16 22:24 - 00000000 ____D () C:\Users\Home\Documents\Bluetooth Exchange Folder
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_premier_antivirus_setup_online.exe
2014-12-16 21:44 - 2014-12-16 21:45 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_premier_antivirus_setup_online.exe
2014-12-16 21:01 - 2014-12-16 22:19 - 00014628 _____ () C:\Users\Home\Documents\Bella's Uniform.xlsx
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Public\Desktop\avast_internet_security_setup_online.exe
2014-12-16 19:55 - 2014-12-16 19:56 - 04836064 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup_online.exe
2014-12-16 17:55 - 2014-12-16 18:00 - 186654536 _____ (AVAST Software) C:\Users\Home\Downloads\avast_internet_security_setup.exe
2014-12-16 17:55 - 2014-12-16 17:55 - 00001769 _____ () C:\Users\Home\Downloads\license.avastlic
2014-12-16 12:32 - 2014-12-16 12:32 - 00000000 ____D () C:\Users\Home\Documents\My OneTouch Archive
2014-12-15 13:45 - 2014-12-23 04:02 - 00000000 ____D () C:\Users\Home\Desktop\Credit Report.1_files
2014-12-15 13:41 - 2014-12-16 10:23 - 00777995 _____ () C:\Users\Home\Desktop\Backup of IRA 83880 Securities sold.wbk
2014-12-15 13:17 - 2014-12-15 13:17 - 00400384 _____ () C:\Users\Home\Downloads\outlooktoolssetup.msi
2014-12-15 12:50 - 2014-12-15 12:50 - 00030795 _____ () C:\Users\Home\Desktop\Family Sharing - iCloud Help.htm
2014-12-15 12:49 - 2014-12-15 12:49 - 00421565 _____ () C:\Users\Home\Desktop\Credit Report.htm
2014-12-15 12:19 - 2014-12-15 12:33 - 00000000 ____D () C:\Users\Home\Documents\Fax
2014-12-15 11:59 - 2014-12-22 12:27 - 00000000 ___RD () C:\Users\Home\iCloudDrive
2014-12-15 11:59 - 2014-12-15 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple Inc
2014-12-15 01:14 - 2014-12-15 01:14 - 00251350 _____ () C:\Users\Home\Desktop\St Johns trip.htm
2014-12-15 01:14 - 2014-12-15 01:14 - 00000000 ____D () C:\Users\Home\Desktop\St Johns trip_files
2014-12-14 22:18 - 2014-12-14 22:18 - 00320222 _____ () C:\Users\Home\Documents\Backup of error.wbk
2014-12-13 17:22 - 2014-12-13 17:23 - 00038327 _____ () C:\Windows\SysWOW64\Result.txt
2014-12-13 12:31 - 2014-12-13 12:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Home\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 12:28 - 2014-12-13 12:29 - 00401920 _____ (Farbar) C:\Users\Home\Downloads\MiniToolBox.exe
2014-12-12 23:37 - 2014-12-12 23:37 - 00000042 _____ () C:\Windows\SysWOW64\AK083E209605E394C.lie
2014-12-12 23:21 - 2014-12-12 23:21 - 00008640 _____ () C:\Users\Home\AppleMobileDeviceService.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000073 _____ () C:\Users\Home\AdobeCollabSync.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000063 _____ () C:\Users\Home\chrome.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000032 _____ () C:\Users\Home\AppleMobileDeviceService.sav
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\chrome.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AppleMobileDeviceService.map
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.sys
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.mem
2014-12-12 23:21 - 2014-12-12 23:21 - 00000000 _____ () C:\Users\Home\AdobeCollabSync.map
2014-12-12 13:45 - 2014-12-21 21:01 - 00052607 _____ () C:\Users\Home\Downloads\Result.txt
2014-12-11 23:36 - 2014-12-11 23:36 - 10547200 _____ () C:\Users\Guest\nvtray.mem
2014-12-11 23:36 - 2014-12-11 23:36 - 00007560 _____ () C:\Users\Guest\nvtray.map
2014-12-11 23:36 - 2014-12-11 23:36 - 00000058 _____ () C:\Users\Guest\nvtray.sav
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-11 23:19 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Exchange Folder
2014-12-11 22:51 - 2014-12-11 22:51 - 00000000 ____D () C:\Users\Guest\AppData\Local\Broadcom
2014-12-11 22:50 - 2014-12-12 15:43 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Epson
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\My OneTouch Archive
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\Documents\Mail Attachments
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Sony Corporation
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\LinkManager 4.0
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Leader Technologies
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Acer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 ____D () C:\Users\Guest\AppData\Local\Visioneer
2014-12-11 22:50 - 2014-12-11 22:50 - 00000000 _____ () C:\Users\Guest\Sti_Trace.log
2014-12-11 10:14 - 2014-12-11 10:17 - 00000000 ____D () C:\Users\Home\Downloads\backups
2014-12-11 09:44 - 2014-12-12 21:24 - 00021231 _____ () C:\Users\Home\Downloads\hijackthis.log
2014-12-11 09:17 - 2014-12-12 23:04 - 00000000 ____D () C:\Program Files (x86)\SafeIP
2014-12-11 09:17 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeIP
2014-12-11 08:27 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\QFX Software
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
2014-12-10 22:21 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files (x86)\KeyScrambler
2014-12-10 22:08 - 2014-12-10 22:08 - 01553104 _____ () C:\Users\Home\Downloads\KeyScrambler_Setup.exe
2014-12-10 22:06 - 2014-12-10 22:07 - 05490752 _____ (Secunia) C:\Users\Home\Downloads\PSISetup.exe
2014-12-10 20:07 - 2014-12-10 20:07 - 00509440 _____ (Tech Support Guy System) C:\Users\Home\Downloads\SysInfo.exe
2014-12-10 19:53 - 2014-12-10 19:53 - 00852497 _____ () C:\Users\Home\Downloads\SecurityCheck.exe
2014-12-10 14:47 - 2014-12-10 14:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-12-10 09:50 - 2014-12-10 09:50 - 00000000 _____ () C:\Users\Home\Sti_Trace.log
2014-12-10 07:16 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:16 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 04:00 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 04:00 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 04:00 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 04:00 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 04:00 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 04:00 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 04:00 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 04:00 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 04:00 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 04:00 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 04:00 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 04:00 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 04:00 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 04:00 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 04:00 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 04:00 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 04:00 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 04:00 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 04:00 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 04:00 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 04:00 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 04:00 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 04:00 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 04:00 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 04:00 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 04:00 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 04:00 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 04:00 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 04:00 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 04:00 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 04:00 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 04:00 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 04:00 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 04:00 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 04:00 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 04:00 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 04:00 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 04:00 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 04:00 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 04:00 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 04:00 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 04:00 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 04:00 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 04:00 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 04:00 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 04:00 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 21:39 - 2014-12-09 21:39 - 01070592 _____ () C:\Users\Home\Downloads\MicrosoftFixit50569.msi
2014-12-09 21:39 - 2014-12-09 21:39 - 00000000 ____D () C:\Users\Home\AppData\Roaming\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000772 _____ () C:\Users\Home\Desktop\DropIt.lnk
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DropIt
2014-12-09 14:42 - 2014-12-09 14:42 - 00000000 ____D () C:\Program Files\DropIt
2014-12-09 14:15 - 2014-12-09 14:15 - 04224708 _____ (Lupo PenSuite Team ) C:\Users\Home\Downloads\DropIt_v8.0_Setup.exe
2014-12-08 23:58 - 2014-12-08 23:59 - 05631912 _____ (j2 Global) C:\Users\Home\Downloads\msgrplus.exe
2014-12-08 23:33 - 2014-12-26 13:27 - 00000000 ____D () C:\Users\Home\AppData\Local\ContentWatch
2014-12-08 22:54 - 2014-12-08 23:02 - 71648048 _____ (Apple Inc.) C:\Users\Home\Downloads\iCloudSetup.exe
2014-12-08 21:31 - 2014-12-08 21:31 - 00001159 _____ () C:\Users\Home\Desktop\Mozilla Firefox.lnk
2014-12-08 10:05 - 2014-12-08 10:05 - 00022528 _____ () C:\Users\Home\Documents\QDRO's and call  with Mr. Bender.msg
2014-12-07 19:04 - 2014-12-20 16:02 - 00377042 _____ () C:\Windows\PFRO.log
2014-12-07 14:52 - 2014-12-07 14:52 - 00000000 ____D () C:\Users\Home\AppData\Local\Macromedia
2014-12-07 14:44 - 2014-12-07 14:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Users\Home\AppData\Local\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:44 - 2014-12-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-06 23:22 - 2014-12-06 23:22 - 00000808 _____ () C:\Users\Public\Desktop\FileViewPro.lnk
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Spacekace
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2014-12-06 23:22 - 2014-12-06 23:22 - 00000000 ____D () C:\Program Files\FileViewPro
2014-12-06 23:21 - 2014-12-06 23:22 - 03071160 _____ () C:\Users\Home\Downloads\Setup_FileViewPro_2015.exe
2014-12-06 23:18 - 2014-12-07 02:42 - 00000000 ____D () C:\Users\Home\Desktop\Nutrition
2014-12-06 20:23 - 2014-12-06 20:22 - 00033584 _____ () C:\Windows\system32\Drivers\narcpi_wfp.sys
2014-12-06 20:19 - 2014-12-22 12:27 - 00002091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Nanny.lnk
2014-12-06 20:18 - 2014-12-06 20:23 - 00000000 ____D () C:\Program Files\ContentWatch
2014-12-06 20:18 - 2014-12-06 20:18 - 00000000 ____D () C:\ProgramData\ContentWatch
2014-12-06 20:04 - 2014-12-06 20:05 - 00244104 _____ () C:\Users\Home\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-06 19:15 - 2014-12-06 19:15 - 00000610 _____ () C:\Users\Home\Downloads\iCal-TribeEvents.ics
2014-12-06 18:48 - 2014-12-07 14:10 - 00000000 ____D () C:\Users\Home\Desktop\Stanford
2014-12-06 16:56 - 2014-12-06 17:00 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x86
2014-12-06 16:55 - 2014-12-06 16:55 - 02479498 _____ () C:\Users\Home\Downloads\CalCheck_x86.zip
2014-12-06 16:49 - 2014-12-06 16:49 - 00000000 ____D () C:\NVIDIA
2014-12-06 16:27 - 2014-12-06 16:29 - 00000000 ____D () C:\Users\Home\Downloads\CalCheck_x64
2014-12-06 16:26 - 2014-12-06 16:27 - 03039177 _____ () C:\Users\Home\Downloads\CalCheck_x64.zip
2014-12-06 12:10 - 2014-12-22 12:25 - 00003673 _____ () C:\Windows\setupact.log
2014-12-06 12:10 - 2014-12-06 12:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 12:08 - 2014-12-15 18:38 - 00000792 _____ () C:\Windows\LkmdfCoInst.log
2014-12-06 00:20 - 2014-12-06 00:20 - 00004374 _____ () C:\Users\Home\Documents\cc_20141206_002053.reg
2014-12-06 00:19 - 2014-12-06 00:20 - 00137580 _____ () C:\Users\Home\Documents\cc_20141206_001939.reg
2014-12-05 23:37 - 2014-12-06 11:50 - 00000000 ____D () C:\Program Files\Defraggler
2014-12-05 23:37 - 2014-12-05 23:39 - 00001684 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-12-05 23:37 - 2014-12-05 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-12-05 23:36 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Speccy
2014-12-05 23:36 - 2014-12-05 23:37 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-12-05 23:33 - 2014-12-12 23:03 - 00000000 ____D () C:\Program Files\Recuva
2014-12-05 23:33 - 2014-12-05 23:33 - 00001618 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-05 23:32 - 2014-12-05 23:32 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-05 23:32 - 2014-12-05 23:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-05 12:02 - 2014-12-23 17:43 - 00000000 ____D () C:\Users\Home\AppData\Local\C0723A44-78D8-497A-BA50-F70977CE9324.aplzod
2014-12-05 10:16 - 2014-12-05 10:16 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-12-03 21:20 - 2014-12-04 23:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 21:20 - 2014-12-03 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 11:38 - 2014-12-03 11:38 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143833.csv
2014-12-03 11:31 - 2014-12-03 11:31 - 00019119 _____ () C:\Users\Home\Downloads\ExportData03122014143153.csv
2014-12-03 10:17 - 2014-12-03 10:18 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online Backup
2014-12-03 10:17 - 2014-12-03 10:17 - 00000000 ____D () C:\Program Files\Online Backup
2014-12-02 13:23 - 2014-12-23 17:33 - 00000000 ____D () C:\Users\Home\Documents\Outlook Files
2014-12-02 10:28 - 2014-12-02 10:28 - 00033465 _____ () C:\Users\Home\Downloads\stmt (19).qfx
2014-12-02 00:58 - 2014-12-02 00:58 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433 (1).qfx
2014-12-02 00:56 - 2014-12-02 00:56 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (2).qfx
2014-12-02 00:52 - 2014-12-02 00:52 - 00001854 _____ () C:\Users\Home\Desktop\Quicken 2013.lnk
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (18).qfx
2014-12-02 00:47 - 2014-12-02 00:47 - 00000982 _____ () C:\Users\Home\Downloads\stmt (17).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (16).qfx
2014-12-02 00:44 - 2014-12-02 00:44 - 00000982 _____ () C:\Users\Home\Downloads\stmt (15).qfx
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (3).qbo
2014-12-02 00:43 - 2014-12-02 00:43 - 00001167 _____ () C:\Users\Home\Downloads\stmt (2).qbo
2014-12-02 00:40 - 2014-12-02 00:40 - 00001167 _____ () C:\Users\Home\Downloads\stmt (1).qbo
2014-12-02 00:39 - 2014-12-02 00:39 - 00001143 _____ () C:\Users\Home\Downloads\stmt (14).qfx
2014-12-02 00:38 - 2014-12-02 00:38 - 00001143 _____ () C:\Users\Home\Downloads\stmt (13).qfx
2014-12-02 00:37 - 2014-12-02 00:37 - 00000982 _____ () C:\Users\Home\Downloads\stmt (12).qfx
2014-12-02 00:36 - 2014-12-02 00:36 - 00007221 _____ () C:\Users\Home\Downloads\stmt (11).qfx
2014-12-02 00:25 - 2014-12-02 00:25 - 00001115 _____ () C:\Users\Home\Downloads\currentTransaction_3433 (1).qfx
2014-12-02 00:23 - 2014-12-02 00:23 - 00032512 _____ () C:\Users\Home\Downloads\stmt (10).qfx
2014-12-01 13:53 - 2014-12-01 13:53 - 12198204 _____ () C:\Users\Home\Downloads\Your Adobe Workspaces Files.zip
2014-12-01 11:19 - 2014-12-01 11:20 - 00561916 _____ () C:\Users\Home\Downloads\QuickenWin_032013_052013.qfx
2014-12-01 11:18 - 2014-12-01 11:18 - 00590340 _____ () C:\Users\Home\Downloads\QuickenWin_122012_022013.qfx
2014-11-30 14:00 - 2014-11-30 14:00 - 07994347 _____ () C:\Users\Home\Downloads\USB Control Center_v200_Windows.exe
2014-11-30 10:16 - 2014-11-30 10:16 - 00001470 _____ () C:\Users\Home\Desktop\Backup files 2.zip - Shortcut.lnk
2014-11-30 03:00 - 2014-11-30 03:01 - 67882768 _____ (Intuit ) C:\Users\Home\Downloads\QW2013R12Patch.exe
2014-11-30 00:18 - 2014-11-30 00:18 - 00347816 _____ (Microsoft Corporation) C:\Users\Home\Downloads\MicrosoftFixit.WinFileFolder.RNP.1340762677194257.1.1.Run.exe
2014-11-28 03:31 - 2014-11-28 03:31 - 00003166 _____ () C:\Windows\System32\Tasks\{63BDAFB3-4E7F-46DD-9BB8-A091540C5890}
2014-11-27 21:53 - 2014-11-27 21:53 - 00002151 _____ () C:\Users\Home\Downloads\Transactions (1).qfx
2014-11-27 21:52 - 2014-11-27 21:52 - 00001004 _____ () C:\Users\Home\Downloads\Transactions.qfx
2014-11-27 21:47 - 2014-11-27 21:47 - 00001674 _____ () C:\Users\Home\Downloads\Transaction (3).qfx
2014-11-27 16:33 - 2014-11-30 20:12 - 00000000 ____D () C:\Users\Home\AppData\Roaming\.minecraft
2014-11-26 13:03 - 2014-11-26 13:03 - 00029985 _____ () C:\Users\Home\Downloads\ExportData26112014160311.csv
2014-11-26 13:01 - 2014-11-26 13:01 - 00027736 _____ () C:\Users\Home\Downloads\ExportData26112014160102.csv
2014-11-26 12:54 - 2014-11-26 12:54 - 00025214 _____ () C:\Users\Home\Downloads\ExportData26112014155359.csv
2014-11-26 12:27 - 2014-11-26 12:27 - 00031474 _____ () C:\Users\Home\Downloads\ExportData26112014152736.csv
2014-11-26 12:08 - 2014-11-26 12:08 - 00000987 _____ () C:\Users\Home\Downloads\stmt (9).qfx
2014-11-26 12:02 - 2014-11-26 12:02 - 00003023 _____ () C:\Users\Home\Downloads\November2014_3433.qfx
2014-11-26 02:36 - 2014-11-26 02:36 - 00009413 _____ () C:\Users\Home\Downloads\MBFS_TransHist_20141126.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 13:28 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-26 13:18 - 2014-04-04 14:10 - 00000000 ___RD () C:\Users\Home\Desktop\Dropbox
2014-12-26 13:09 - 2014-09-26 15:32 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashDumps
2014-12-26 13:00 - 2014-11-11 13:00 - 00000911 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-26 13:00 - 2014-11-11 13:00 - 00000725 _____ () C:\Windows\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6}.job
2014-12-26 12:51 - 2014-04-23 18:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA.job
2014-12-26 12:47 - 2014-03-18 08:21 - 01596822 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 12:46 - 2014-04-03 21:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 08:51 - 2014-04-23 18:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core.job
2014-12-26 06:42 - 2014-03-18 11:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 03:14 - 2014-11-20 23:16 - 00000000 ____D () C:\Users\Home\Desktop\VALIDATE
2014-12-26 02:02 - 2014-03-31 14:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-26 00:59 - 2014-07-22 19:17 - 00000000 ____D () C:\Users\Home\Desktop\Quicken Backup
2014-12-25 22:22 - 2014-03-18 11:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-25 16:26 - 2014-07-14 23:41 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe
2014-12-23 10:58 - 2014-03-21 14:07 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-22 19:20 - 2014-03-18 08:21 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore
2014-12-22 19:19 - 2014-03-18 08:21 - 00000000 ___RD () C:\Users\Home
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:36 - 2009-07-13 20:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 12:34 - 2014-04-04 14:03 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Dropbox
2014-12-22 12:28 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Skype
2014-12-22 12:25 - 2014-03-19 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-22 12:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-20 16:21 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-20 15:07 - 2014-04-22 15:57 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-12-20 15:07 - 2014-04-22 15:55 - 00000000 ____D () C:\ProgramData\DivX
2014-12-20 15:00 - 2014-04-22 15:59 - 00000000 ____D () C:\Program Files\DivX
2014-12-18 23:27 - 2014-03-18 11:59 - 00000000 ____D () C:\Users\Home\AppData\Local\Apple
2014-12-18 15:10 - 2009-07-13 21:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-17 10:31 - 2014-04-03 21:28 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-17 10:31 - 2014-04-03 21:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-17 10:30 - 2014-04-03 21:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-16 22:26 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-16 19:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2014-12-16 17:51 - 2014-05-05 10:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-15 18:38 - 2014-03-19 20:34 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-12-14 16:58 - 2014-05-20 21:57 - 00000000 ____D () C:\Users\Home\Documents\Sony PMB
2014-12-14 16:55 - 2014-06-08 20:02 - 00000000 ____D () C:\Users\Home\Documents\MAKO Foundation
2014-12-14 16:37 - 2014-11-20 09:48 - 00000000 ____D () C:\Users\Home\Desktop\Quicken Reports
2014-12-14 03:18 - 2014-03-19 23:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 01:13 - 2014-11-16 21:50 - 00000000 ____D () C:\Program Files (x86)\Spyware Process Detector
2014-12-13 00:54 - 2014-05-21 00:39 - 00103642 _____ () C:\test.xml
2014-12-12 23:03 - 2014-10-30 02:08 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft IPNetInfo
2014-12-12 23:03 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-12 23:03 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest
2014-12-12 23:03 - 2014-03-18 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-12 23:03 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-12-12 15:44 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-12-12 15:43 - 2014-08-03 13:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2014-12-12 12:22 - 2011-04-12 00:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-12 11:37 - 2014-08-03 13:10 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Apple Computer
2014-12-11 23:19 - 2014-10-11 11:31 - 00117192 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 22:51 - 2014-10-11 11:31 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-12-10 13:10 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 09:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 07:51 - 2014-03-18 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:20 - 2014-03-18 10:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 10:36 - 2014-04-04 14:05 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-08 21:39 - 2014-03-18 08:21 - 00001413 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-07 14:39 - 2014-11-17 00:28 - 00000000 ____D () C:\Program Files (x86)\Bazooka Scanner
2014-12-06 17:10 - 2009-07-13 21:13 - 00828724 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 11:13 - 2014-11-11 10:30 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-12-06 00:26 - 2014-05-05 15:29 - 00000000 ____D () C:\Windows\pss
2014-12-05 23:58 - 2014-03-18 09:10 - 00000000 ____D () C:\Windows\Panther
2014-12-05 23:57 - 2014-05-11 23:59 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 10:25 - 2014-08-25 22:05 - 00117192 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-05 10:23 - 2014-08-27 08:55 - 00435480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-05 10:16 - 2014-03-20 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-05 10:12 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\ShellNew
2014-12-05 10:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-05 10:06 - 2009-07-13 18:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-04 23:36 - 2014-03-18 11:55 - 00000000 ____D () C:\ProgramData\Skype
2014-12-01 22:33 - 2014-11-23 23:59 - 00000000 ____D () C:\Users\Home\Desktop\BACKUP
2014-11-30 16:14 - 2014-05-20 13:58 - 00007673 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
2014-11-30 14:07 - 2014-03-18 13:45 - 00821338 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-27 19:45 - 2014-03-18 11:59 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-26 00:09 - 2014-11-20 23:33 - 03288144 _____ () C:\Users\Home\Desktop\774523-1-20-2014 (3)OFXLOG.DAT

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqp7win.dll
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 19:27

==================== End Of Log ============================

 

2.)

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by Home at 2014-12-26 13:29:24
Running from C:\Users\Home\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Team Outlook Duplicate Remover (HKLM\...\{D1E252D1-51A5-42B1-8C6C-DD4A208D2371}) (Version: 3.21.0118 - 4Team Corporation)
4Team PST Merger (HKLM\...\{8601237C-7B73-4CD1-B53F-0909077F0D83}) (Version: 1.0.4994 - 4Team Corporation)
4Team PST Merger (HKLM-x32\...\{5841172B-2B1E-43C5-AA8E-A56CABFFFF38}) (Version: 1.0.4994 - 4Team Corporation)
4Team PST Splitter (HKLM-x32\...\{BF6D7475-92D9-45E4-B811-6891EEFBB85F}) (Version: 1.0.4913 - 4Team Corporation)
64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
All  In  One - Key logger (HKLM-x32\...\HojO9psdv_is1) (Version:  - )
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Anti-Dupe for Microsoft Outlook (HKLM-x32\...\Anti-Dupe for Microsoft Outlook) (Version: 3.0 - Lookout Software, Ltd.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.278 - ArcSoft)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bazooka Scanner (HKLM-x32\...\{CB0888EE-96D8-4713-84DC-36462C33AEB4}) (Version:  - Kephyr)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DropIt (v8.0) (HKLM\...\DropIt_is1) (Version: 8.0 - Lupo PenSuite Team)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{682A3328-9621-4BAD-91FA-873A076610C4}) (Version: 1.21.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
Google Chrome (HKLM-x32\...\{FBD50733-2ABE-3D23-88B4-7B0C0A0ADDA0}) (Version: 65.181.32922 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam (HKLM-x32\...\iFunBox 2014_is1) (Version: v3.1.562.425 - )
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2190783691-814972009-3028242154-1000\...\MyFreeCodec) (Version:  - )
Net Nanny (HKLM\...\{16DADBB0-4E2B-47E2-80A0-F26FFDB549BE}) (Version: 7.2.2.0 - ContentWatch)
Network Inventory Advisor 4.3 (HKLM-x32\...\Network Inventory Advisor) (Version: 4.3 - ClearApps, Inc.)
NirSoft BulletsPassView (HKLM-x32\...\NirSoft BulletsPassView) (Version:  - )
NirSoft IPNetInfo (HKLM-x32\...\NirSoft IPNetInfo) (Version:  - )
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version:  - )
NirSoft NK2Edit (HKLM-x32\...\NirSoft NK2Edit) (Version:  - )
NirSoft Password Security Scanner (HKLM-x32\...\NirSoft Password Security Scanner) (Version:  - )
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version:  - )
NirSoft RegScanner (HKLM-x32\...\NirSoft RegScanner) (Version:  - )
NirSoft SniffPass (HKLM-x32\...\NirSoft SniffPass) (Version:  - )
NirSoft VideoCacheView (HKLM-x32\...\NirSoft VideoCacheView) (Version:  - )
NirSoft WebVideoCap (HKLM-x32\...\NirSoft WebVideoCap) (Version:  - )
NirSoft WhoisThisDomain (HKLM-x32\...\NirSoft WhoisThisDomain) (Version:  - )
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OneTouch 4.6 (HKLM-x32\...\{AF8B1525-17EF-4D2E-A018-8D79CE260BA8}) (Version: 4.6.1913.12093 - Visioneer Inc.)
Online Backup (HKLM-x32\...\Online Backup) (Version: 2.33 - www.backup.com)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
Quicken WillMaker Plus 2013 (HKLM-x32\...\{8065044B-2AF3-434E-A6E2-B7C60CDB978B}) (Version: 1.0.0.0 - Nolo)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 8.0.3.112 - Recover Keys)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 1.04.01.00 - Samsung Electronics Co., Ltd.)
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.2.0.14250 - Sony Corporation)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spyware Process Detector v3.23.2 (HKLM-x32\...\Spyware Process Detector_is1) (Version: 3.23.2 - System SoftLab)
StoryBook Creator 4.0 (HKLM\...\{4518D70B-8A8B-4A4D-826F-8E16DCAC674E}) (Version: 4.0.4335 - Creative Memories)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Tilt Mouse Software 4.1 (HKLM-x32\...\Tilt Mouse Software_is1) (Version:  - )
USB Network Gate 6.2 (Build 6.2.671) (HKLM\...\USB to Ethernet Connector_is1) (Version:  - ELTIMA Software)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.2.0.15020 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.2.0.15020 - Sony Corporation)
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.1.0.13200 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version:  - )
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
Visioneer Acuity Assets V1 (HKLM-x32\...\{B18BA00A-8857-4A54-B1CF-82BBB33CBF96}) (Version: 5.1.1114.7042 - Visioneer Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.3950 - Broadcom Corporation)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Atheros Communications Inc. (athr) Net  (02/12/2010 9.0.0.125) (HKLM\...\62D2521666DCF9EBEC983E0344A3DEE15CF2C6D3) (Version: 02/12/2010 9.0.0.125 - Atheros Communications Inc.)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/12/2010 6.3.0.3820) (HKLM\...\C3D0C7A1290AAA6A45D0D0422262CE3370E27BE5) (Version: 02/12/2010 6.3.0.3820 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/28/2010 6.3.0.3850) (HKLM\...\D9022850BCF278EAFBF9EDC8741DC09A1AE20B6B) (Version: 02/28/2010 6.3.0.3850 - Broadcom Corporation)
Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500) (HKLM\...\3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003) (Version: 09/11/2009 6.3.0.1500 - Broadcom)
Windows Driver Package - Ricoh Company (risdsnpe) hdc  (12/25/2009 6.13.03.02) (HKLM\...\181DCE8F6E8325736063FE20BB12023D439F671C) (Version: 12/25/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Ricoh Company MS Host Controller (12/21/2009 6.13.03.02) (HKLM\...\398F0BAAFBB5C68EB2C413A98F8C385C3E0897D6) (Version: 12/21/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/27/2009 8.0.1.2) (HKLM\...\4E827A70BAA738C408DBDD024BCACE5085D946F1) (Version: 11/27/2009 8.0.1.2 - Sony Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
WordPerfect Office X7 (x32 Version: 17.0 - Corel Corporation) Hidden
Xerox DocuMate 3220 Driver (HKLM-x32\...\{1122C086-8788-4A44-A341-97A9E0D912D2}) (Version: 5.1.13.5279 - Visioneer Inc.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2190783691-814972009-3028242154-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

23-12-2014 08:44:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2014-08-18 11:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0929E915-F795-44C4-98BE-F4B1C2460891} - System32\Tasks\{79161F90-53AD-4DF5-842F-1247BF7F4A46} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {097D5FF9-7508-441E-97A1-127C8CEA2737} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [2013-01-18] ()
Task: {0F7FE823-39C9-4DA8-BD6E-C82B955B8D81} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {140E8480-5C26-4FC4-9F72-82A065601062} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {16D5F3E7-92AB-43FA-9EA8-912FCEA9BC25} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {176A51B7-04E8-4B17-B375-678021AD0549} - System32\Tasks\{B4D31E76-A68E-482F-9627-308A1CEF529F} => C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {1A9F76BC-D516-49C5-B49E-E29E96B1C9C6} - System32\Tasks\{2EB2A81C-EB29-423A-9A29-939724553204} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1DED06A3-4B29-4DC8-A2C0-3778A2D4FEB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {1F0C73A2-2429-4B91-8C04-65F87459E72A} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {20C1965C-CB8B-47DC-BBE1-06B9D17344DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {255C4A49-E0D4-4F5B-823E-ECFA0321948B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {2A102BAF-14EF-4601-80DA-C44508D1F358} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-17] ()
Task: {2C6D121C-D8C3-41B4-A569-B8F08922D6D6} - System32\Tasks\{85245CB0-E498-4BF1-9B97-B567625B9EDD} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64.msi"
Task: {34A7EE91-D8FE-41D9-8B9B-E6D5FD7F518D} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {35F51BFF-BFC0-4B2C-A018-F37392AE2ABA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {3CD9B40D-ECFC-4C74-97D3-5EE380266B59} - System32\Tasks\{6E5B0750-1281-4210-AD1E-862ABC01DA38} => C:\Users\Home\Downloads\tdsskiller.exe
Task: {3DEB4C01-7EA5-4EBB-9F47-616B3A7F578D} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {4378ADC4-226E-46B1-82C1-03C2D873E10C} - System32\Tasks\{CA30ED9E-17D2-44A6-83E4-551AC3C695D4} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {44040576-19D6-4A1D-BA1C-FD0330BB994C} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - Home => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2011-04-07] (Leader Technologies Inc.)
Task: {45B45B16-3BD1-4094-9234-43992945B801} - System32\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {4AFD3446-3132-445A-BEA8-AC1F24A5C3EB} - System32\Tasks\{54DB93A2-8398-4565-9C04-0E74F7FC6E41} => C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: {4D24CAEA-2214-4C62-B4F3-837F57E7FFF5} - System32\Tasks\{D7C904C6-C596-4DD1-8765-36D4FB9F47FC} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {4DB0C5C5-95CB-4723-BA33-44CC9841F77B} - System32\Tasks\{02739DE2-6B98-4A16-A375-775FFE31E64B} => pcalua.exe -a C:\Users\Home\Downloads\passrec_setup.exe -d C:\Users\Home\Downloads
Task: {53391675-9BA8-4F63-97A1-BEBC2CA74404} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {53A859D6-024B-4119-B250-CA549A82F331} - System32\Tasks\{7E90C16F-741D-42CE-8A2A-14E1182A76FB} => pcalua.exe -a C:\Users\Home\Downloads\REDAUD-00207646-0042.EXE -d C:\Users\Home\Downloads
Task: {544468DD-0CEF-4769-BA0E-9F49AA1EDE36} - System32\Tasks\{586EEC20-11DF-4BA3-9974-3811C75DB757} => pcalua.exe -a C:\Users\Home\Downloads\NVOOTH-00290897-100E.EXE -d C:\Users\Home\Downloads
Task: {5B9EB2C9-3B0E-4953-AB28-A1D2BC90ED49} - System32\Tasks\{8C656FFF-29BE-4EB3-B862-4E7AFE3B9107} => pcalua.exe -a C:\Users\Home\Downloads\SOAOTH-04122011-1040.EXE -d C:\Users\Home\Desktop
Task: {619B9CC1-4F2F-4366-9B7B-FA6FDA604373} - System32\Tasks\{B1BCB132-E8B9-40DB-AF2E-2BB5C24908AB} => pcalua.exe -a "C:\Users\Home\Downloads\SODOTH-00215540-0042 (1).EXE" -d C:\Users\Home\Downloads
Task: {6696A398-7B06-463C-87C6-79C5E963B424} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
Task: {7022BE3A-D215-401B-9FF7-E1A0373BED09} - System32\Tasks\{829E51C0-75BE-4F98-A391-8D5658736A86} => pcalua.exe -a "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQN8A04V\INDOTH-00215023-0042.EXE" -d C:\Users\Home\Desktop
Task: {702C7DE4-6C7D-4CF2-B409-00CB0693B799} - System32\Tasks\{A62FFE83-D172-448A-BE27-62BD0A841746} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {7484F73A-4EC1-4745-9B04-C67974FEA63A} - System32\Tasks\{2A56A1B4-5571-4426-90A7-6B0250B3E74A} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2014-11-21] (Malwarebytes Corporation)
Task: {7946F788-09CD-4E7C-9BEB-F240B5CF4C50} - System32\Tasks\{BEA95078-5C8D-4C69-818B-508513608B48} => pcalua.exe -a C:\Users\Home\Desktop\SOAOTH-00263500-1040.EXE -d C:\Users\Home\Desktop
Task: {7973F706-E3BE-4FBC-87F6-9E8CB8DEBF7B} - System32\Tasks\{80168FF8-518C-4D48-AAD1-0044C486B2F0} => pcalua.exe -a C:\Users\Home\Downloads\vcredist_x86.exe -d C:\Users\Home\Desktop
Task: {7FB04FBF-6818-428E-B524-4E900DF61DC9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8395AD18-226D-4777-86FB-AA74AE9C0012} - System32\Tasks\{4990B9F3-9A2E-40BC-8D9D-81B0B4F585D0} => pcalua.exe -a C:\Users\Home\Desktop\NVOOTH-00290897-100E.EXE -d C:\Users\Home\Desktop
Task: {87BEE1F5-6D17-4BBB-A1A6-4940D9AA0012} - System32\Tasks\{15C18651-6E5E-4EA7-BE20-AC3CDB42359B} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {9052FA5F-16CF-4386-9FC0-E78E116F4C92} - System32\Tasks\{807B02E0-29F5-480E-974F-CB4C70ABB41E} => C:\Program Files (x86)\Google\Cloud Print Service\28.0.1493.2\cloud_print_service_config.exe
Task: {91A677A4-2A74-4221-BC3A-0E732801906A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {952A2B4E-A77B-456B-97D6-35308E8163B0} - System32\Tasks\{26BBD571-E8DC-4E04-9AFF-6DD611ED99E9} => pcalua.exe -a "C:\Users\Home\Downloads\passrec_setup (1).exe" -d C:\Users\Home\Downloads
Task: {95D65755-2EDD-4E8E-BCCB-1C97CC864E0D} - System32\Tasks\{0DA4AA18-B394-48E1-B408-2A70D4F54D51} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {9B9C485C-47A4-4C4E-8AC7-696A5502DA41} - System32\Tasks\{A531B4EF-C7F1-402E-98CC-0A237F2C5AAF} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {9D16DA63-1D1D-4D57-B1B1-FA71CDB265F5} - System32\Tasks\avastBCLRestartS-1-5-21-2190783691-814972009-3028242154-1000 => Firefox.exe
Task: {A6A8B3F6-8FF5-48B8-B8ED-F99A6FA55298} - System32\Tasks\{E2A3A7D3-BC64-49FD-88BF-EF8F667EDA2A} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {A720E596-4D3E-416F-93C8-91FE42657BE5} - System32\Tasks\{D7A8F961-EC61-41A3-857D-360C5A344CC3} => pcalua.exe -a C:\Users\Home\Downloads\197.13_desktop_win7_winvista_64bit_english.exe -d C:\Users\Home\Downloads
Task: {A7307463-A836-4442-AD17-C72FEAB97AC1} - System32\Tasks\{9EB58C4E-64D6-407B-9D1A-3764405F7D73} => C:\Users\Home\Downloads\SOAOTH-00263500-1040.EXE
Task: {A979C690-07CA-4823-BC9B-81A08714D62C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AA060EBA-C9CD-4B1F-8BCF-DFE9B0BBF432} - System32\Tasks\{65E15EFF-DC5C-4FE0-BFC9-BC0C5535F9EF} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {ADC92118-9465-47C2-9585-260F660EECB5} - System32\Tasks\{52F24963-CDC2-496F-9439-91241CEB016B} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {B23B76B6-E1E8-4F36-B53C-1C03D59FD079} - System32\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B7D52DF1-2E3C-4356-9E16-C5EF21BEF35E} - System32\Tasks\{A7B36438-8DCD-4443-9DAD-E1133FD9A535} => pcalua.exe -a "C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1GGD9F0\AIBSYS-00235840-1040.EXE" -d C:\Users\Home\Desktop
Task: {BABC9FA9-E606-4F6E-85D8-65AD4B71DF0B} - System32\Tasks\{4F791B2F-5AB5-4FE2-861D-17C218E8CEDF} => pcalua.exe -a C:\Users\Home\Desktop\MicrosoftInstaller.exe -d C:\Users\Home\Desktop
Task: {BEE5D7D6-C039-4761-B75F-A8E9C7B9D9FE} - System32\Tasks\{9779476B-0FE0-45A2-8046-C1C31E28068C} => pcalua.exe -a E:\Root\Update\SOAOTH-00263500-1040\SOAOTH-00263500-1040.EXE -d E:\Root\Update\SOAOTH-00263500-1040
Task: {C003FA26-A191-485F-A9DD-D1F186593B1B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {C030E869-3C75-428E-8D43-8B065BD8D958} - System32\Tasks\{67017664-AA64-4914-8AB9-775FC2FDE59C} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {CA6477DD-ECB5-4D1A-86F4-274FD01B3A5C} - System32\Tasks\{5C0145C0-55FF-4E8F-9BC0-FD62B3E98D66} => pcalua.exe -a C:\Users\Home\Desktop\AIBSYS-00235840-1040.EXE -d C:\Users\Home\Desktop
Task: {CEE0264D-9B56-4A14-944F-AFC50D1A5FD7} - System32\Tasks\{56593237-37C7-46D0-BF89-A4D6A0BEAF5A} => pcalua.exe -a C:\Users\Home\Downloads\SOAOTH-00263500-1040.EXE -d C:\Users\Home\Downloads
Task: {CF9F3988-F039-4FF8-88DA-B85DC474C894} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CFA3E47C-77F0-41DA-AD92-34B014C52604} - System32\Tasks\{CFDD93D1-9180-4823-9B43-C8C78AAEB25F} => pcalua.exe -a C:\Users\Home\Downloads\webvideocap_setup.exe -d C:\Users\Home\Downloads
Task: {D6FAB474-307F-4E32-B869-30CF99A541A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {D98D91B2-3F77-4B49-85C8-0D21569B5341} - System32\Tasks\{970BF166-E8B0-4224-8DD5-14AE6199E549} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2014-11-21] (Malwarebytes Corporation)
Task: {DB6151A6-D0FF-4DC7-B995-FC98F15ABAF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-18] (Google Inc.)
Task: {DC173FB0-637F-43AB-ADB5-3700F3511666} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {E09C8A3E-7BF8-47AD-8749-AE9081366C44} - System32\Tasks\{0822A7D8-A950-45C8-A276-970892D072B2} => pcalua.exe -a C:\Users\Home\Downloads\netpass_setup.exe -d C:\Users\Home\Downloads
Task: {E3780914-0528-43D2-9DD1-B38F8CC424D3} - System32\Tasks\{90361E4B-50CF-43D7-8095-DBF3C90B08E3} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {E4C507B0-ADFC-426A-9832-AE2BCB77A7C1} - System32\Tasks\{A1F784F7-C8AD-4AAF-A12B-51702A584B03} => pcalua.exe -a "C:\Users\Home\Downloads\RIDMSC-00203446-764 (1).EXE" -d C:\Users\Home\Downloads
Task: {E56BC4FC-7A47-483F-89EB-6623BB9BCA83} - System32\Tasks\{F2AE37F9-48D1-4E93-BC61-D9F7483221E4} => msiexec.exe /package "C:\Users\Home\Downloads\msxml6_ia64 (1).msi"
Task: {E5F5E760-E6A9-4748-8311-543983A50333} - System32\Tasks\{D6470D88-0505-43B6-BD46-D9D1B5E6F58B} => C:\Program Files (x86)\Quicken\qw.exe [2013-04-09] (Intuit Inc.)
Task: {E75261A8-C5E4-44B4-B144-1E57223EF63F} - System32\Tasks\{63BDAFB3-4E7F-46DD-9BB8-A091540C5890} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.64.107&amp;LastError=12002
Task: {EAA4DE7F-86E8-4AFF-9EC2-51C60CED631F} - System32\Tasks\{FFE5DA7A-0A1F-4CF5-9832-0756C5AC083C} => pcalua.exe -a C:\Users\Home\AppData\Local\Temp\GLFDF27\TROUBL~1.EXE -d C:\Users\Home\AppData\Local\Temp\GLFDF27
Task: {EEA94B79-B2A0-4287-BDC4-E59FE97F67DF} - System32\Tasks\{3F8D0152-2A27-4B1A-BCF2-4285493716B8} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {EEAB79B0-5C24-4CB7-9D0B-F28238AD39E8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F675E59C-B7AD-46B1-B0C1-1CE2AF1A5A2D} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-01-20] (Sony Corporation)
Task: {F7C76C1E-592B-4A96-B02C-ED19E323C711} - System32\Tasks\{BE57316D-EE7C-4364-A61A-CA31791D0F81} => C:\Users\Home\Downloads\Odin-v3-09\Odin3 v3.09.exe
Task: {FD87CE4B-9C2E-4F79-AFD4-57D84ECB5816} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON WF-3620 Series Invitation {198D5A39-E547-4F42-932E-095CAF48D1D6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\Windows\Tasks\EPSON WF-3620 Series Update {198D5A39-E547-4F42-932E-095CAF48D1D6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000Core.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2190783691-814972009-3028242154-1000UA.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-19 17:24 - 2014-07-02 10:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-28 21:02 - 2014-09-28 21:02 - 00646656 _____ () C:\Program Files (x86)\ClearApps\Network Inventory Advisor\piaservice.exe
2014-12-06 20:23 - 2014-12-06 20:23 - 01333760 _____ () C:\Program Files\ContentWatch\bin\libxml2.dll
2014-12-06 20:23 - 2014-12-06 20:23 - 00120320 _____ () C:\Program Files\ContentWatch\bin\curlpp.dll
2014-12-06 20:23 - 2014-12-06 20:22 - 00767144 _____ () C:\Program Files\ContentWatch\bin\db.dll
2014-12-06 20:23 - 2014-12-06 20:22 - 00468648 _____ () C:\Program Files\ContentWatch\bin\cp_activity_recorder.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 01920680 _____ () C:\Program Files\ContentWatch\bin\cp_advisor.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 00613544 _____ () C:\Program Files\ContentWatch\bin\encrypt_handler.plugin
2014-12-06 20:23 - 2014-12-06 20:22 - 00745128 _____ () C:\Program Files\ContentWatch\bin\web_handler.plugin
2014-08-18 17:17 - 2007-07-08 23:44 - 00501760 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMAPP.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-22 12:30 - 2011-02-25 16:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2014-04-22 12:30 - 2011-02-25 16:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-22 11:37 - 2014-12-22 11:37 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122201\algo.dll
2014-12-26 12:29 - 2014-12-26 12:29 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122601\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-21 13:27 - 2010-03-02 15:22 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-03-21 13:27 - 2010-03-02 15:22 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-08-18 17:17 - 2007-07-11 11:27 - 00400896 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQDEVCL.DLL
2014-08-18 17:17 - 2007-06-24 14:14 - 00029696 _____ () C:\Program Files (x86)\Tech\Tilt Mouse Software\4.1\ACQTMDLL.DLL
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-22 12:34 - 2014-12-22 12:34 - 00043008 _____ () c:\users\home\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqp7win.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-12-16 23:49 - 2014-12-16 23:49 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:058E79EB
AlternateDataStreams: C:\ProgramData\TEMP:44EAFCDF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10523712.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15078343.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10523712.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15078343.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CWDaemon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\narcpi_wfp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\narcpi_wfp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: MSiSCSI => 2
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

========================= Accounts: ==========================

Administrator (S-1-5-21-2190783691-814972009-3028242154-500 - Administrator - Disabled)
Guest (S-1-5-21-2190783691-814972009-3028242154-501 - Limited - Enabled) => C:\Users\Guest
Home (S-1-5-21-2190783691-814972009-3028242154-1000 - Administrator - Enabled) => C:\Users\Home

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2014 01:09:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x5064
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (12/26/2014 01:09:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x5b8c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8914662

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8914662

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17082

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17082

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 09:58:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16084

Error: (12/26/2014 09:58:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16084


System errors:
=============
Error: (12/24/2014 08:53:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VAIO Entertainment Common Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/23/2014 04:50:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {85DE1C45-2C66-101B-B02E-04021C009402}

Error: (12/22/2014 09:59:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/22/2014 00:27:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/22/2014 00:25:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The S*pyware P*rocess D*etector v3.23.2 service failed to start due to the following error:
%%1275

Error: (12/22/2014 00:25:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\Spyware Process Detector\spd323.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (12/22/2014 00:25:21 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (12/22/2014 00:25:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (12/22/2014 00:23:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (12/22/2014 00:23:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {60A90A2F-858D-42AF-8929-82BE9D99E8A1}


Microsoft Office Sessions:
=========================
Error: (12/26/2014 01:09:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425506401d0210befd6aa9aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll7ff13cc3-8d43-11e4-9dbd-f07bcbcdc614

Error: (12/26/2014 01:09:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d66480000003000014255b8c01d02102f8040f26C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll7d175e23-8d43-11e4-9dbd-f07bcbcdc614

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8914662

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8914662

Error: (12/26/2014 00:26:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17082

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17082

Error: (12/26/2014 09:58:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 09:58:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16084

Error: (12/26/2014 09:58:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16084


CodeIntegrity Errors:
===================================
  Date: 2014-12-22 12:25:24.888
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-22 12:25:24.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-21 00:22:16.463
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-21 00:22:16.413
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 16:04:32.645
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 16:04:32.598
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 14:43:19.476
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-20 14:43:19.444
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-18 23:54:12.476
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-18 23:54:12.429
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spyware Process Detector\spd323.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 52%
Total physical RAM: 6126.06 MB
Available physical RAM: 2931.93 MB
Total Pagefile: 12250.3 MB
Available Pagefile: 7268.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:558.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 392A8E47)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 27 December 2014 - 04:46 AM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 28 December 2014 - 03:59 PM

1. # AdwCleaner v4.106 - Report created 28/12/2014 at 12:47:43
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Home - HOME-PC
# Running from : C:\Users\Home\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\1iihkp8g.default\searchplugins\web-search.xml
File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [1139 octets] - [17/12/2014 11:46:24]
AdwCleaner[R1].txt - [3145 octets] - [17/12/2014 13:55:07]
AdwCleaner[R2].txt - [975 octets] - [20/12/2014 15:57:21]
AdwCleaner[R3].txt - [1342 octets] - [28/12/2014 12:11:17]
AdwCleaner[S0].txt - [3184 octets] - [17/12/2014 13:59:23]
AdwCleaner[S1].txt - [1035 octets] - [20/12/2014 16:02:04]
AdwCleaner[S2].txt - [1267 octets] - [28/12/2014 12:47:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1327 octets] ##########
 



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 28 December 2014 - 04:24 PM

I'm waiting for the other logs.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 mbienert

mbienert
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:13 PM

Posted 28 December 2014 - 07:11 PM

Yes, me too. I started the second scan after I submitted the first one, but it is still scanning.

#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:13 PM

Posted 29 December 2014 - 06:24 AM

OK, I'm waiting.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users