Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Various programs stop responding / Computer very slow


  • This topic is locked This topic is locked
13 replies to this topic

#1 SysFix

SysFix

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 05 January 2015 - 11:30 AM

Several weeks ago I had similar issues and I ran an ESET online scan, and it found several viruses and lots of infections. I removed the infected files manually from the ESET list, and after that my computer had been running fine. 

Several days ago, my problems came back. Even when I simply open windows Explorer to navigate to a file, my computer freezes up. However, everything is running great in Safe Mode.

 

I could really use some help sorting this out.

Thank you so much!

 

Pasted below is the DDS.txt text.

Even after I zipped the Attach.txt, the file was 5.71 kb, and I could not upload it here.

 

By the way, I ran DDS in Safe Mode, does that make a difference?

 

///////

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 11.25.2
Run by Stu at 10:10:30 on 2015-01-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5610.4070 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
uRun: [AdobeBridge] <no file>
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [WTClient] WTClient.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Stu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D}\34A4D4D27457563747 : DHCPNameServer = 10.10.11.1 10.10.11.2
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D}\375707D6B64776 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D}\641657C647C696E6563547574696F637 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D}\641657C647C696E656F53547574696F6F514 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{3C2EF77F-1D54-4141-A6A0-F0ACA534135D}\D4F6373756270284F64756C6 : DHCPNameServer = 192.168.1.100
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B}\055726C696360275966496 : DHCPNameServer = 192.168.3.120
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B}\16C64656E67457563747 : DHCPNameServer = 75.75.75.75 4.2.2.2
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B}\24F6C647265737F503833353 : DHCPNameServer = 10.0.0.1 10.0.0.1
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B}\84F4D454D264836323 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{63AE822D-759F-494A-92C0-3606D4C7469B}\E4F62747863586F627560274575637470275966496 : DHCPNameServer = 209.244.0.3 129.250.35.250 8.8.8.8
TCP: Interfaces\{6A50D7C4-A771-4D10-8425-E4F0B5538A06} : DHCPNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\0484F6D65623246314 : DHCPNameServer = 192.168.1.1 0.0.0.0 0.0.0.0
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\052796E6365647F6E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\9446F67716B6F6471613 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\C65637C65697F526561636F6E6 : DHCPNameServer = 205.172.20.32 63.251.129.1 63.251.129.33
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\C65637C65697F577962756C6563737 : DHCPNameServer = 205.172.20.32 63.251.129.1 63.251.129.33
TCP: Interfaces\{7505A5DD-0B0F-4EB1-AF6D-F63C67F416B4}\E65637969716 : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: {1B535ECC-5EF2-0A24-EE1E-5149912549EF} - <orphaned>
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Stu\AppData\Roaming\Mozilla\Firefox\Profiles\4brblwfi.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\Users\Stu\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Stu\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\Stu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Stu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Stu\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-6-1 56208]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-8-16 84096]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-4-2 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-8-16 188032]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-18 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-18 13080]
R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2014-6-12 32576]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-2 428136]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-8-21 878696]
S0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-12-21 65776]
S0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-12-21 267632]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2012-5-29 1050432]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-29 436624]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-12-20 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
S2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-12-21 29208]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-29 83280]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-12-21 116728]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-21 50344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-25 168448]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-25 131072]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-10-6 152640]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2013-9-20 654400]
S2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-10-6 144560]
S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]
S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-2 2413056]
S2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2013-10-14 14952]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 DroidCam;DroidCam Virtual Audio;C:\Windows\System32\drivers\droidcam.sys [2014-12-9 33080]
S3 DroidCamVideo;DroidCam Source 3;C:\Windows\System32\drivers\droidcamvideo.sys [2014-12-9 228408]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-2-9 1471352]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2011-8-16 182272]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2011-8-16 58880]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-3-7 13728]
S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2014-9-30 115272]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-8-16 91648]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-8-16 208896]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2014-6-12 22336]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-2 338536]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187B.sys [2010-3-31 450048]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\Windows\System32\drivers\tascusb2.sys [2012-12-27 419160]
S3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;C:\Windows\System32\drivers\tscusb2m.sys [2012-12-27 31576]
S3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;C:\Windows\System32\drivers\tscusb2a.sys [2012-12-27 53080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 usbcamcl;Driver for video Device;C:\Windows\System32\drivers\usbcamcl.sys [2014-12-16 54216]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-3-7 81824]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-3-7 15776]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-31 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2015-01-04 00:06:08 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D4843AF-2E12-400D-BC86-911FA5750370}\offreg.dll
2015-01-04 00:03:42 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D4843AF-2E12-400D-BC86-911FA5750370}\mpengine.dll
2014-12-29 21:32:29 -------- d-----w- C:\Users\Stu\AppData\Local\{EC52DB4A-DD61-44AB-8415-A1C786697FA6}
2014-12-23 00:31:14 -------- d-----w- C:\Users\Stu\AppData\Local\{86A1E999-8DBE-444C-B1EA-C81064C9EE69}
2014-12-22 03:42:35 -------- d-----w- C:\Users\Stu\AppData\Roaming\AVAST Software
2014-12-22 03:26:03 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-12-22 03:26:03 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-12-22 03:25:54 43152 ----a-w- C:\Windows\avastSS.scr
2014-12-22 03:21:48 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-12-22 03:21:48 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-12-16 15:44:36 54216 ------r- C:\Windows\System32\drivers\usbcamcl.sys
2014-12-16 15:44:36 38472 ------r- C:\Windows\System32\drivers\usbDecode.sys
2014-12-16 15:44:28 8672840 ------r- C:\Windows\System32\drivers\PictureDll.sys
2014-12-16 15:44:28 14408 ------r- C:\Windows\System32\drivers\FilterDll.sys
2014-12-16 15:44:27 381512 ------r- C:\Windows\System32\drivers\FaceDll.sys
2014-12-16 15:44:12 420240 ----a-w- C:\Windows\SysWow64\mpg4c32.dll
2014-12-12 01:47:17 -------- d-----w- C:\Program Files (x86)\FlashDevelop
2014-12-11 01:34:50 -------- d-----w- C:\Users\Stu\AppData\Local\gtk-2.0
2014-12-10 14:45:19 -------- d-----w- C:\ProgramData\NTIReg
2014-12-10 14:45:19 -------- d-----w- C:\ProgramData\BackupNowEZ
2014-12-10 14:45:01 -------- d-----w- C:\Windows\SysWow64\drivers\nti\Xp_x86
2014-12-10 14:45:01 -------- d-----w- C:\Windows\SysWow64\drivers\nti\w2k_x86
2014-12-10 14:45:01 -------- d-----w- C:\Windows\SysWow64\drivers\nti\Vista_x86
2014-12-10 14:45:00 -------- d-----w- C:\Windows\SysWow64\drivers\nti\Vista_ia64
2014-12-10 14:45:00 -------- d-----w- C:\Windows\SysWow64\drivers\nti\Vista_amd64
2014-12-10 14:45:00 -------- d-----w- C:\Windows\SysWow64\drivers\nti\2003_x86
2014-12-10 14:45:00 -------- d-----w- C:\Windows\SysWow64\drivers\nti\2003_ia64
2014-12-10 14:45:00 -------- d-----w- C:\Windows\SysWow64\drivers\nti\2003_amd64
2014-12-10 14:44:41 -------- d-----w- C:\Windows\SysWow64\drivers\nti
2014-12-10 14:44:41 -------- d-----w- C:\Program Files (x86)\NTI
2014-12-10 14:43:14 -------- d-----w- C:\Windows\Downloaded Installations
2014-12-09 22:52:21 228408 ----a-w- C:\Windows\System32\drivers\droidcamvideo.sys
2014-12-09 22:52:19 33080 ----a-w- C:\Windows\System32\drivers\droidcam.sys
2014-12-09 22:52:19 -------- d-----w- C:\Program Files (x86)\DroidCam
.
==================== Find3M  ====================
.
2014-12-22 04:05:42 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-12-22 03:59:31 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-22 03:25:54 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-12-22 03:25:54 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-11-24 19:04:56 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-27 22:52:59 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-07-04 02:07:26 1110476 ----a-w- C:\Program Files (x86)\7z920.exe
2014-05-05 23:58:36 183158296 ----a-w- C:\Program Files (x86)\DNGConverter_8_4.exe
2014-04-23 18:46:39 20985237 ----a-w- C:\Program Files (x86)\GameSalad-Creator-Setup.exe
2014-04-23 17:44:24 78417970 ----a-w- C:\Program Files (x86)\Stencyl-full.exe
.
============= FINISH: 10:12:13.09 ===============
 


BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 06 January 2015 - 04:58 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 06 January 2015 - 12:37 PM

Hi Marius,

 

THANK YOU so much for helping!

 

Below are the contents of the FRST, Addition, and GMER text files.

And I have attached the TDSSKILLER file, like you asked.

 

Thanks again!

 

/////////// FRST SCAN /////////////////////

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Stu (administrator) on STULAPTOP on 06-01-2015 10:54:58
Running from C:\Users\Stu\Downloads
Loaded Profile: Stu (Available profiles: Stu)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-21] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_168_Plugin.exe [701296 2013-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\MountPoints2: {88448502-ac26-11e1-a1e8-082e5f98b798} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\MountPoints2: {8a5319b2-8ca9-11e2-a0e9-082e5f98b798} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {BD064C72-0895-4276-BCF4-C91948818236} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {BD064C72-0895-4276-BCF4-C91948818236} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> URL http://search.conduit.com/Results.aspx?ctid=CT3320047&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP344037CA-1F97-4364-BB1A-0E34B843B713&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> {3A790DFC-603E-4747-A5D5-060209424900} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=A00D6EF2-61C5-455E-8097-E0C54F3312F9&apn_sauid=D0925E81-B73E-47D7-A3C8-01C6A15187C4
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> {BD064C72-0895-4276-BCF4-C91948818236} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: No Name -> {1B535ECC-5EF2-0A24-EE1E-5149912549EF} ->  No File
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Stu\AppData\Roaming\Mozilla\Firefox\Profiles\4brblwfi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Stu\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Stu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @talk.google.com/O1DPlugin -> C:\Users\Stu\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Stu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3972263147-2679693030-1763710178-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Stu\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Stu\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-29]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.lesley.edu/aib/", "hxxp://websearch.exitingsearch.info/?pid=1481&r=2014/03/18&hid=12491864546060426420&lg=EN&cc=US&unqvl=50"
CHR Profile: C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2012-05-29]
CHR Extension: (Aviary Audio Editor) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajiijeebjcmkhdplmollbjpljcnelfhn [2012-05-29]
CHR Extension: (Angry Birds) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-05-29]
CHR Extension: (Theme Creator) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2012-05-29]
CHR Extension: (Google Drive) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-05-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-29]
CHR Extension: (Advanced Font Settings) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2014-05-24]
CHR Extension: (Google Search) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-29]
CHR Extension: (Heroes & Generals) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-06-02]
CHR Extension: (AdBlock) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-21]
CHR Extension: (Plypp Piano) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hofckkgpnnjabffkjemconojemcibifh [2012-05-29]
CHR Extension: (Apple Shooter) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingecjekeggadjbbklelffkgeppklgnm [2012-05-29]
CHR Extension: (Page Ruler) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2012-10-23]
CHR Extension: (Window Resizer) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2012-11-14]
CHR Extension: (Poppit!) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2012-05-29]
CHR Extension: (Google Wallet) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (ColorPick Eyedropper) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2012-10-10]
CHR Extension: (Gmail) - C:\Users\Stu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-29]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-05-01] (SEIKO EPSON CORPORATION)
S4 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S4 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33080 2014-12-09] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [228408 2014-12-09] (Dev47Apps)
S3 FLxHCIh; C:\Windows\system32\DRIVERS\FLxHCIh.sys [58880 2011-06-14] (Fresco Logic)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [419160 2012-12-27] (TASCAM)
S3 TASCAM_US122L_MK2_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [31576 2012-12-27] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\System32\drivers\tscusb2a.sys [53080 2012-12-27] (TASCAM)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [54216 2009-10-31] (usb camera)
S3 ALSysIO; \??\C:\Users\Stu\AppData\Local\Temp\ALSysIO64.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 10:53 - 2015-01-06 10:54 - 00038723 _____ () C:\Users\Stu\Downloads\Addition.txt
2015-01-06 10:52 - 2015-01-06 10:54 - 00024931 _____ () C:\Users\Stu\Downloads\FRST.txt
2015-01-06 10:51 - 2015-01-06 10:54 - 00000000 ____D () C:\FRST
2015-01-06 10:51 - 2015-01-06 10:51 - 02123776 _____ (Farbar) C:\Users\Stu\Downloads\FRST64.exe
2015-01-06 10:15 - 2015-01-06 10:15 - 00000000 ____D () C:\Users\Stu\AppData\Local\Macromedia
2015-01-05 11:37 - 2015-01-05 11:37 - 00000000 ____D () C:\Windows\pss
2015-01-05 10:12 - 2015-01-05 10:12 - 00027010 _____ () C:\Users\Stu\Desktop\dds.txt
2015-01-05 10:12 - 2015-01-05 10:12 - 00018217 _____ () C:\Users\Stu\Desktop\attach.txt
2015-01-05 10:10 - 2015-01-05 10:10 - 00688992 ____R (Swearware) C:\Users\Stu\Downloads\dds.com
2015-01-04 14:06 - 2015-01-04 14:06 - 03007700 _____ () C:\Users\Stu\Downloads\revouninstaller.zip
2015-01-04 12:27 - 2015-01-04 12:28 - 00088083 _____ () C:\Users\Stu\Downloads\4B01.tmp
2014-12-31 21:05 - 2014-12-31 21:05 - 00810295 _____ () C:\Users\Stu\Downloads\fonts (5).zip
2014-12-31 21:05 - 2014-12-31 21:05 - 00000000 ____D () C:\Users\Stu\Downloads\fonts (5)
2014-12-31 20:58 - 2014-12-31 20:58 - 00000000 ____D () C:\Users\Stu\Downloads\fonts (4)
2014-12-31 20:57 - 2014-12-31 20:58 - 00085298 _____ () C:\Users\Stu\Downloads\fonts (4).zip
2014-12-30 13:46 - 2014-12-30 13:46 - 00000218 _____ () C:\Users\Stu\.recently-used.xbel
2014-12-29 15:32 - 2014-12-29 15:32 - 00000000 ____D () C:\Users\Stu\AppData\Local\{EC52DB4A-DD61-44AB-8415-A1C786697FA6}
2014-12-25 14:02 - 2014-12-25 14:02 - 00000000 ____D () C:\Users\Stu\Downloads\loadsaveboneanim1293997874
2014-12-25 14:01 - 2014-12-25 14:01 - 00003865 _____ () C:\Users\Stu\Downloads\loadsaveboneanim1293997874.zip
2014-12-25 09:05 - 2014-12-25 09:06 - 39565896 _____ (Amazon) C:\Users\Stu\Downloads\AmazonMusicInstaller.exe
2014-12-25 09:05 - 2014-12-25 09:05 - 00011274 _____ () C:\Users\Stu\Downloads\Amazon-MP3-1419523510.amz
2014-12-24 12:37 - 2014-12-24 12:37 - 00000530 _____ () C:\Users\Stu\Downloads\url (1).htm
2014-12-24 11:21 - 2014-12-24 11:28 - 00000000 ____D () C:\Users\Stu\AppData\Local\Mozilla
2014-12-24 11:21 - 2014-12-24 11:21 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-24 11:21 - 2014-12-24 11:21 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-24 11:21 - 2014-12-24 11:21 - 00001151 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2014-12-24 11:21 - 2014-12-24 11:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-24 11:21 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-24 11:21 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-24 11:18 - 2014-12-24 11:18 - 00244104 _____ () C:\Users\Stu\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-23 15:13 - 2014-12-29 16:09 - 00000000 ____D () C:\Users\Stu\Documents\_StuWebsite2
2014-12-22 18:59 - 2014-12-28 22:06 - 04753716 _____ () C:\Users\Stu\Documents\StuSelfPortrait2015.ai
2014-12-22 18:31 - 2014-12-22 18:31 - 00000000 ____D () C:\Users\Stu\AppData\Local\{86A1E999-8DBE-444C-B1EA-C81064C9EE69}
2014-12-21 21:57 - 2014-12-21 21:57 - 00638888 _____ (Oracle Corporation) C:\Users\Stu\Downloads\chromeinstall-8u25.exe
2014-12-21 21:42 - 2014-12-21 21:42 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\AVAST Software
2014-12-21 21:26 - 2014-12-21 21:26 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-21 21:26 - 2014-12-21 21:26 - 00001964 _____ () C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2014-12-21 21:26 - 2014-12-21 21:25 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-21 21:26 - 2014-12-21 21:25 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-21 21:25 - 2014-12-21 21:25 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-21 21:25 - 2014-12-21 21:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-21 21:21 - 2014-12-21 21:25 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-21 21:21 - 2014-12-21 21:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-21 18:49 - 2014-12-21 18:49 - 00032377 _____ () C:\Users\Stu\Documents\EsetThreats-12-21-14.txt
2014-12-17 15:10 - 2014-12-17 15:10 - 00110060 _____ () C:\Users\Stu\Downloads\DoubleFeature20.ttf
2014-12-17 14:34 - 2014-12-17 15:18 - 02610975 _____ () C:\Users\Stu\Documents\RockyAudrey1.ai
2014-12-17 14:33 - 2014-12-17 14:33 - 00000000 ____D () C:\Users\Stu\Downloads\WA_8_VintageBorderBrushes
2014-12-17 14:32 - 2014-12-17 14:32 - 00372126 _____ () C:\Users\Stu\Downloads\WA_8_VintageBorderBrushes.zip
2014-12-17 14:31 - 2014-12-17 14:31 - 09013418 _____ () C:\Users\Stu\Downloads\Lace_trimmings_by_reb70.abr
2014-12-16 09:44 - 2015-01-04 12:44 - 00000008 _____ () C:\Windows\SysWOW64\camera.ini
2014-12-16 09:44 - 2009-10-31 00:53 - 08672840 ____R (ark) C:\Windows\system32\Drivers\PictureDll.sys
2014-12-16 09:44 - 2009-10-31 00:53 - 00054216 ____R (usb camera) C:\Windows\system32\Drivers\usbcamcl.sys
2014-12-16 09:44 - 2009-04-21 20:54 - 00381512 ____R (ark) C:\Windows\system32\Drivers\FaceDll.sys
2014-12-16 09:44 - 2009-04-21 20:54 - 00014408 ____R (ark) C:\Windows\system32\Drivers\FilterDll.sys
2014-12-16 09:44 - 2009-04-21 20:53 - 00038472 ____R (usb camera) C:\Windows\system32\Drivers\usbDecode.sys
2014-12-16 09:44 - 2001-05-11 12:18 - 00420240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2014-12-14 21:18 - 2015-01-06 10:47 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForStu
2014-12-14 21:18 - 2015-01-06 10:47 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForStu.job
2014-12-11 19:47 - 2014-12-11 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashDevelop
2014-12-11 19:47 - 2014-12-11 19:47 - 00000000 ____D () C:\Program Files (x86)\FlashDevelop
2014-12-11 15:37 - 2014-12-11 15:39 - 31284193 _____ (FlashDevelop.org) C:\Users\Stu\Downloads\FlashDevelop-4.6.4.exe
2014-12-10 20:41 - 2014-12-10 20:42 - 00000000 ____D () C:\Users\Stu\Documents\WilGame
2014-12-10 20:21 - 2014-12-10 20:21 - 00000819 _____ () C:\Users\Stu\AppData\Local\recently-used.xbel
2014-12-10 19:34 - 2014-12-10 19:34 - 00000000 ____D () C:\Users\Stu\AppData\Local\gtk-2.0
2014-12-10 08:45 - 2015-01-04 12:46 - 00000000 ____D () C:\ProgramData\BackupNowEZ
2014-12-10 08:45 - 2014-12-10 08:45 - 00000000 ____D () C:\ProgramData\NTIReg
2014-12-10 08:44 - 2015-01-04 12:48 - 00000000 ____D () C:\Program Files (x86)\NTI
2014-12-10 08:44 - 2014-12-10 08:45 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\nti
2014-12-10 08:43 - 2014-12-10 08:43 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-12-09 17:06 - 2014-12-11 11:00 - 00000029 _____ () C:\ProgramData\droidcam-settings
2014-12-09 17:01 - 2014-12-09 17:01 - 00001026 _____ () C:\Users\Stu\Desktop\DroidCamApp.lnk
2014-12-09 17:01 - 2014-12-09 17:01 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2014-12-09 16:52 - 2014-12-09 17:01 - 00000000 ____D () C:\Program Files (x86)\DroidCam
2014-12-09 16:52 - 2014-12-09 16:52 - 00228408 _____ (Dev47Apps) C:\Windows\system32\Drivers\droidcamvideo.sys
2014-12-09 16:52 - 2014-12-09 16:52 - 00033080 _____ (Dev47Apps) C:\Windows\system32\Drivers\droidcam.sys
2014-12-09 16:52 - 2014-12-09 16:52 - 00000000 ____D () C:\Users\Stu\Downloads\DroidCam.Client.5.0
2014-12-09 16:51 - 2014-12-09 16:51 - 00867666 _____ () C:\Users\Stu\Downloads\DroidCam.Client.5.0.zip
2014-12-08 22:05 - 2014-12-13 20:49 - 00000000 ____D () C:\Users\Stu\Documents\WIL_gift
2014-12-07 14:18 - 2015-01-05 19:14 - 00000000 ____D () C:\Users\Stu\Documents\ConceptAnimatic

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 10:54 - 2012-06-05 12:26 - 00000000 ____D () C:\Users\Stu\AppData\Local\CrashDumps
2015-01-06 10:49 - 2009-07-13 23:13 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 10:45 - 2013-02-07 09:41 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job
2015-01-06 10:35 - 2013-10-06 22:35 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-410 Series Update {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job
2015-01-06 10:35 - 2013-10-06 22:35 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-410 Series Invitation {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job
2015-01-06 10:35 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-06 09:56 - 2012-05-29 19:36 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 09:53 - 2009-07-13 22:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 09:53 - 2009-07-13 22:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 09:49 - 2012-04-02 06:05 - 01802819 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 09:45 - 2012-05-29 19:36 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 09:45 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 09:45 - 2009-07-13 22:51 - 00129721 _____ () C:\Windows\setupact.log
2015-01-06 09:30 - 2012-12-17 23:25 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job
2015-01-06 03:55 - 2012-06-10 11:04 - 00000000 ____D () C:\Users\Stu\AppData\Local\Adobe
2015-01-06 00:30 - 2012-12-17 23:25 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job
2015-01-05 21:52 - 2012-06-01 14:17 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Skype
2015-01-05 20:45 - 2013-02-07 09:41 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job
2015-01-05 20:21 - 2012-05-29 18:28 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B7072A4-6EC8-41BC-9E14-1C9A66C13051}
2015-01-05 09:52 - 2013-10-01 20:21 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Spotify
2015-01-04 16:57 - 2012-08-06 19:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-04 15:57 - 2010-11-20 21:47 - 00962684 _____ () C:\Windows\PFRO.log
2015-01-04 14:24 - 2013-02-27 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam
2015-01-04 14:19 - 2012-10-29 17:31 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\ChaosPro 4.0
2015-01-04 14:09 - 2012-09-15 07:52 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\uTorrent
2015-01-04 14:01 - 2012-06-06 23:05 - 00000000 ____D () C:\Users\Stu\AppData\Local\Windows Live
2015-01-04 12:49 - 2011-11-09 13:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-04 12:40 - 2012-12-31 09:39 - 00002259 _____ () C:\Windows\wininit.ini
2015-01-04 12:40 - 2012-09-12 15:32 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Dropbox
2015-01-04 12:33 - 2012-09-12 15:35 - 00000000 ___RD () C:\Users\Stu\Dropbox
2015-01-02 11:29 - 2014-05-20 22:22 - 00000000 ____D () C:\Users\Stu\Documents\Machlokes
2015-01-01 21:47 - 2012-05-29 18:18 - 00000000 ____D () C:\Users\Stu
2015-01-01 19:45 - 2012-06-17 18:37 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-01 19:45 - 2012-05-31 20:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-01 10:28 - 2012-05-29 18:33 - 00307864 _____ () C:\Users\Stu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-31 21:27 - 2009-07-13 22:45 - 07418272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 13:37 - 2013-02-17 16:38 - 00027648 ___SH () C:\Users\Stu\Thumbs.db
2014-12-29 18:57 - 2014-09-28 13:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-29 18:57 - 2011-11-09 13:04 - 00000000 ____D () C:\ProgramData\Skype
2014-12-25 20:31 - 2014-05-30 11:14 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\vlc
2014-12-25 19:56 - 2014-07-23 09:24 - 00000000 ____D () C:\Users\Stu\Documents\_ELI_talkCLIP
2014-12-25 19:52 - 2013-11-05 18:56 - 00000000 ___HD () C:\Users\Stu\AppData\Local\ykrU6oryU
2014-12-25 19:52 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-25 13:27 - 2013-10-01 20:23 - 00000000 ____D () C:\Users\Stu\AppData\Local\Spotify
2014-12-25 10:07 - 2014-09-14 20:44 - 00000000 ____D () C:\Users\Stu\Documents\_MAGIC_vid
2014-12-24 20:48 - 2014-09-14 09:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-21 22:05 - 2012-05-29 19:36 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-21 21:59 - 2014-08-04 22:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 21:59 - 2013-11-03 16:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-21 21:58 - 2013-03-06 18:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-21 21:25 - 2012-05-29 19:36 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-21 21:25 - 2012-05-29 19:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-21 21:25 - 2012-05-29 19:36 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-21 21:22 - 2012-05-29 19:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-21 21:21 - 2012-05-29 19:36 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-12-21 20:46 - 2012-05-29 19:36 - 00000000 ____D () C:\Users\Stu\AppData\Local\Google
2014-12-21 20:34 - 2014-03-18 15:31 - 00000000 ____D () C:\Users\HomeGroupUser$-removed\AppData\Local\Google-removed
2014-12-21 20:26 - 2014-03-18 15:31 - 00000000 ____D () C:\Users\Guest-removed\AppData\Local\Google-removed
2014-12-21 20:17 - 2014-03-18 15:31 - 00000000 ____D () C:\Users\Administrator-removed\AppData\Local\Google-removed
2014-12-20 15:06 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-16 20:31 - 2014-09-14 09:28 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-15 18:06 - 2014-11-10 20:12 - 00000000 ____D () C:\Users\Stu\Documents\IndieGames_Unity
2014-12-15 17:54 - 2014-11-12 18:14 - 00000000 ____D () C:\ProgramData\Unity
2014-12-14 21:16 - 2012-06-01 16:07 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Audacity
2014-12-14 10:50 - 2014-11-16 00:19 - 00000000 ____D () C:\Users\Stu\Documents\ExploratoryDrawing
2014-12-12 07:58 - 2012-05-29 19:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:58 - 2012-05-29 19:39 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-12-11 15:04 - 2009-07-13 23:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-08 09:19 - 2013-01-14 17:58 - 00000000 ____D () C:\Users\Stu\Documents\Animation Collection

Some content of TEMP:
====================
C:\Users\Stu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq8vvhq.dll
C:\Users\Stu\AppData\Local\Temp\l75hzjam.dll
C:\Users\Stu\AppData\Local\Temp\p8wep0wm.dll
C:\Users\Stu\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 23:53

==================== End Of Log ============================

/////////// ADDITION.TXT/////////

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Stu at 2015-01-06 10:53:52
Running from C:\Users\Stu\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510af_Help_Web (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_web (x32 Version: 000.0.425.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b204 - Acoustica)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems Inc.)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Amazing Slider version 4.7 (HKLM-x32\...\{40669B0F-B27F-4CE9-9918-B1B1E81A4034}_is1) (Version: 4.7 - Magic Hills Pty Ltd)
Amazon Kindle (HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Anime Studio Pro 10.1.1 (HKLM\...\ASP1011_is1) (Version: 10.1.1 - Smith Micro Software, Inc.)
Anime Studio Pro 6.2 (HKLM-x32\...\Anime Studio Pro_is1) (Version: 6.2 - Smith Micro Software, Inc.)
Anime Studio Pro 9.1 (x86) (HKLM-x32\...\ASP910_is1) (Version: 9.1 - Smith Micro Software, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AS3 Sorcerer (HKLM-x32\...\{E8ACC4F4-D1E9-4EB7-AD3D-43ADB5B24A35}_is1) (Version: 2.98 - Manitu Group)
Asus 802.11n Network Adapter (HKLM-x32\...\InstallShield_{22EA200E-F498-43DF-BCF7-21317D17F786}) (Version: 1.0.0.14 - ASUSTeK)
Asus 802.11n Network Adapter (x32 Version: 1.0.0.14 - ASUSTeK) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Construct 2 r114 (HKLM\...\Construct 2_is1) (Version: 1.0.114.0 - Scirra)
Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version:  - Corel Corporation)
Corel Painter Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doubleTwist Sync (HKLM-x32\...\doubleTwist) (Version: 4.0.2.18828 - doubleTwist Corporation)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Endless War 6 Free Trial (HKLM-x32\...\Endless War 6 Free Trial_is1) (Version:  - Vitaly Zaborov)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON NX230 Series Printer Uninstall (HKLM\...\EPSON NX230 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-410 User's Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-410 User's Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlashDevelop (HKLM-x32\...\FlashDevelop) (Version: 4.6.4 - FlashDevelop.org)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.3.1.606 - Foxit Corporation)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 4.70 - Philipp Winterberg)
Free Video to JPG Converter version 5.0.18.1005 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.)
GameSalad Creator (HKLM-x32\...\{42C1A82C-0F7D-4B3E-AEA5-2BD75A5DF390}) (Version: 0.10.4.1 - GameSalad)
Girls Like Robots (HKLM-x32\...\Steam App 263460) (Version:  - Popcannibal)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Officejet 4500 G510a-f (HKLM\...\{1EB2596D-80B0-4D55-AC31-6FCFE757081E}) (Version: 13.0 - HP)
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Help (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Intel XDK (HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\ARP_for_prd_xdk_0.0.876) (Version: 0.0.876 - Intel Corporation)
iTunes (HKLM\...\{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}) (Version: 11.0.0.163 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.5.0.0 - Lightworks)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Mall Tycoon (HKLM-x32\...\Mall Tycoon) (Version:  - )
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{8057481C-0CFC-43BB-8EEC-C6A0E1C82E19}) (Version: 13.0.1.0 - mental ray)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mixxx 1.10.1 (HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\Mixxx (1.10.1)) (Version: 1.10.1 - The Mixxx Team)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NaturalReaderFree (HKLM-x32\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11.5 - NaturalSoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.2 - )
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Papagayo 1.2 (HKLM-x32\...\Papagayo_is1) (Version:  - Lost Marble)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version:  - )
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Snood 4 (HKLM-x32\...\Snood 4_is1) (Version:  - Word of Mouse Games)
Software Updater (HKLM-x32\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
ssafewEb (HKLM-x32\...\{497C131E-2032-051B-B32A-C69A960FBB13}) (Version: 4.3.0.1667 - saFeeweeb) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Tablet Driver V7.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Toon Boom Studio 7.1 (HKLM-x32\...\{4FD41AC6-6559-40C2-BAC2-C88BB1A004E1}) (Version:  - Toon Boom Animation Inc.)
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
Type light 3.2.022 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 022 - CR8 Software Solutions)
Unity (HKLM-x32\...\Unity) (Version: 4.5.5f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3972263147-2679693030-1763710178-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version:  - )
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}) (Version: 25.0.2012.5 - BillP Studios)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.1.3 (HKLM-x32\...\winscp3_is1) (Version: 5.1.3 - Martin Prikryl)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stu\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3972263147-2679693030-1763710178-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Stu\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

04-01-2015 12:44:20 Removed WEBCAM Driver
04-01-2015 12:46:24 Configured NTI Backup Now EZ
04-01-2015 14:09:09 Revo Uninstaller's restore point - µTorrent
04-01-2015 14:14:32 Revo Uninstaller's restore point - Heroes & Generals
04-01-2015 14:17:44 Revo Uninstaller's restore point - ChaosPro
04-01-2015 14:20:07 Revo Uninstaller's restore point - WOW Slider
04-01-2015 14:22:31 Revo Uninstaller's restore point - MonkeyJam 3_050529
04-01-2015 14:25:15 Revo Uninstaller's restore point - Haali Media Splitter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {060F49AC-3109-4E9E-B4A7-234D8A4C7A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {1635D00D-A21F-4016-A0C1-F2951AD6FE5C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA => C:\Users\Stu\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-17] (Facebook Inc.)
Task: {16537468-D2A9-4732-9831-E03DA42C3A3C} - System32\Tasks\AdobeAAMUpdater-1.0-StuLaptop-Stu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {32D8D69C-4B1E-467B-85FD-3E876542FCD8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core => C:\Users\Stu\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-17] (Facebook Inc.)
Task: {47F77BB4-23C0-4290-AF95-94982B0072C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH36L121GX05XP => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {4E4B832C-376A-4EB0-B1BF-D7879F750971} - System32\Tasks\{384D783A-CAB3-4031-9547-46C5AB2C96BE} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {80CA0A57-8FF8-4F64-BD74-A8D678778A0F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA => C:\Users\Stu\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {817B9673-B226-4FC2-8AED-4EC334A63640} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {9D26823D-598D-4406-8B0C-A1185EC2F769} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {9D292114-B02F-4A41-AF2D-D2B9C52A886D} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BADB16C5-AB92-4A38-B84D-0AAC56895557} - System32\Tasks\EPSON XP-410 Series Update {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-05-01] (SEIKO EPSON CORPORATION)
Task: {C07A33D2-8237-4D32-9EC2-220288E7802F} - System32\Tasks\EPSON XP-410 Series Invitation {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE [2013-05-01] (SEIKO EPSON CORPORATION)
Task: {C85A1D2D-FB60-4AAB-ADEA-56BEBCF060DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core => C:\Users\Stu\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {D4EFF2F0-DDE0-4853-B79B-4096BB2B1407} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {E9AA86C0-5002-473A-9BC7-1592DE037045} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EE9D87BB-E151-425C-B31D-6C5A667F4B47} - System32\Tasks\HPCeeScheduleForStu => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F2049B53-6B0F-401F-ACAB-5CAAB7DC31A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {FC56D644-9EF6-425B-91C5-3DA6DF6DC385} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {FEE6DEE7-AEC1-47A3-A434-15D31FA8CD3E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-21] (AVAST Software)
Task: C:\Windows\Tasks\EPSON XP-410 Series Invitation {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\EPSON XP-410 Series Update {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLAE.EXE
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job => C:\Users\Stu\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job => C:\Users\Stu\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job => C:\Users\Stu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job => C:\Users\Stu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForStu.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-06-06 10:44 - 2012-10-04 17:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-09-28 07:19 - 2011-09-28 07:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-05 20:20 - 2015-01-05 20:20 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll
2015-01-06 09:47 - 2015-01-06 09:47 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010600\algo.dll
2014-12-21 21:25 - 2014-12-21 21:25 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-29 23:32 - 2014-11-29 23:32 - 00151552 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2014-11-29 23:38 - 2014-11-29 23:38 - 00077824 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2014-11-30 13:48 - 2014-11-30 13:48 - 00086016 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2012-11-29 15:59 - 2012-11-29 15:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-12-12 07:58 - 2014-12-05 19:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 07:58 - 2014-12-05 19:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 07:58 - 2014-12-05 19:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 07:58 - 2014-12-05 19:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\System:8EC5lhIbtFhIQW6etLqtF
AlternateDataStreams: C:\ProgramData\Microsoft:e9HlVq40c2STma4g8yARZm
AlternateDataStreams: C:\ProgramData\Microsoft:KQL7ZK0bgJy3vPyJ1to6v
AlternateDataStreams: C:\ProgramData\Microsoft:o6HPj6T7fE461ByohMDnvdWnjPZxh0
AlternateDataStreams: C:\ProgramData\Microsoft:QkVSg5VlYBaysl0BhVhbmdAzLz
AlternateDataStreams: C:\Users\Stu\Cookies:vyPpak0XT4XFoyVYq3coQXTr50
AlternateDataStreams: C:\Users\Stu\Desktop\Camp 2013 Photos:AFP_AfpInfo
AlternateDataStreams: C:\Users\Stu\Desktop\Camp 2013 Photos:Mac_Metadata
AlternateDataStreams: C:\Users\Stu\AppData\Local\p2b9Mf7qW9u:mjFiOrd49rPPiGq4pNmhc
AlternateDataStreams: C:\Users\Stu\AppData\Local\V478zMou28n:mvf5VYT4oiTBO5Y0QWmev
AlternateDataStreams: C:\Users\Stu\AppData\Local\ykrU6oryU:hhm3EBhTZBKsa7FZ8WrEDhxna0

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeActiveFileMonitor6.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EpsonCustomerParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_EB_RPCV4_04 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: FPLService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: hpCMSrv => 3
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: WinTabService => 2
MSCONFIG\startupfolder: C:^Users^Stu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: chromium => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Stu\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Stu\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
MSCONFIG\startupreg: WTClient => WTClient.exe

========================= Accounts: ==========================

///////// GMER (ark.txt) ////////////

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-06 11:23:42
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000007b TOSHIBA_ rev.GS00 596.17GB
Running: 57w80x8p.exe; Driver: C:\Users\Stu\AppData\Local\Temp\uxrdrpod.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [1916:4356]  000007fef6169688

---- EOF - GMER 2.1 ----



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 08 January 2015 - 04:23 AM

We need to remove some programs with Revo Uninstaller Free:


Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    ssafewEb
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 08 January 2015 - 07:01 PM

Hi Marius,

 

I uninstalled ssafewEb using Revo uninstaller.

 

Then I downloaded the fixlist.txt file and ran FRST64.exe. I clicked the Fix button and when FRST was done it asked me to restart my computer. Unfortunately, when it restarted I Windows was stuck in the windows loading screen with the windows logo for about an hour.

 

I manually shut it down using the power button, and then tried to boot up again. This time it booted to a screen that informed me that windows startup needed to be repaired with 2 options: Startup Repair or Start Windows Normally. I first tried to start normally but it stuck on the windows logo screen again. After 2 hours, I restarted and chose Startup Repair. The Startup repair screen lasted at least 2 hours and eventually the windows logo screen came back up. It has now been on the windows logo screen for another several hours.

 

What should I do?



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 09 January 2015 - 07:36 AM

How ist he behaviour at the moment?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 09 January 2015 - 08:10 AM

Windows never loaded, I rebooted again using F11 to get to recovery so I could backup a few files that I had been working on since my last backup a few days ago.

 

If I hit ESC on boot, there is no safe mode, only Startup Repair or Start Normally. Neither option works. F11 is the only way I can get to anything.



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 09 January 2015 - 08:17 AM

Scan with FRST (Recovery Environment)


To run FRST on Vista and Windows7:



Plug the flashdrive into the infected PC.

Enter System Recovery Options.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.



To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 09 January 2015 - 09:48 AM

Here's the file:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by SYSTEM on MININT-0NNA2H7 on 09-01-2015 08:45:41
Running from d:\
Platform: WIN_7 (X64) OS Language: English (United States)
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

ATTENTION: Software hive is not loaded.

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
S2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-05-01] (SEIKO EPSON CORPORATION)
S2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33080 2014-12-09] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [228408 2014-12-09] (Dev47Apps)
S3 FLxHCIh; C:\Windows\system32\DRIVERS\FLxHCIh.sys [58880 2011-06-14] (Fresco Logic)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [419160 2012-12-27] (TASCAM)
S3 TASCAM_US122L_MK2_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [31576 2012-12-27] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\System32\drivers\tscusb2a.sys [53080 2012-12-27] (TASCAM)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [54216 2009-10-30] (usb camera)
S3 ALSysIO; \??\C:\Users\Stu\AppData\Local\Temp\ALSysIO64.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 11:54 - 2015-01-08 11:54 - 00000000 ____D () C:\Users\Stu\Desktop\FRST-OlderVersion
2015-01-07 06:51 - 2015-01-07 07:33 - 1560692465 _____ () C:\Users\Stu\Downloads\NoEvilWallRender1.zip
2015-01-06 09:25 - 2015-01-06 09:25 - 04166770 _____ () C:\Users\Stu\Downloads\tdsskiller.zip
2015-01-06 09:25 - 2015-01-06 09:25 - 00000000 ____D () C:\Users\Stu\Downloads\tdsskiller
2015-01-06 09:23 - 2015-01-06 09:23 - 00000390 _____ () C:\Users\Stu\Desktop\ark.txt
2015-01-06 08:56 - 2015-01-06 08:56 - 00380416 _____ () C:\Users\Stu\Downloads\57w80x8p.exe
2015-01-06 08:56 - 2015-01-06 08:56 - 00041532 _____ () C:\Users\Stu\Desktop\FRST.txt
2015-01-06 08:53 - 2015-01-06 08:54 - 00038723 _____ () C:\Users\Stu\Downloads\Addition.txt
2015-01-06 08:52 - 2015-01-06 08:55 - 00041532 _____ () C:\Users\Stu\Downloads\FRST.txt
2015-01-06 08:51 - 2015-01-09 08:45 - 00000000 ____D () C:\FRST
2015-01-06 08:51 - 2015-01-08 11:54 - 02124288 _____ (Farbar) C:\Users\Stu\Desktop\FRST64.exe
2015-01-06 08:15 - 2015-01-06 08:15 - 00000000 ____D () C:\Users\Stu\AppData\Local\Macromedia
2015-01-05 09:37 - 2015-01-05 09:37 - 00000000 ____D () C:\Windows\pss
2015-01-05 08:12 - 2015-01-05 08:12 - 00027010 _____ () C:\Users\Stu\Desktop\dds.txt
2015-01-05 08:12 - 2015-01-05 08:12 - 00018217 _____ () C:\Users\Stu\Desktop\attach.txt
2015-01-05 08:10 - 2015-01-05 08:10 - 00688992 ____R (Swearware) C:\Users\Stu\Downloads\dds.com
2015-01-04 12:06 - 2015-01-04 12:06 - 03007700 _____ () C:\Users\Stu\Downloads\revouninstaller.zip
2015-01-04 10:27 - 2015-01-04 10:28 - 00088083 _____ () C:\Users\Stu\Downloads\4B01.tmp
2014-12-31 19:05 - 2014-12-31 19:05 - 00810295 _____ () C:\Users\Stu\Downloads\fonts (5).zip
2014-12-31 19:05 - 2014-12-31 19:05 - 00000000 ____D () C:\Users\Stu\Downloads\fonts (5)
2014-12-31 18:58 - 2014-12-31 18:58 - 00000000 ____D () C:\Users\Stu\Downloads\fonts (4)
2014-12-31 18:57 - 2014-12-31 18:58 - 00085298 _____ () C:\Users\Stu\Downloads\fonts (4).zip
2014-12-30 11:46 - 2014-12-30 11:46 - 00000218 _____ () C:\Users\Stu\.recently-used.xbel
2014-12-29 13:32 - 2014-12-29 13:32 - 00000000 ____D () C:\Users\Stu\AppData\Local\{EC52DB4A-DD61-44AB-8415-A1C786697FA6}
2014-12-25 12:02 - 2014-12-25 12:02 - 00000000 ____D () C:\Users\Stu\Downloads\loadsaveboneanim1293997874
2014-12-25 12:01 - 2014-12-25 12:01 - 00003865 _____ () C:\Users\Stu\Downloads\loadsaveboneanim1293997874.zip
2014-12-25 07:05 - 2014-12-25 07:06 - 39565896 _____ (Amazon) C:\Users\Stu\Downloads\AmazonMusicInstaller.exe
2014-12-25 07:05 - 2014-12-25 07:05 - 00011274 _____ () C:\Users\Stu\Downloads\Amazon-MP3-1419523510.amz
2014-12-24 10:37 - 2014-12-24 10:37 - 00000530 _____ () C:\Users\Stu\Downloads\url (1).htm
2014-12-24 09:21 - 2014-12-24 09:28 - 00000000 ____D () C:\Users\Stu\AppData\Local\Mozilla
2014-12-24 09:21 - 2014-12-24 09:21 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-24 09:21 - 2014-12-24 09:21 - 00001151 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2014-12-24 09:21 - 2014-12-24 09:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-24 09:21 - 2014-12-24 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-24 09:21 - 2014-12-24 09:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-24 09:18 - 2014-12-24 09:18 - 00244104 _____ () C:\Users\Stu\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-23 13:13 - 2014-12-29 14:09 - 00000000 ____D () C:\Users\Stu\Documents\_StuWebsite2
2014-12-22 16:59 - 2014-12-28 20:06 - 04753716 _____ () C:\Users\Stu\Documents\StuSelfPortrait2015.ai
2014-12-22 16:31 - 2014-12-22 16:31 - 00000000 ____D () C:\Users\Stu\AppData\Local\{86A1E999-8DBE-444C-B1EA-C81064C9EE69}
2014-12-21 19:57 - 2014-12-21 19:57 - 00638888 _____ (Oracle Corporation) C:\Users\Stu\Downloads\chromeinstall-8u25.exe
2014-12-21 19:42 - 2014-12-21 19:42 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\AVAST Software
2014-12-21 19:26 - 2014-12-21 19:26 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-21 19:26 - 2014-12-21 19:26 - 00001964 _____ () C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2014-12-21 19:26 - 2014-12-21 19:25 - 00116728 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-12-21 19:26 - 2014-12-21 19:25 - 00029208 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2014-12-21 19:25 - 2014-12-21 19:25 - 00364512 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-12-21 19:25 - 2014-12-21 19:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-21 19:21 - 2014-12-21 19:25 - 00267632 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-12-21 19:21 - 2014-12-21 19:25 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-12-21 16:49 - 2014-12-21 16:49 - 00032377 _____ () C:\Users\Stu\Documents\EsetThreats-12-21-14.txt
2014-12-17 13:10 - 2014-12-17 13:10 - 00110060 _____ () C:\Users\Stu\Downloads\DoubleFeature20.ttf
2014-12-17 12:34 - 2014-12-17 13:18 - 02610975 _____ () C:\Users\Stu\Documents\RockyAudrey1.ai
2014-12-17 12:33 - 2014-12-17 12:33 - 00000000 ____D () C:\Users\Stu\Downloads\WA_8_VintageBorderBrushes
2014-12-17 12:32 - 2014-12-17 12:32 - 00372126 _____ () C:\Users\Stu\Downloads\WA_8_VintageBorderBrushes.zip
2014-12-17 12:31 - 2014-12-17 12:31 - 09013418 _____ () C:\Users\Stu\Downloads\Lace_trimmings_by_reb70.abr
2014-12-16 07:44 - 2015-01-04 10:44 - 00000008 _____ () C:\Windows\SysWOW64\camera.ini
2014-12-16 07:44 - 2009-10-30 22:53 - 08672840 ____R (ark) C:\Windows\System32\Drivers\PictureDll.sys
2014-12-16 07:44 - 2009-10-30 22:53 - 00054216 ____R (usb camera) C:\Windows\System32\Drivers\usbcamcl.sys
2014-12-16 07:44 - 2009-04-21 18:54 - 00381512 ____R (ark) C:\Windows\System32\Drivers\FaceDll.sys
2014-12-16 07:44 - 2009-04-21 18:54 - 00014408 ____R (ark) C:\Windows\System32\Drivers\FilterDll.sys
2014-12-16 07:44 - 2009-04-21 18:53 - 00038472 ____R (usb camera) C:\Windows\System32\Drivers\usbDecode.sys
2014-12-16 07:44 - 2001-05-11 10:18 - 00420240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2014-12-14 19:18 - 2015-01-06 08:47 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForStu
2014-12-14 19:18 - 2015-01-06 08:47 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForStu.job
2014-12-11 17:47 - 2014-12-11 17:47 - 00000000 ____D () C:\Program Files (x86)\FlashDevelop
2014-12-11 13:37 - 2014-12-11 13:39 - 31284193 _____ (FlashDevelop.org) C:\Users\Stu\Downloads\FlashDevelop-4.6.4.exe
2014-12-10 18:41 - 2014-12-10 18:42 - 00000000 ____D () C:\Users\Stu\Documents\WilGame
2014-12-10 18:21 - 2014-12-10 18:21 - 00000819 _____ () C:\Users\Stu\AppData\Local\recently-used.xbel
2014-12-10 17:34 - 2014-12-10 17:34 - 00000000 ____D () C:\Users\Stu\AppData\Local\gtk-2.0
2014-12-10 06:45 - 2015-01-04 10:46 - 00000000 ____D () C:\ProgramData\BackupNowEZ
2014-12-10 06:45 - 2014-12-10 06:45 - 00000000 ____D () C:\ProgramData\NTIReg
2014-12-10 06:44 - 2015-01-04 10:48 - 00000000 ____D () C:\Program Files (x86)\NTI
2014-12-10 06:44 - 2014-12-10 06:45 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\nti
2014-12-10 06:43 - 2014-12-10 06:43 - 00000000 ____D () C:\Windows\Downloaded Installations

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 12:03 - 2010-11-20 19:47 - 00963012 _____ () C:\Windows\PFRO.log
2015-01-08 11:55 - 2012-04-02 04:05 - 01928263 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 11:45 - 2013-02-07 07:41 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job
2015-01-08 11:35 - 2013-10-06 20:35 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-410 Series Update {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job
2015-01-08 11:35 - 2013-10-06 20:35 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-410 Series Invitation {89BFB8E1-CA25-4055-B5B9-BA5BD289A6FD}.job
2015-01-08 11:35 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2015-01-08 10:56 - 2012-05-29 17:36 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 10:30 - 2012-12-17 21:25 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001UA.job
2015-01-08 09:44 - 2014-09-14 18:44 - 00000000 ____D () C:\Users\Stu\Documents\_MAGIC_vid
2015-01-08 08:17 - 2012-12-17 21:25 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job
2015-01-08 08:10 - 2012-06-10 09:04 - 00000000 ____D () C:\Users\Stu\AppData\Local\Adobe
2015-01-08 08:09 - 2012-08-06 17:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-07 21:24 - 2012-05-29 16:28 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B7072A4-6EC8-41BC-9E14-1C9A66C13051}
2015-01-07 18:45 - 2013-02-07 07:41 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972263147-2679693030-1763710178-1001Core.job
2015-01-07 16:12 - 2013-10-01 18:21 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Spotify
2015-01-07 14:49 - 2009-07-13 21:13 - 00006210 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-01-07 13:51 - 2013-10-01 18:23 - 00000000 ____D () C:\Users\Stu\AppData\Local\Spotify
2015-01-07 12:56 - 2012-06-01 12:17 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Skype
2015-01-07 11:56 - 2012-05-29 17:36 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 08:59 - 2009-07-13 20:45 - 00032064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 08:59 - 2009-07-13 20:45 - 00032064 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 08:52 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 08:51 - 2009-07-13 20:51 - 00129889 _____ () C:\Windows\setupact.log
2015-01-06 12:19 - 2012-06-05 10:26 - 00000000 ____D () C:\Users\Stu\AppData\Local\CrashDumps
2015-01-06 09:24 - 2013-05-31 13:02 - 00000000 ____D () C:\Users\Stu\Desktop\DeskJunk
2015-01-05 17:14 - 2014-12-07 12:18 - 00000000 ____D () C:\Users\Stu\Documents\ConceptAnimatic
2015-01-04 12:19 - 2012-10-29 15:31 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\ChaosPro 4.0
2015-01-04 12:09 - 2012-09-15 05:52 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\uTorrent
2015-01-04 12:01 - 2012-06-06 21:05 - 00000000 ____D () C:\Users\Stu\AppData\Local\Windows Live
2015-01-04 10:49 - 2011-11-09 11:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-04 10:40 - 2012-12-31 07:39 - 00002259 _____ () C:\Windows\wininit.ini
2015-01-04 10:40 - 2012-09-12 13:32 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Dropbox
2015-01-04 10:33 - 2012-09-12 13:35 - 00000000 ___RD () C:\Users\Stu\Dropbox
2015-01-02 09:29 - 2014-05-20 20:22 - 00000000 ____D () C:\Users\Stu\Documents\Machlokes
2015-01-01 19:47 - 2012-05-29 16:18 - 00000000 ____D () C:\users\Stu
2015-01-01 17:45 - 2012-06-17 16:37 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-01 17:45 - 2012-05-31 18:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-01 08:28 - 2012-05-29 16:33 - 00307864 _____ () C:\Users\Stu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-31 19:27 - 2009-07-13 20:45 - 07418272 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-12-30 11:37 - 2013-02-17 14:38 - 00027648 ___SH () C:\Users\Stu\Thumbs.db
2014-12-29 16:57 - 2014-09-28 11:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-29 16:57 - 2011-11-09 11:04 - 00000000 ____D () C:\ProgramData\Skype
2014-12-25 18:31 - 2014-05-30 09:14 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\vlc
2014-12-25 17:56 - 2014-07-23 07:24 - 00000000 ____D () C:\Users\Stu\Documents\_ELI_talkCLIP
2014-12-25 17:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-24 18:48 - 2014-09-14 07:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-21 20:05 - 2012-05-29 17:36 - 01050432 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsnx.sys
2014-12-21 19:59 - 2014-08-04 20:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 19:59 - 2013-11-03 14:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-21 19:58 - 2013-03-06 16:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-21 19:25 - 2012-05-29 17:36 - 00436624 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2014-12-21 19:25 - 2012-05-29 17:36 - 00093568 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-12-21 19:25 - 2012-05-29 17:36 - 00083280 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-12-21 19:22 - 2012-05-29 17:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-21 19:21 - 2012-05-29 17:36 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-12-21 18:46 - 2012-05-29 17:36 - 00000000 ____D () C:\Users\Stu\AppData\Local\Google
2014-12-21 18:34 - 2014-03-18 13:31 - 00000000 ____D () C:\Users\HomeGroupUser$-removed\AppData\Local\Google-removed
2014-12-21 18:26 - 2014-03-18 13:31 - 00000000 ____D () C:\Users\Guest-removed\AppData\Local\Google-removed
2014-12-21 18:17 - 2014-03-18 13:31 - 00000000 ____D () C:\Users\Administrator-removed\AppData\Local\Google-removed
2014-12-20 13:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-12-15 16:06 - 2014-11-10 18:12 - 00000000 ____D () C:\Users\Stu\Documents\IndieGames_Unity
2014-12-15 15:54 - 2014-11-12 16:14 - 00000000 ____D () C:\ProgramData\Unity
2014-12-14 19:16 - 2012-06-01 14:07 - 00000000 ____D () C:\Users\Stu\AppData\Roaming\Audacity
2014-12-14 08:50 - 2014-11-15 22:19 - 00000000 ____D () C:\Users\Stu\Documents\ExploratoryDrawing
2014-12-13 18:49 - 2014-12-08 20:05 - 00000000 ____D () C:\Users\Stu\Documents\WIL_gift
2014-12-12 05:58 - 2012-05-29 17:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 05:58 - 2012-05-29 17:39 - 00002183 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-12-11 13:04 - 2009-07-13 21:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-11 09:00 - 2014-12-09 15:06 - 00000029 _____ () C:\ProgramData\droidcam-settings

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 5609.91 MB
Available physical RAM: 4882.71 MB
Total Pagefile: 5608.05 MB
Available Pagefile: 4878.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:570.42 GB) (Free:83.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP v125w) (Removable) (Total:3.81 GB) (Free:3.81 GB) FAT32
Drive e: (Recovery) (Fixed) (Total:21.58 GB) (Free:2.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
Drive h: (My Book) (Fixed) (Total:931.48 GB) (Free:386.82 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E871E610)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=570.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00073856)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 3.8 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0C)


LastRegBack: 2015-01-08 16:15

==================== End Of Log ============================



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 09 January 2015 - 09:51 AM

System File Check (offline mode)

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Select Command Prompt
  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your system drive letter and system path (for example, D:\windows\) and close the notepad.
  • enter the following command:


sfc /scannow /offbootdir=d:\ /offwindir=d:\windows


Replace the red and pink parts with the informations you obtained from the last step of this tutorial.

Note: Depending on how your computer is setup, the Command Prompt, when used from outside of Windows, doesn't always assign drive letters in the same way that you see them from inside Windows. In other words, Windows might be at C:\Windows when you're using it, but D:\Windows from the Command Prompt in System Recovery Options.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 09 January 2015 - 05:22 PM

My windows folder was in D:\.. (there was also also s C:\ called System, but it was empty)

sfc /scannow /offbootdir=d:\ /offwindir=d:\windows ran for a split second and did nothing.

 

I booted up using a windows repair disc. The repair mode took a long time and seemed to do something, but ultimately the windows logo hang for hours and eventually I got a Blue Screen of death.

 

Anything left to try?



#12 SysFix

SysFix
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 11 January 2015 - 11:52 PM

After Windows became completely corrupt, I tried restoring an image from 1 1/2 years ago. The result was the same slow and erratic behavior that caused me to look for help here. Therefore, I made the assumption that a bad hard drive might be the cause.

 

I got a new hard drive and restored my 1 1/2 year old image onto the new hard drive. It seems that was the problem, as my system is now running very fast and very well. It may take a while to catch up on all of the windows and antivirus updates, but I'm happy to be able to use my laptop again.

 

 

TB-Psychotic, Thank you for your help!



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 12 January 2015 - 04:39 AM

You´re welcome! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 12 January 2015 - 04:39 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users