Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something is limiting what programs I can run


  • This topic is locked This topic is locked
27 replies to this topic

#1 mimiy2k

mimiy2k

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 25 February 2015 - 01:26 PM

Something is limiting what programs I can run.  I can run most anything as always but I cannot run or connect with Remote Desktop Connection Manager.  It just will not connect to my company server although others can connect just fine.
 
I also cannot connect to my Zoolz reseller account.  Every time I try, I get a pop-up telling me that there is a .NetFramework error.  The Zoolz tech support staff has been wonderful and tried everything including running repair on .Net Framework, having me uninstall it and and downloading and installing latest version of .Net framework but my log-in attempts just lead to same error message.  (They also ran  Fiddler4 through TeamViewer).
 
Happens with certain other software where I have to connect to an outside server though I can run FTP and TeamViewer just fine.  I feel sure I at least have AdWare infection die to pop-ups and pop-unders that display from time to time.
 
I have just run Farbar Service Scanner and Farber Recovery Scan, Malwarebytes scan and HijackThis and will attach all to this post. 
 
Thank you so much for your help!!
 
Mimi

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Tommi (administrator) on TOMMI-PC on 25-02-2015 10:44:54
Running from C:\Users\Tommi\Downloads\Farber_Recovery_Scan
Loaded Profiles: Tommi (Available profiles: Tommi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows 9.1\apmwinsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Livedrive\VSSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Smilebox, Inc.) C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe
(Learnpulse) C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Livedrive Internet Ltd) C:\Program Files (x86)\Livedrive\Livedrive.exe
(Starfield Technologies) C:\Users\Tommi\AppData\Local\Workspace\workspaceupdate.exe
(Starfield Technologies, LLC) C:\Users\Tommi\AppData\Local\Workspace\wben.exe
(Starfield Technologies, LLC) C:\Users\Tommi\AppData\Local\Workspace\outsync.exe
(Starfield Technologies) C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\Zoolz.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Trend Micro Inc.) C:\Users\Tommi\Downloads\Hijack_This\HijackThis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Farbar) C:\Users\Tommi\Downloads\Farber_Recovery_Scan\Farber_Service_Scanner\FSS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2011-11-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-11-12] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2011-11-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5702216 2015-01-30] (Box, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [801072 2015-02-20] (Webroot)
HKLM-x32\...\Run: [Join Multiple Zip Files Into One Software.exe] => [X]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [(default)] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-06-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1518664 2014-09-17] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127080 2014-09-17] (Seagate Technology LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [596480 2014-04-21] (NETGEAR Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [SmileboxTray] => C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe [342312 2014-09-12] (Smilebox, Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Screenpresso] => C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [11001872 2014-11-22] (Learnpulse)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Livedrive\Livedrive.exe [1842840 2014-07-24] (Livedrive Internet Ltd)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Starfield Updater] => C:\Users\Tommi\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2014-11-23] (Starfield Technologies)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [wben] => C:\Users\Tommi\AppData\Local\Workspace\wben.exe [1078896 2014-10-20] (Starfield Technologies, LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [ogcsn] => C:\Users\Tommi\AppData\Local\Workspace\outsync.exe [1011696 2013-07-09] (Starfield Technologies, LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Workspace Status] => C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe [694760 2014-11-23] (Starfield Technologies)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Zoolz Tray] => C:\Program Files\Genie9\Zoolz2\Zoolz.exe [1961832 2015-01-20] (Genie9)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (No File)
Startup: C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {9a216f5d-3530-3b1a-8006-9a1233402fba} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {7388e4d9-88a2-3c0e-8452-869aea4d1abc} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {4c3d7a5e-7476-3c21-9717-0614ce209c44} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {aa0bacc8-a5df-34b0-acd8-e6739d92010e} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {0f20db5b-365d-3cc6-82eb-41207f77bb71} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [BackupOverlay] -> {B44A5D93-1351-41A1-BD91-5E92435D8ECD} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.usatoday.com/
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://lenovo.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {A833D0B2-645C-4E8A-ABBE-EF95111DB39F} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-i3752
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll (MediaMall Technologies, Inc.)
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://meetings.webex.com/client/WBXclient-T28L10NSP12-16655/webex/ieatgpc1.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9-x64 01 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 02 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 03 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 04 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 16 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

FireFox:
========
FF ProfilePath: C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981
FF Homepage: www.usatoday.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Tommi\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 -> C:\Users\Tommi\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll ( )
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/off -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/off64 -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/wbe -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/wbe64 -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)
FF Extension: WBE Paste - C:\Users\Tommi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2012-03-05]
FF Extension: Workspace Email Zoom - C:\Users\Tommi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2012-03-05]
FF Extension: iCloud Bookmarks - C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981\Extensions\firefoxdav@icloud.com [2014-11-14]
FF Extension: PlayOn - C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981\Extensions\playonplugin@playon.tv [2015-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2015-01-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-26]
FF HKLM-x32\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-02-17]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Tommi\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 apmwinsrv; C:\Program Files (x86)\Paragon Software\HFS+ for Windows 9.1\apmwinsrv.exe [66768 2013-07-26] ()
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28696 2015-01-30] (Box, Inc.)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
R2 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-11-12] (Macrovision Europe Ltd.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-02-21] ()
R2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [210584 2014-07-24] ()
S2 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5911856 2015-02-09] (MediaMall Technologies, Inc.)
S3 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2012-12-07] (The Neat Company) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [225792 2014-03-23] (NETGEAR) [File not signed]
R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-06-26] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [801072 2015-02-20] (Webroot)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [469864 2015-01-20] (Genie9)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-07-26] (Paragon Software Group)
R1 CbFs; C:\windows\system32\drivers\cbfs.sys [191960 2010-02-16] (EldoS Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2013-07-26] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [204496 2013-07-26] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-07-26] (Paragon Software Group)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46280 2013-02-21] (AnchorFree Inc.)
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\BF24.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [45776 2013-07-26] (Paragon Software Group)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-06-15] (CACE Technologies, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115680 2015-02-20] (Webroot)
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 CrucialSMBusScan; \??\C:\Users\Tommi\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X]
U2 DriverService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
S3 PCDSRVC{2B7BBB7B-C21D2F20-06020000}_0; \??\c:\program files (x86)\lenovo hard drive quick test\pcdsrvc_x64.pkms [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
U2 Stereo Service; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AcpiVpc.sys 5BBFF8B826EC38D32C26334E079C7EFC
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\apmwin.sys 00855C77309CDCEDE67EBEDEE12B49DC
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 782D36BAD8DDBF008D02E055DBE70F82
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\drivers\BPntDrv.sys AAA4F992F879977A000FE8B8C730CD2C
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\windows\system32\drivers\cbfs.sys D8466DF7629A7ACD2BED0CDE206E5DF9
C:\windows\system32\drivers\cbfs3.sys 3D50891CAA71E3479A8A10F25CA9207F
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys E45CDE1C8340DFEDF1D6724263F39E5B
C:\Windows\System32\drivers\CHDRT64.sys A9078365CCE6DDF02DD9E5A3591DF1F5
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\drivers\fbfmon.sys 3191ACA33088EE2481044FC0DB736442
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\gpt_loader.sys 43BB73B47AB648E382F59050B3F5B4D7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hfsplus.sys B01A91CE0390968EC31FFFE9BE4C476C
C:\Windows\System32\DRIVERS\hfsplusrec.sys 1E633CF42117F2E8157D0445B0BF5F3C
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hssdrv6.sys CA53DA4C3EAD4C86918E7F80CD281ABB
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 0089B53F1BEFD34B7D8CA4AB021335FA
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 7DBAFE10C1B777305C80BEA42FBDA710
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C60C6B9A2E50B0404F6789C62B428C03
C:\Windows\System32\Drivers\ksecpkg.sys 78D152A9FD5747FF6AA89C79F0346F62
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 95CA93FC12BE372BB952669F37FFF9C5
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\windows\system32\drivers\mbamchameleon.sys 9150A0F57F9BBEDA6311ACECA55229F8
C:\windows\system32\drivers\mbam.sys B0896FB3FF31F75AEBA7F94FF99A94C3
C:\windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\windows\system32\drivers\mwac.sys AB92F5224C31A140246D6B82DEA11142
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\windows\system32\BF24.tmp F9CE67E9E0226079B59107B649851F96
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mounthlp.sys 32035DBFED4CAF67A61DF8518C09D3B3
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\System32\drivers\povrtdev.sys C83829C280F0207677B7AAA151EF9C4D
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\windows\system32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpdispm.sys BDF2DB2F19945AFAF102A2C03062EFB1
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUVStor.sys E57FAC2CDB73F06586ED2ED310B80932
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys EBEADA6A9A8CCA0BAAE79EE720BD0156
C:\Windows\System32\DRIVERS\taphss6.sys FA08663E58C3B856CD9A83F3279337FE
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WRkrn.sys 0FA0801D02033F98C52DC459F057C2B4
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 09:39 - 2015-02-25 10:45 - 00000000 ____D () C:\FRST
2015-02-25 08:57 - 2015-02-25 09:17 - 00000000 ____D () C:\Users\Tommi\Downloads\Hijack_This
2015-02-25 08:55 - 2015-02-25 08:55 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (4)
2015-02-25 08:54 - 2015-02-25 08:54 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (3)
2015-02-25 08:53 - 2015-02-25 10:44 - 00000000 ____D () C:\Users\Tommi\Downloads\Farber_Recovery_Scan
2015-02-25 08:53 - 2015-02-25 08:53 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (2)
2015-02-24 23:11 - 2015-02-24 23:15 - 00000000 ____D () C:\Users\Tommi\Desktop\Zoolz_Log_Folder
2015-02-24 22:50 - 2015-02-24 22:50 - 00000000 ____D () C:\Users\Tommi\New folder
2015-02-24 17:50 - 2015-02-24 23:03 - 00003228 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-24 17:37 - 2015-02-24 17:37 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-24 17:35 - 2015-01-08 16:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-24 17:35 - 2015-01-08 16:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-22 09:03 - 2015-02-22 09:03 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-22 09:03 - 2015-02-22 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\Program Files\iTunes
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 09:02 - 2015-02-22 09:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-22 08:33 - 2015-02-22 08:33 - 00002053 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2015-02-22 08:33 - 2015-02-22 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2015-02-22 08:30 - 2015-02-22 08:30 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2015-02-22 08:29 - 2015-02-24 17:45 - 00000000 ____D () C:\ProgramData\MediaMall
2015-02-22 08:22 - 2015-02-22 08:51 - 00000000 ____D () C:\Users\Tommi\Downloads\PlayOn-PlayLater
2015-02-22 01:04 - 2015-02-22 01:04 - 00000368 _____ () C:\windows\PFRO.log
2015-02-22 00:25 - 2015-02-22 00:25 - 00000000 ____D () C:\New folder
2015-02-21 23:43 - 2015-02-25 05:41 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-21 23:43 - 2015-02-21 23:43 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-21 23:43 - 2015-02-21 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-21 23:43 - 2015-02-21 23:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-21 23:43 - 2014-11-21 07:08 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-21 23:43 - 2014-11-21 07:07 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-21 23:43 - 2014-11-21 07:07 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-21 23:38 - 2015-02-21 23:39 - 00000000 ____D () C:\Users\Tommi\Downloads\MalwareBytes_Premium
2015-02-21 23:08 - 2015-02-21 23:19 - 00000000 ____D () C:\Users\Tommi\Documents\PetHotel
2015-02-21 20:28 - 2015-02-21 20:28 - 00262144 _____ () C:\windows\Minidump\022115-61121-01.dmp
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (14)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (13)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (12)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (11)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (10)
2015-02-20 04:40 - 2015-02-20 04:40 - 00347816 _____ (Microsoft Corporation) C:\Users\Tommi\Downloads\MicrosoftFixit.Printing.LB.1423478884003750.1.1.Run.exe
2015-02-20 00:52 - 2015-02-25 08:50 - 00001279 _____ () C:\windows\setupact.log
2015-02-20 00:52 - 2015-02-20 00:52 - 00000000 _____ () C:\windows\setuperr.log
2015-02-18 21:16 - 2015-02-24 23:03 - 00003362 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-17 05:27 - 2015-02-17 05:27 - 00000948 _____ () C:\Users\Tommi\Desktop\Zoolz.lnk
2015-02-17 05:27 - 2015-02-17 05:27 - 00000000 ___RD () C:\Users\Tommi\Desktop\No-Zoolz Zone
2015-02-17 05:26 - 2015-02-17 05:26 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoolz
2015-02-17 05:18 - 2015-02-17 05:18 - 06391929 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetup.exe
2015-02-17 04:51 - 2015-02-17 04:52 - 00000000 ____D () C:\Users\Tommi\Documents\Fiddler2
2015-02-17 04:51 - 2015-02-17 04:51 - 00001888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler4.lnk
2015-02-17 04:51 - 2015-02-17 04:51 - 00000000 ____D () C:\Program Files (x86)\Fiddler2
2015-02-17 04:50 - 2015-02-17 04:50 - 01173176 _____ (Telerik) C:\Users\Tommi\Downloads\fiddler4setup.exe
2015-02-17 03:57 - 2015-02-17 04:22 - 01965938 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetup.exe.part
2015-02-16 16:43 - 2015-02-16 16:43 - 00010910 _____ () C:\Users\Tommi\Desktop\AppDataFolder.zip
2015-02-16 16:41 - 2015-02-16 16:41 - 00002922 _____ () C:\Users\Tommi\Desktop\ProgramFilesLogs.zip
2015-02-16 16:08 - 2015-02-17 05:26 - 00000000 ____D () C:\Program Files\Genie9
2015-02-15 06:21 - 2015-02-15 08:50 - 00000000 ____D () C:\Users\Tommi\Documents\Healthcare.gov_Application
2015-02-15 01:29 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-02-15 01:29 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-02-15 01:29 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-02-15 01:29 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-02-15 01:29 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-02-15 01:29 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-02-15 01:29 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-02-15 01:29 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-02-15 01:28 - 2014-10-17 19:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-02-15 01:28 - 2014-10-17 18:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-02-15 01:25 - 2015-02-15 01:32 - 00000000 ____D () C:\Users\Tommi\Documents\backup_solutions
2015-02-15 00:18 - 2015-02-15 00:28 - 00000000 ____D () C:\Users\Tommi\Downloads\Zoolsz
2015-02-15 00:14 - 2015-02-15 00:14 - 50449456 _____ (Microsoft Corporation) C:\Users\Tommi\Downloads\dotNetFx40_Full_x86_x64.exe
2015-02-15 00:00 - 2015-02-16 23:30 - 00000000 ____D () C:\Users\Tommi\Downloads\MS_Net_Framework
2015-02-14 23:56 - 2015-02-14 23:56 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Genie9
2015-02-14 23:23 - 2015-02-14 23:25 - 06339368 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetupHome.exe
2015-02-10 20:51 - 2015-01-13 23:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-10 20:51 - 2015-01-13 22:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-10 20:51 - 2015-01-13 22:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-10 20:51 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-10 20:51 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-10 20:51 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-02-10 20:51 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-02-10 20:50 - 2015-01-13 23:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-10 20:50 - 2015-01-13 23:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-10 20:50 - 2015-01-13 23:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-10 20:50 - 2015-01-13 22:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-10 20:49 - 2015-02-03 20:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-10 20:49 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-10 20:48 - 2015-01-09 23:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-10 20:46 - 2015-01-13 22:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-10 20:46 - 2015-01-13 22:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-10 20:46 - 2015-01-11 20:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-10 20:46 - 2015-01-11 20:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-10 20:46 - 2015-01-11 20:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-10 20:46 - 2015-01-11 19:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-10 20:46 - 2015-01-11 19:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-10 20:46 - 2015-01-11 19:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-10 20:46 - 2015-01-11 19:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-10 20:46 - 2015-01-11 19:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-10 20:46 - 2015-01-11 19:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-10 20:46 - 2015-01-11 19:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-10 20:46 - 2015-01-11 19:33 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-10 20:46 - 2015-01-11 19:32 - 06041088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-10 20:46 - 2015-01-11 19:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-10 20:46 - 2015-01-11 19:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-10 20:46 - 2015-01-11 19:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-10 20:46 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-10 20:46 - 2015-01-11 19:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 20:46 - 2015-01-11 19:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-10 20:46 - 2015-01-11 19:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-10 20:46 - 2015-01-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-10 20:46 - 2015-01-11 19:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-10 20:46 - 2015-01-11 19:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-10 20:46 - 2015-01-11 19:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-10 20:46 - 2015-01-11 18:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-10 20:46 - 2015-01-11 18:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-10 20:46 - 2015-01-11 18:55 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-10 20:46 - 2015-01-11 18:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-10 20:46 - 2015-01-11 18:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-10 20:46 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-10 20:46 - 2015-01-11 18:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-10 20:46 - 2015-01-11 18:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-10 20:46 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-10 20:46 - 2015-01-11 18:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-10 20:46 - 2015-01-11 18:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 20:46 - 2015-01-11 18:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-10 20:46 - 2015-01-11 18:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-10 20:46 - 2015-01-11 18:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-10 20:46 - 2015-01-11 18:29 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-10 20:46 - 2015-01-11 18:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-10 20:46 - 2015-01-11 18:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-10 20:46 - 2015-01-11 18:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-10 20:46 - 2015-01-11 18:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-10 20:46 - 2015-01-11 18:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-10 20:46 - 2015-01-11 18:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-10 20:46 - 2015-01-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-10 20:46 - 2015-01-11 18:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-10 20:46 - 2015-01-11 17:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-10 20:46 - 2015-01-11 17:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-10 20:45 - 2015-01-15 01:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-10 20:45 - 2015-01-15 01:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-10 20:45 - 2015-01-15 01:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-10 20:45 - 2015-01-15 01:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-10 20:45 - 2015-01-15 01:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-10 20:45 - 2015-01-15 01:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-10 20:45 - 2015-01-15 01:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-10 20:45 - 2015-01-15 01:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-10 20:45 - 2015-01-15 00:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-10 20:45 - 2015-01-15 00:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-10 20:45 - 2015-01-15 00:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-10 20:45 - 2015-01-15 00:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-10 20:45 - 2015-01-15 00:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-10 20:45 - 2015-01-15 00:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-10 20:45 - 2015-01-14 21:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-10 20:45 - 2015-01-12 20:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-10 20:45 - 2015-01-12 19:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-10 20:44 - 2014-12-11 22:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-10 20:44 - 2014-12-11 22:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-10 20:44 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-10 20:44 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-10 20:44 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-10 20:44 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-10 20:43 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-10 20:43 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-10 20:43 - 2014-10-03 19:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-10 20:43 - 2014-10-03 18:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-02-10 20:43 - 2014-10-03 18:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-02-10 20:42 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-10 20:42 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-10 20:41 - 2015-01-08 19:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-10 02:06 - 2015-02-10 02:06 - 00000000 ____D () C:\Users\Tommi\AppData\Local\Box Sync
2015-02-10 02:04 - 2015-02-10 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2015-02-10 02:02 - 2015-02-10 02:02 - 00000000 ____D () C:\Program Files\Box
2015-02-10 02:01 - 2015-02-10 02:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-10 01:58 - 2015-02-10 01:59 - 00000000 ____D () C:\Users\Tommi\Downloads\BOX
2015-02-05 09:20 - 2015-02-19 09:21 - 00003206 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-05 01:40 - 2015-02-05 01:40 - 05070512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-04 20:21 - 2015-02-19 09:21 - 00003340 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-01-31 06:45 - 2015-01-31 06:45 - 06381120 _____ (Tim Kosse) C:\Users\Tommi\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-26 20:47 - 2015-01-26 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 10:46 - 2011-11-13 03:09 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Skype
2015-02-25 10:45 - 2014-06-04 12:56 - 01098823 _____ () C:\windows\WindowsUpdate.log
2015-02-25 10:45 - 2014-03-06 18:29 - 00000562 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001.job
2015-02-25 10:45 - 2013-03-27 07:29 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 10:45 - 2011-12-18 11:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 08:49 - 2009-07-13 22:13 - 00815570 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-24 23:17 - 2009-07-13 21:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 23:17 - 2009-07-13 21:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 23:02 - 2011-11-12 08:01 - 00585506 _____ () C:\windows\system32\fastboot.set
2015-02-24 23:01 - 2014-11-10 03:09 - 00000406 _____ () C:\windows\Tasks\simplitec Service Provider.job
2015-02-24 23:01 - 2011-12-18 10:43 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 23:01 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-24 23:01 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\registration
2015-02-24 22:50 - 2011-11-12 16:32 - 00000000 ____D () C:\Users\Tommi
2015-02-24 22:17 - 2013-05-06 15:25 - 00000000 ____D () C:\Users\Tommi\AppData\Local\CrashDumps
2015-02-24 20:27 - 2013-05-07 16:42 - 00000000 ____D () C:\ProgramData\WRData
2015-02-24 17:40 - 2011-12-03 14:34 - 00000466 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2015-02-24 17:37 - 2014-05-17 10:49 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-24 17:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-02-24 17:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\AppCompat
2015-02-24 17:32 - 2011-11-13 05:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-24 15:47 - 2011-12-03 14:34 - 00003492 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2015-02-24 15:47 - 2011-12-03 14:34 - 00003448 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2015-02-24 15:39 - 2014-06-15 18:02 - 00000000 ____D () C:\Users\Tommi\AppData\Local\Adobe
2015-02-22 09:02 - 2012-04-02 04:57 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-22 08:25 - 2013-01-24 21:47 - 00000000 ____D () C:\windows\Downloaded Installations
2015-02-22 01:21 - 2011-11-16 08:28 - 00000000 ____D () C:\Users\Tommi\Documents\Malware_Reports
2015-02-21 23:43 - 2012-05-04 20:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-21 23:28 - 2011-11-17 00:42 - 00000000 ____D () C:\Users\Tommi\Documents\To_Do
2015-02-21 20:28 - 2011-11-22 21:48 - 00000000 ____D () C:\windows\Minidump
2015-02-20 23:18 - 2014-03-06 18:29 - 00003588 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001
2015-02-20 07:31 - 2013-05-07 16:45 - 00167632 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll
2015-02-20 07:31 - 2013-05-07 16:45 - 00115680 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys
2015-02-20 07:31 - 2013-05-07 16:45 - 00105320 _____ (Webroot) C:\windows\system32\WRusr.dll
2015-02-20 04:41 - 2013-05-25 02:51 - 00000000 ____D () C:\Users\Tommi\1_Min_WP_Launcher
2015-02-20 01:11 - 2013-03-28 17:37 - 00000000 ____D () C:\Users\Tommi\Documents\cc_cleaner_registry_backups
2015-02-20 00:37 - 2013-10-22 23:31 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\TeamViewer
2015-02-20 00:13 - 2011-12-18 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-19 22:55 - 2011-11-12 07:58 - 00000000 ____D () C:\ProgramData\Temp
2015-02-16 15:21 - 2014-06-03 21:42 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-16 15:21 - 2014-06-03 21:42 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-02-16 14:35 - 2011-11-14 00:09 - 00808184 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-15 01:56 - 2009-07-13 21:45 - 05260744 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-15 01:51 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\tracing
2015-02-15 01:16 - 2013-09-30 19:27 - 00000000 ____D () C:\windows\system32\MRT
2015-02-09 00:13 - 2011-12-03 14:34 - 00000528 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-02-09 00:00 - 2011-12-03 14:34 - 00004230 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-07 20:17 - 2011-11-15 03:14 - 00000000 ____D () C:\Users\Tommi\Documents\AIM
2015-02-06 10:36 - 2011-11-16 07:54 - 00000000 ____D () C:\Users\Tommi\Documents\Bills
2015-02-05 16:06 - 2011-12-18 11:40 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 16:06 - 2011-12-18 11:40 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 01:40 - 2013-03-27 07:29 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 01:40 - 2012-04-02 06:57 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 01:40 - 2011-11-13 01:29 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 02:28 - 2012-05-05 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 04:21 - 2013-10-26 15:07 - 00000000 ____D () C:\Users\Tommi\Documents\Populus
2015-01-31 07:01 - 2011-12-17 10:54 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\FileZilla
2015-01-29 17:49 - 2011-11-13 00:45 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-28 01:02 - 2015-01-13 20:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-01-27 23:57 - 2013-10-15 12:27 - 00000000 ____D () C:\Users\Tommi\Documents\CAN_SPAM_LAWS

==================== Files in the root of some directories =======

2012-08-25 21:49 - 2012-08-25 21:49 - 3993600 _____ () C:\Program Files (x86)\GUTFB79.tmp
2014-01-25 20:02 - 2014-07-18 14:33 - 0000096 _____ () C:\Users\Tommi\AppData\Roaming\Camdata.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0000408 _____ () C:\Users\Tommi\AppData\Roaming\CamLayout.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0000408 _____ () C:\Users\Tommi\AppData\Roaming\CamShapes.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0004535 _____ () C:\Users\Tommi\AppData\Roaming\CamStudio.cfg
2012-04-20 16:52 - 2014-10-27 03:04 - 0000151 _____ () C:\Users\Tommi\AppData\Roaming\FotoSketcher.ini
2011-11-12 17:34 - 2014-08-11 17:47 - 0898048 _____ () C:\Users\Tommi\AppData\Roaming\SharedSettings.ccs
2014-01-25 19:19 - 2014-07-18 14:33 - 0000096 _____ () C:\Users\Tommi\AppData\Roaming\version2.xml
2012-04-12 23:08 - 2014-09-17 22:56 - 0113709 _____ () C:\Users\Tommi\AppData\Local\ars.cache
2012-04-12 23:09 - 2014-09-17 22:56 - 1033406 _____ () C:\Users\Tommi\AppData\Local\census.cache
2013-07-22 16:40 - 2014-01-27 21:52 - 0005120 _____ () C:\Users\Tommi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-12 22:44 - 2012-04-12 22:44 - 0000036 _____ () C:\Users\Tommi\AppData\Local\housecall.guid.cache
2012-05-07 13:48 - 2014-06-28 15:39 - 0000600 _____ () C:\Users\Tommi\AppData\Local\PUTTY.RND
2014-01-05 20:34 - 2014-11-21 00:02 - 0007612 _____ () C:\Users\Tommi\AppData\Local\Resmon.ResmonCfg
2014-09-17 22:41 - 2014-09-17 22:41 - 0000010 _____ () C:\Users\Tommi\AppData\Local\sponge.last.runtime.cache
2013-06-07 23:16 - 2013-06-07 23:17 - 0000035 _____ () C:\Users\Tommi\AppData\Local\temp.tmp
2011-12-10 21:35 - 2011-12-10 21:35 - 0017408 _____ () C:\Users\Tommi\AppData\Local\WebpageIcons.db
2014-06-13 12:43 - 2014-06-13 12:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-14 03:15 - 2013-01-15 01:46 - 0109096 _____ () C:\ProgramData\temp1.txt
2013-07-13 22:41 - 2013-07-13 22:41 - 0033958 _____ () C:\ProgramData\uninstaller.exe

Files to move or delete:
====================
C:\ProgramData\uninstaller.exe


Some content of TEMP:
====================
C:\Users\Tommi\AppData\Local\Temp\SkypeSetup.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\EasyRedirect.dll
C:\Windows\System32\igd10umd32.dll
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\igdumdx32.dll
C:\Windows\System32\MSVBVM60.DLL
C:\Windows\System32\olepro32.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {c3c6452e-0d7b-11e1-bf4d-82e854bf8b30}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {c3c64530-0d7b-11e1-bf4d-82e854bf8b30}
recoveryenabled Yes
nointegritychecks Yes
osdevice partition=C:
systemroot \windows
resumeobject {c3c6452e-0d7b-11e1-bf4d-82e854bf8b30}
nx OptOut
bootlog No

Windows Boot Loader
-------------------
identifier {c3c64530-0d7b-11e1-bf4d-82e854bf8b30}
device ramdisk=[C:]\Recovery\c3c64530-0d7b-11e1-bf4d-82e854bf8b30\Winre.wim,{c3c64531-0d7b-11e1-bf4d-82e854bf8b30}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\c3c64530-0d7b-11e1-bf4d-82e854bf8b30\Winre.wim,{c3c64531-0d7b-11e1-bf4d-82e854bf8b30}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {c3c6452e-0d7b-11e1-bf4d-82e854bf8b30}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {c3c64531-0d7b-11e1-bf4d-82e854bf8b30}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\c3c64530-0d7b-11e1-bf4d-82e854bf8b30\boot.sdi

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by Tommi at 2015-02-25 10:46:45
Running from C:\Users\Tommi\Downloads\Farber_Recovery_Scan
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Disabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Disabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AbleBits.com Duplicate Remover for Microsoft Excel (HKLM-x32\...\{C937A2D1-D785-4931-9DDC-DA54D9320FBB}) (Version: 3.2.3 - Add-in Express Ltd.)
ActiveData For Excel (x86) (HKLM-x32\...\{E68102F0-D4B9-4885-931F-B31479E9D3A1}) (Version: 5.0.0 - InformationActive)
ActivePresenter (HKLM-x32\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 3.9.2 - Atomi Systems, Inc.)
Adobe Acrobat 8.1.0 Professional (HKLM-x32\...\Adobe Acrobat 8 Professional) (Version: 8.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
AKVIS ArtWork (HKLM\...\{DA2B4016-343D-4564-BE1C-99D84BE9673D}) (Version: 8.1.1709.10702 - AKVIS)
AKVIS ArtWork (HKLM-x32\...\{DA2B4016-343D-4564-BE1C-99D84BE9673D}) (Version: 7.0.1614.8662 - AKVIS)
Amazon Kindle (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASAP Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 5.0 - Bastien Mensink - A Must in Every Office BV)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AutoNext (HKLM-x32\...\InstallShield_{FB776A40-C7CC-4A5C-8B96-AB30585FC0C0}) (Version: 1.00.0000 - eGrabber)
Beyond Compare 4.0.0 (HKLM-x32\...\BeyondCompare4_is1) (Version: 4.0.0.18847 - Scooter Software)
BlueGriffon version 1.6.2 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.6.2 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Shot 3D (HKLM\...\Box Shot 3D) (Version: 3.6 - Apps For Life)
Box Sync (HKLM\...\{D49B4848-D733-409C-A894-3CC0113F15A6}) (Version: 4.0.6035.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.6035.0 - Box Inc.) Hidden
Bulkr (HKLM-x32\...\com.prakaz.project.photogettr) (Version: 1.7 - Prakash Bajracharya)
Bulkr (x32 Version: 1.7 - Prakash Bajracharya) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11266.0 - Cisco Consumer Products LLC)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
CoffeeCup Direct FTP (HKLM-x32\...\{88741A14-4C9D-469F-BA36-8FDF6037BB68}) (Version: 3.9.2015 - CoffeeCup Software Inc.)
CoffeeCup Free Zip Wizard (HKLM-x32\...\CoffeeCup Free Zip Wizard) (Version: - CoffeeCup Software)
CoffeeCup LockBox (HKLM-x32\...\CoffeeCup LockBox) (Version: - )
CoffeeCup Places (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\CoffeeCup Places) (Version: 1.1 - CoffeeCup Software)
CoffeeCup Website Access Manager (HKLM-x32\...\CoffeeCup Website Access Manager) (Version: - CoffeeCup Software)
Compare It! (HKLM-x32\...\Compare It + Synchronize It_is1) (Version: 4.1 - Grig Software)
Compare It! (HKLM-x32\...\Compare It!_is1) (Version: 4.2 - Grig Software)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.46.0.50 - Conexant)
Convert XLS (HKLM-x32\...\Convert XLS_is1) (Version: - Softinterface, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Quality Components (HKLM\...\Data Quality Components_is1) (Version: - Melissa Data Corp)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Directory Report (HKLM-x32\...\{0D9B75C0-3FC9-11D5-8617-00D0B707C2B6}) (Version: 34.00.0000 - AMB Software)
Dropbox (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Dropbox) (Version: 2.4.10 - Dropbox, Inc.)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version: - EASEUS)
EmailAppend_Step2 (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\b5d2fe301b01077b) (Version: 1.0.0.0 - Microsoft)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo)
Energy Management (x32 Version: 6.0.1.5 - Lenovo) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ESDNOW Software Protection Technology v1.0.4 (HKLM-x32\...\{46F5DECB-ADB0-48D0-92D9-07D6524B0BD9}) (Version: 1.0.4 - ESDNOW)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.9 - Telerik)
Files Email Address Finder (HKLM-x32\...\{13F761B5-CFA4-419A-9DC1-BC5E40CFD9AD}) (Version: 5.0.0 - WindowIndia)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FlashFXP 4 (HKLM-x32\...\FlashFXP 4) (Version: 4.4.4.2046 - OpenSight Software LLC)
FontMSI (HKLM-x32\...\{ABB47A07-3209-42CE-9260-7BAC030CC6CA}) (Version: 1.00.0000 - AB)
FotoSketcher 2.30 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
FoxTab PDF Creator (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
FTPRush 2.1.8 (HKLM-x32\...\FTP Rush_is1) (Version: 2.1.8 - wftpserver.com)
Fuze Meeting (HKLM-x32\...\{88F800EE-C2E3-49F1-9A61-DB1EE6DD4245}) (Version: 14.1.3326 - Fuze Box, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.0.2352 (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\GoToMeeting) (Version: 7.1.0.2352 - CitrixOnline)
HIEOutlookPluginSetup (HKLM-x32\...\{F9EE5132-8BDC-4E3F-B355-BFC51496D00C}) (Version: 1.0.0 - High Impact eMail 5)
Hotspot Shield 2.93 (HKLM-x32\...\HotspotShield) (Version: 2.93 - AnchorFree Inc.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Imagekind Uploader (HKLM-x32\...\{C17351A0-DBB4-4449-9309-B2AFA3EA7ADA}) (Version: 1.0.3 - Imagekind)
ImageQuix Publisher (HKLM-x32\...\ImageQuixPublisher) (Version: - )
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iSpring Free 6 (HKLM\...\{A2CB66EE-C96E-400E-A69B-B216DFA502F2}) (Version: 6.2.0 - iSpring Solutions Inc.)
iTunes (HKLM\...\{C36440D2-5DBE-4F20-8D39-39D83FDBBE4E}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
jZip (HKLM-x32\...\jZip) (Version: - Discordia Limited.)
Kutools for Excel 5.1.0.0 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: - Detong)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo Hard Drive Quick Test (HKLM-x32\...\{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}) (Version: 6.0.5746.01 - PC-Doctor, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
ListGrabber AutoNext (x32 Version: 1.00.0000 - eGrabber) Hidden
Livedrive (HKLM\...\{7D2E0E90-3BBA-43B1-894D-EC39A4E18748}) (Version: 1.15.2.0 - Livedrive Internet Limited)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Excel Home and Student 2010 (HKLM-x32\...\Office14.EXCELR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 PowerPivot for Excel 32-bit (HKLM-x32\...\{4CFC749F-E178-42C7-8095-796C5814C9C3}) (Version: 11.1.3129.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neat (HKLM-x32\...\Neat) (Version: 5.1.29.304 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.1.29.304 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.24 - NETGEAR Inc.)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 2.5.2.56 - NTI Corporation)
NTI Backup Now EZ (x32 Version: 2.5.2.56 - NTI Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Paragon HFS+ for Windows™ 9.1 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Stamp Remover 6.0 (HKLM-x32\...\Photo Stamp Remover_is1) (Version: 6.0 - SoftOrbits)
PlayOn (HKLM-x32\...\{55E63875-3DB1-4111-ADA7-E3AD2379A975}) (Version: 3.10.21 - MediaMall Technologies, Inc.)
Quick File Rename Professional Edition (HKLM-x32\...\{4B5FDE6F-6A43-49AD-B878-0C1562DAA3A2}) (Version: 8.01.0000 - Skyjuice Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Desktop Connection Manager (HKLM-x32\...\{173A2B7F-535A-4403-A454-B41531EF0D7F}) (Version: 2.2.0423 - Microsoft Corporation)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Screencast-O-Matic (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
Screenpresso (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Screenpresso) (Version: 1.5.3.0 - Learnpulse)
Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0016-0000-0000-0000000FF1CE}_Office14.EXCELR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden
simpliclean (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 1.5.2.2 - simplitec GmbH)
SiteSpinner V2 (HKLM-x32\...\{355BCF4B-A2A6-46F1-A33E-FA8D6B1794C7}) (Version: 2.91.7 - Virtual Mechanics)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Photo Editor (HKLM-x32\...\SmartPhotoEditor1_is1) (Version: 1.18 - Anthropics Technology Ltd.)
Smart Photo Editor Trial (HKLM-x32\...\SmartPhotoEditor1Trial_is1) (Version: 1.18 - Anthropics Technology Ltd.)
Smilebox (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Smilebox) (Version: 1.0.0.27714 - Smilebox, Inc.)
Snagit 10.0.1 (HKLM-x32\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
Snagit 11 (HKLM-x32\...\{44BD21C2-9132-48DB-B65B-23817E4C6F4B}) (Version: 11.2.0 - TechSmith Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.1 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.1.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
Visual Site Designer (HKLM-x32\...\{5FA08EAD-6532-4609-9E78-DBBEBE9AE6D2}) (Version: 7.0.82 - CoffeeCup Software)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Web Designer Premium MX Update (Version: 8.1.4.30831 - Xara Group Ltd) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.7.28 - Webroot)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wisdom-soft Set up ScreenHunter 5.1 Free (HKLM-x32\...\Wisdom-soft Set up ScreenHunter 5.1 Free) (Version: - Wisdom Software Inc.)
Wondershare DVD Slideshow Builder Deluxe(Build 6.1.14.0) (HKLM-x32\...\Wondershare DVD Slideshow Builder Deluxe_is1) (Version: 6.1.14.0 - WonderShare Software Co.,Ltd.)
Wondershare MobileGo for iOS ( Version 3.2.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 3.2.0 - Wondershare)
Workspace Desktop (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\workspacedesktop) (Version: - Starfield Technologies)
Xara Web Designer 10 Premium (HKLM\...\MX.{E8BB45AE-F37B-491B-9D97-502484028DFD}) (Version: 10.1.3.35257 - Xara Group Ltd)
Xara Web Designer 10 Premium (Version: 10.1.3.35257 - Xara Group Ltd) Hidden
Xara Web Designer 6 (HKLM-x32\...\MAGIX_MSI_Xara_Web_Designer_6) (Version: 6.0.1.13296 - Xara Group Ltd)
Xara Web Designer 6 (x32 Version: 6.0.1.13296 - Xara Group Ltd) Hidden
Xara Web Designer MX Premium (HKLM-x32\...\MAGIX_{38DEE9EC-DB2A-4151-84AD-1263FC396262}) (Version: 8.1.3.23942 - Xara Group Ltd)
Xara Web Designer MX Premium (Version: 8.1.3.23942 - Xara Group Ltd) Hidden
Zazzle Uploader (HKLM-x32\...\ZazzleUploader) (Version: - Zazzle)
ZipRecover (HKLM-x32\...\ZipRecover) (Version: - )
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{045281D6-AFD2-4cd6-A93D-C07AD6FB20A2}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\SVGFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{0A352EAA-8FF3-404c-AFED-1F9AA02818DD}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\ODPImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{1B00816B-14D7-4442-82B3-15CCF43C0254}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\RTFfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{47C58F72-DD97-4204-9A58-00E0A82E5207}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{4F8ABD16-E446-43C3-A154-484F507060B4}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{55E4C8A1-601C-407f-9DF5-A2652A241AAE}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\EMFFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{7DCC32F2-DAEF-4CDE-A81A-F45DAA3EB0B0}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\HTMLfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{7F75D6E7-EE09-46d8-A83E-040926610774}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\DocImport\DocImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{86A7051E-BCD5-4d1f-9DC6-94BADC257777}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{B189AF08-C20E-44e6-A12E-3790640BBCD0}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\RAWImport\RAWImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{BD1631EA-6D82-4407-9B96-5B40DA7BCCC1}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PDFImport\PDFImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{C0908775-F5BD-4caf-B8BE-7138F7EBAAEE}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PPImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\WebDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\WebDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-02-2015 00:40:43 Windows Update
22-02-2015 08:26:25 Installed PlayOn
22-02-2015 08:57:20 Installed iTunes
22-02-2015 09:51:04 Windows Update
24-02-2015 17:16:20 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-04-24 17:19 - 00000019 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D77A937-CF66-497D-AA92-EED1C198FF87} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {0EA826B8-09D0-43EE-AEBB-4D6DBF8F006A} - System32\Tasks\{E3765F8A-4A8E-441B-B32B-83797E775907} => Firefox.exe
Task: {0EF25A48-59A8-4DC5-A08D-3148FCF72ED6} - System32\Tasks\{0E24DDD1-389A-47D8-B486-CCF51264E668} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {1028D589-9506-4831-9335-2CE9F6B94A98} - System32\Tasks\{74165826-46F4-455C-949A-AF8CCA72B3C1} => pcalua.exe -a C:\Users\Tommi\Downloads\InstantEyedropper.exe -d C:\Users\Tommi\Downloads
Task: {157FB062-7A88-4CEC-8B75-B57BB76DB539} - System32\Tasks\{F65E6BE3-A9A5-4B1B-BE90-1F1A96A75526} => pcalua.exe -a "C:\Users\Tommi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AX444FTW\freefileviewer.exe" -d C:\Users\Tommi\Desktop
Task: {178E27E0-D5F8-4AB4-B21D-CF23A4F67B50} - System32\Tasks\{22D93E76-DF0E-4BAF-878F-4AF1F02AE089} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {1CDA03D2-4483-4D4B-93CD-C7EAE019A1E4} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {1D06391F-E3EB-4943-A175-72F5CBA1100C} - System32\Tasks\Tommi DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-09-17] (Seagate Technology LLC)
Task: {21B9588C-A112-4FFE-91AB-A53BA509D23D} - System32\Tasks\{D093DC83-55BC-470F-A2BF-3D68196703A1} => Firefox.exe http://ui.skype.com/ui/0/6.6.59.106/en/abandoninstall?page=tsMain
Task: {27FB655A-C005-4ED9-BB51-264842D0900C} - System32\Tasks\{769BBE58-6962-444F-A274-38EA50EEA303} => pcalua.exe -a C:\Users\Tommi\Downloads\60-1.exe -d C:\Users\Tommi\Downloads
Task: {3049B04A-54A5-4BD1-BD3D-05406C8D893A} - System32\Tasks\{8D6FCCCC-8346-4C25-9E66-C003FBDEBA69} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {313C028E-99DC-4D41-AA99-3C1A9584F31B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {3EAE738C-7E1D-4723-8213-A67EB25FD872} - System32\Tasks\{5C85C66B-5824-4CCD-B4ED-2FD2C660A356} => pcalua.exe -a C:\Users\Tommi\Downloads\Access2010_64bit_Setup.exe -d C:\Users\Tommi\Documents\AIM\2012_Commercial_Orders
Task: {46C997B3-13C7-460D-9BC0-CB26B8BB76C5} - System32\Tasks\{A01D150E-34A9-487F-B8AC-253A9B48BAAD} => Firefox.exe
Task: {4A467191-75D5-4EA1-A296-05A26D9B119B} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {4E55F0DE-BC32-4F4B-8F97-2F1B89A47CAD} - System32\Tasks\{4978E2B2-5F41-4FA8-8FF9-BF84CFB2D04D} => Firefox.exe http://ui.skype.com/ui/0/5.9.59.115/en/abandoninstall?page=tsProgressBar
Task: {4F4A98EA-D263-4BAD-A8F9-DB12AEADEB3A} - System32\Tasks\{481C97F5-C938-46C8-B8ED-812740C36C03} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {5425FEC0-E0FD-43FB-B9BB-C3A39B7CBDD5} - System32\Tasks\{8968F0D5-7988-4190-863D-D63F4ACEC936} => pcalua.exe -a C:\Users\Tommi\Downloads\60-4.exe -d C:\Users\Tommi\Downloads
Task: {58A7330C-B310-44CB-A012-3B060FA838D8} - System32\Tasks\{FFF44390-B985-4F80-80E3-BD98CD0B43EA} => Firefox.exe
Task: {595B113E-A110-46E0-BE32-EFAD1A99CB3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5C5CB63F-46AD-434B-911B-529FF9E12FCD} - System32\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001 => C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\2352\g2mupdate.exe [2015-02-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {5ED17045-F438-4055-B452-E943025F25B5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {646C3396-1A08-412A-A54A-217CFF0D55DD} - System32\Tasks\{9CD888C7-A133-4153-9EEA-F92315741D09} => pcalua.exe -a C:\Users\Tommi\Downloads\Access2010_64bit_Setup.exe -d C:\Users\Tommi\Documents\AIM\2012_Commercial_Orders
Task: {6EC13E25-5891-4C21-BE23-B0F0775D9F0E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {6F9A3E75-4A94-454A-8EED-6311A92A1815} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {74396C92-01DB-4C95-9540-1AD8F83D1E14} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {7831F242-327E-4FDE-9BB0-F08A62B21109} - System32\Tasks\{F1A0C9F4-1BA6-48C9-8786-2E58BFC15B27} => Firefox.exe
Task: {7F59DEFB-F9B4-4905-AF0C-0855AA2A1832} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {80C9A817-32E5-45DA-99CA-27493C8B4733} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-07-12] (Microsoft Corporation)
Task: {8C609522-E61A-4A2D-8F52-8CA902B59823} - System32\Tasks\{AD30D7BB-D810-4EEE-A183-D4A0C27F96F6} => pcalua.exe -a "C:\Users\Tommi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9XY321Z\NavNext_b63_032709.exe" -d C:\Users\Tommi\Desktop
Task: {8FF650D7-5B68-4BD7-9908-BAAF33CD4FE2} - System32\Tasks\{1AAA6186-BA5E-45FD-87EC-0F34457F1CB1} => Firefox.exe
Task: {9097C770-2E6C-40D7-BE93-F40A59DB7479} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {977D8E00-1B54-4D7B-A950-EE8E19047321} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {99CCC10D-7747-41AC-BB0C-1B38B901BC16} - System32\Tasks\{4A41BC90-C357-4381-A0DF-21B7AA891228} => Firefox.exe
Task: {9FCB25ED-062E-46A5-AA93-D815B4B1F2CA} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A3AE2F41-3032-49F7-8B45-AC69DB59E7B6} - System32\Tasks\{44D3C89E-9500-40B5-B237-6307DA5D8042} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {A533C13A-1DDE-431F-8A73-3683DBA1D8FA} - System32\Tasks\{27A41114-2E1F-40DA-92F5-8FE8AC2D5B3F} => pcalua.exe -a C:\Users\Tommi\Downloads\CoffeeCup\Lock-Box-Full-3.1.118.exe -d C:\Users\Tommi\Downloads\CoffeeCup
Task: {A9D5E424-7E49-445B-8B8D-C4DEE7AC4F97} - System32\Tasks\{867EF48D-E8F9-4218-B8C3-ECC374D4D737} => Firefox.exe
Task: {AD835F93-02A0-41F5-8F3D-2C78E45EE223} - System32\Tasks\{6BA770BA-0FD8-46A9-BCB5-CC3F92878F61} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {B095AFA3-F208-4DE9-8D1A-A3C39AF86DDF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC)
Task: {B60D7553-082E-440C-BD22-0992C1E078B5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {B7315678-A773-4278-BB59-D8F2828859AA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {C8835735-163E-4FBA-A80B-0F78961C32EA} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {C8CB6804-18B8-4D27-B648-6C7EB6B080AE} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe [2014-03-05] (simplitec GmbH)
Task: {DA31C59F-ED21-4AA9-9C11-8D83B6ABA532} - System32\Tasks\AdobeAAMUpdater-1.0-Tommi-PC-Tommi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {DF654C20-B926-4C38-AB5E-DC5F7E7BE5FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {E0C4E660-BA59-4D61-847C-A94A40877B39} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe [2014-03-05] (simplitec GmbH)
Task: {E96FA767-6B2B-4ED2-9594-750C89DAFF05} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E9CA4F4B-0203-4D23-860E-7C75AAE0BBA2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {EE5D8565-58C7-427E-A40B-B16DE9054B45} - System32\Tasks\{A24A8892-64F1-4776-A9A8-BFBED8233491} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {EF22906E-BF9C-4ED3-9B31-CB5B2A7E62A1} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {F0F149CE-C3D5-4334-A732-B474EF7C67CD} - System32\Tasks\{AD133361-D264-4434-9F8A-B784E0E0B776} => Firefox.exe
Task: {F2FF35D3-95C3-4945-95D3-BD0F3DBB5A4B} - System32\Tasks\{0C554F2E-9580-41DD-838C-D4E3D1BDE74E} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {F588DFE7-880F-48E7-932E-D76337C55731} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F5F7A0B5-0FF9-4C98-A18A-956C82126D3B} - System32\Tasks\{8F735B00-8804-46E2-A97D-218BAF9BEDAC} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001.job => C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\2352\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\windows\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) ==============

2013-07-12 08:34 - 2013-07-12 08:34 - 08865448 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-01 12:29 - 2014-05-01 12:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2006-09-14 07:56 - 2006-09-14 07:56 - 00102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2013-07-26 01:31 - 2013-07-26 01:31 - 00066768 _____ () C:\Program Files (x86)\Paragon Software\HFS+ for Windows 9.1\apmwinsrv.exe
2014-07-24 16:05 - 2014-07-24 16:05 - 00210584 _____ () C:\Program Files (x86)\Livedrive\VSSService.exe
2008-12-19 20:20 - 2011-11-12 07:59 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-19 20:20 - 2011-11-12 07:59 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-04-14 12:41 - 2014-04-14 12:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-02-19 20:29 - 2014-02-19 20:29 - 01679832 _____ () C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
2014-02-19 20:29 - 2014-02-19 20:29 - 00012744 _____ () C:\Program Files\Lenovo\Lenovo Solution Center\App\Aspect.dll
2014-06-10 17:50 - 2014-06-10 17:50 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-06-10 22:03 - 2014-06-10 22:03 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-04-21 23:11 - 2014-04-21 23:11 - 00098816 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2015-01-19 02:29 - 2015-01-19 02:29 - 00130560 _____ () C:\Program Files\Genie9\Zoolz2\Settings.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00008704 _____ () C:\Program Files\Genie9\Zoolz2\LogManager.dll
2012-10-21 06:34 - 2012-10-21 06:34 - 00024576 _____ () C:\Program Files\Genie9\Zoolz2\DevNetGlobalCache.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00065536 _____ () C:\Program Files\Genie9\Zoolz2\SharedLib.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00673280 _____ () C:\Program Files\Genie9\Zoolz2\Core.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 01519616 _____ () C:\Program Files\Genie9\Zoolz2\Rescources.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00144896 _____ () C:\Program Files\Genie9\Zoolz2\OnlineManager.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00064512 _____ () C:\Program Files\Genie9\Zoolz2\Watcher.dll
2012-09-26 06:37 - 2012-09-26 06:37 - 00017408 _____ () C:\Program Files\Genie9\Zoolz2\Transitions.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00125440 _____ () C:\Program Files\Genie9\Zoolz2\XspHandler.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00076800 _____ () C:\windows\system32\CompatTel\CosQuery.dll
2014-11-10 03:08 - 2014-03-05 14:17 - 00150816 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\common\asp_ipc32.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 03369922 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuin51.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00544817 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00989805 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 01978690 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuuc51.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 22378434 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icudt51.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 01233408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2014-04-22 02:09 - 2014-04-22 02:09 - 00518656 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2014-04-15 22:12 - 2014-04-15 22:12 - 01554944 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-04-21 22:41 - 2014-04-21 22:41 - 00192512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-04-21 22:42 - 2014-04-21 22:42 - 00632832 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-04-25 01:25 - 2014-04-25 01:25 - 05992960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-03-23 20:33 - 2014-03-23 20:33 - 00068608 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2014-04-21 23:00 - 2014-04-21 23:00 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-03-23 20:33 - 2014-03-23 20:33 - 00144896 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2014-04-21 22:59 - 2014-04-21 22:59 - 01175552 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-04-23 20:13 - 2014-04-23 20:13 - 09825792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-04-28 18:44 - 2014-04-28 18:44 - 01360384 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-04-21 23:05 - 2014-04-21 23:05 - 00200192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-04-21 23:07 - 2014-04-21 23:07 - 00885248 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-04-21 23:09 - 2014-04-21 23:09 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00052224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00261120 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-04-08 01:07 - 2014-04-08 01:07 - 00081408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-04-08 01:06 - 2014-04-08 01:06 - 00143360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 02:56 - 2012-11-29 02:56 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00074240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2014-04-21 23:07 - 2014-04-21 23:07 - 00642048 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-04-21 23:09 - 2014-04-21 23:09 - 00458752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-03-23 21:08 - 2014-03-23 21:08 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00040960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-07-24 15:58 - 2014-07-24 15:58 - 00816128 _____ () C:\Program Files (x86)\Livedrive\Localisation.dll
2011-07-28 16:20 - 2011-07-28 16:20 - 00270336 _____ () C:\Program Files (x86)\Livedrive\AlphaFS.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\olepro32.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igdumdx32.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igdumd32.dll
2011-09-23 21:54 - 2011-09-23 21:54 - 00465344 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ\sqlite3.dll
2014-06-26 10:24 - 2014-06-26 10:24 - 00861784 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2015-02-15 06:50 - 2015-02-15 06:50 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-11-12 07:41 - 2010-11-05 16:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-01-26 20:47 - 2015-01-26 20:47 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igd10umd32.dll
2014-10-16 02:15 - 2014-10-16 02:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\MSVBVM60.DLL
2015-02-05 01:40 - 2015-02-05 01:40 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-03-14 04:35 - 2012-03-14 04:35 - 00197408 _____ () C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:C59E90A4
AlternateDataStreams: C:\ProgramData\Temp:F8AF2BB9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR322 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-136662411-4183305618-733280024-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: EasyRedirect => 2

==================== Accounts: =============================

Administrator (S-1-5-21-136662411-4183305618-733280024-500 - Administrator - Disabled)
Guest (S-1-5-21-136662411-4183305618-733280024-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-136662411-4183305618-733280024-1004 - Limited - Enabled)
Tommi (S-1-5-21-136662411-4183305618-733280024-1001 - Administrator - Enabled) => C:\Users\Tommi

==================== Faulty Device Manager Devices =============

Name: Lenovo EasyCamera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2109398

Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2109398

Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2099430

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2099430

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19437

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19437

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:09:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 101.1.168.192.in-addr.arpa. PTR Tommi-PC.local.


System errors:
=============
Error: (02/25/2015 10:46:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 10:45:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 10:45:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 10:44:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RemoteAccess service.

Error: (02/25/2015 10:09:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 10:08:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 09:54:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 08:50:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 08:49:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (02/25/2015 08:48:48 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.


Microsoft Office Sessions:
=========================
Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2109398

Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2109398

Error: (02/25/2015 10:44:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2099430

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2099430

Error: (02/25/2015 10:44:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19437

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19437

Error: (02/25/2015 10:09:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/25/2015 10:09:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 101.1.168.192.in-addr.arpa. PTR Tommi-PC.local.


CodeIntegrity Errors:
===================================
Date: 2015-02-20 02:41:18.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:41:18.545
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:41:18.394
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:41:18.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:31.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:31.392
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:31.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:31.091
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:29.185
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-20 02:40:29.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appidapi.dll because the set of per-page image hashes could not be found on the system.


 

 
Even zipped, Bleeping Computer system is saying that my HijackThis, MalwareBytes and FarberScan Shirtcut.txt files are too large to upload (HijackThis is only 21KB).  What should I do???

Edited by Oh My!, 07 March 2015 - 08:53 PM.
Posted logs


BC AdBot (Login to Remove)

 


#2 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 25 February 2015 - 01:29 PM

Here is paste of HijackThis log that goes with above post:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:17:28 AM, on 02/25/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)

FIREFOX: 35.0.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files\Webroot\WRSA.exe
C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
C:\Program Files (x86)\Livedrive\Livedrive.exe
C:\Users\Tommi\AppData\Local\Workspace\workspaceupdate.exe
C:\Users\Tommi\AppData\Local\Workspace\wben.exe
C:\Users\Tommi\AppData\Local\Workspace\outsync.exe
C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\windows\SysWow64\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\windows\SysWow64\notepad.exe
C:\windows\SysWow64\NOTEPAD.EXE
C:\Users\Tommi\Downloads\Hijack_This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
O3 - Toolbar: PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O4 - HKLM\..\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [SmileboxTray] "C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [Screenpresso] "C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" -startup
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files (x86)\Livedrive\Livedrive.exe" /setup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Starfield Updater] "C:\Users\Tommi\AppData\Local\Workspace\WorkspaceUpdate.exe"
O4 - HKCU\..\Run: [wben] "C:\Users\Tommi\AppData\Local\Workspace\wben.exe"
O4 - HKCU\..\Run: [ogcsn] "C:\Users\Tommi\AppData\Local\Workspace\outsync.exe"
O4 - HKCU\..\Run: [Workspace Status] "C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Zoolz Tray] "C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [wben] "C:\Users\Tommi\AppData\Local\Workspace\wben.exe" (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ogcsn] "C:\Users\Tommi\AppData\Local\Workspace\outsync.exe" (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Workspace Status] "C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe" (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (User '?')
O4 - HKUS\S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoolz Tray] "C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay" (User '?')
O4 - S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User '?')
O4 - S-1-5-21-136662411-4183305618-733280024-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (User '?')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O4 - Global Startup: Snagit 11.lnk = C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: PlayOn - file://C:\Program Files (x86)\MediaMall\toolbar\MenuLoad.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PlayOn - {936CEA21-9A68-46D9-A31B-1173A976D896} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O9 - Extra 'Tools' menuitem: PlayOn - {936CEA21-9A68-46D9-A31B-1173A976D896} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://meetings.webex.com/client/WBXclient-T28L10NSP12-16655/webex/ieatgpc1.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Paragon APM service (apmwinsrv) - Unknown owner - C:\Program Files (x86)\Paragon Software\HFS+ for Windows  9.1\apmwinsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: WebEx Service Host for Support Center (atashost) - Cisco WebEx LLC - C:\windows\SysWOW64\atashost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
O23 - Service: Encrypting File System (EFS) (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Fax - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CNG Key Isolation (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files (x86)\Livedrive\VSSService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Neat Startup Service - The Neat Company - C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: Netlogon - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NTI BackupNowEZSvr - NTI Corporation - C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SNMP Trap (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Interactive Services Detection (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Credential Manager (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: Windows Activation Technologies Service (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WRSVC - Webroot - C:\Program Files\Webroot\WRSA.exe
O23 - Service: Zoolz Backup Service (Zoolz 2 Service) - Genie9 - C:\Program Files\Genie9\Zoolz2\ZoolzService.exe

--
End of file - 22762 bytes
 



#3 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 25 February 2015 - 01:34 PM

Farbar Service Scanner Version: 17-01-2015
Ran by Tommi (administrator) on 25-02-2015 at 09:37:45
Running from "C:\Users\Tommi\Downloads\Farber_Recovery_Scan\Farber_Service_Scanner"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****



#4 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 25 February 2015 - 01:42 PM

I managed to successfully paste a couple of the logs above but got an ERROR saying I did not have permission when I tried to paste the Farber "shortcut.txt"bscan result.  Is this needed?

 

Malwarebytes Premium is running now.  When done I will post that log.

 

My hardware is a Lenovo G570 laptop with Windows 7 O/S.  I have Webroor SecureAnywhere anti-virus and just installed Malwarebytes.  Let me know anything else needed!  :-)



#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,623 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 02 March 2015 - 01:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/568288 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,591 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:33 PM

Posted 07 March 2015 - 09:32 PM

Greetings Mimi and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Can you tell me if you are aware of this setting?
 

nointegritychecks: ==> Integrity Checks is disabled


Please consider and do these things.

===================================================

Use of Registry Cleaner Not Recommended

--------------------

BleepingComputer DOES NOT recommend the use of registry cleaners/optimizers or the registry cleaner component of software for several reasons:
  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
    • The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
  • Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.
If you persist in using a registry cleaner you should always backup the registry before doing so.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM-x32\...\Run: [Join Multiple Zip Files Into One Software.exe] => [X]
HKLM-x32\...\Run: [(default)] => [X]
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM-x32 -> DefaultScope {A833D0B2-645C-4E8A-ABBE-EF95111DB39F} URL =
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 CrucialSMBusScan; \??\C:\Users\Tommi\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X]
U2 DriverService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
S3 PCDSRVC{2B7BBB7B-C21D2F20-06020000}_0; \??\c:\program files (x86)\lenovo hard drive quick test\pcdsrvc_x64.pkms [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
U2 Stereo Service; No ImagePath
2012-08-25 21:49 - 2012-08-25 21:49 - 3993600 _____ () C:\Program Files (x86)\GUTFB79.tmp
2013-06-07 23:16 - 2013-06-07 23:17 - 0000035 _____ () C:\Users\Tommi\AppData\Local\temp.tmp
C:\ProgramData\uninstaller.exe
AlternateDataStreams: C:\ProgramData\Temp:C59E90A4
AlternateDataStreams: C:\ProgramData\Temp:F8AF2BB9
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • AdwCleaner log
  • System Summary Information
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 07 March 2015 - 11:14 PM

Thanks SO much for the help!  Here are the results of the tasks you assigned to me:

 

1.  I am not familiar with Integrity Checks setting.

 

2.  Fixlist Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-03-2015 01
Ran by Tommi at 2015-03-07 21:07:54 Run:1
Running from C:\Users\Tommi\Desktop
Loaded Profiles: Tommi (Available profiles: Tommi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [Join Multiple Zip Files Into One Software.exe] => [X]
HKLM-x32\...\Run: [(default)] => [X]
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM-x32 -> DefaultScope {A833D0B2-645C-4E8A-ABBE-EF95111DB39F} URL =
BHO: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 CrucialSMBusScan; \??\C:\Users\Tommi\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X]
U2 DriverService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
S3 PCDSRVC{2B7BBB7B-C21D2F20-06020000}_0; \??\c:\program files (x86)\lenovo hard drive quick test\pcdsrvc_x64.pkms [X]
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
U2 Stereo Service; No ImagePath
2012-08-25 21:49 - 2012-08-25 21:49 - 3993600 _____ () C:\Program Files (x86)\GUTFB79.tmp
2013-06-07 23:16 - 2013-06-07 23:17 - 0000035 _____ () C:\Users\Tommi\AppData\Local\temp.tmp
C:\ProgramData\uninstaller.exe
AlternateDataStreams: C:\ProgramData\Temp:C59E90A4
AlternateDataStreams: C:\ProgramData\Temp:F8AF2BB9
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Join Multiple Zip Files Into One Software.exe => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\(default) => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key deleted successfully.
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
"HKCR\PROTOCOLS\Handler\dssrequest" => Key deleted successfully.
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => Key not found.
"HKCR\PROTOCOLS\Handler\sacore" => Key deleted successfully.
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => Key not found.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
CrucialSMBusScan => Service deleted successfully.
DriverService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
nvUpdatusService => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerServic => Service deleted successfully.
PCDSRVC{2B7BBB7B-C21D2F20-06020000}_0 => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SoftwareService => Service deleted successfully.
SR => Service deleted successfully.
srservice => Service deleted successfully.
Stereo Service => Service deleted successfully.
C:\Program Files (x86)\GUTFB79.tmp => Moved successfully.
C:\Users\Tommi\AppData\Local\temp.tmp => Moved successfully.
C:\ProgramData\uninstaller.exe => Moved successfully.
C:\ProgramData\Temp => ":C59E90A4" ADS removed successfully.
C:\ProgramData\Temp => ":F8AF2BB9" ADS removed successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\exefile" => Key deleted successfully.

==== End of Fixlog 21:07:59 ====

 

I will reply in a few minutes with the next Logs requested.

 

Mimi

Proverbs 31

 



#8 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 07 March 2015 - 11:49 PM

3.  There are TWO ADWCleaner logs (when I could not initially find the log file, I was just about to run it againa nd launched the app but did not run it so I don't *think* that produced the second log?).  The first one below is named AdwCleaner[R0].txt.  Here is that log:

 

# AdwCleaner v4.111 - Logfile created 07/03/2015 at 20:26:29
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tommi - TOMMI-PC
# Running from : C:\Users\Tommi\Downloads\ADWcleaner\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****
 

The second log is named AdwCleaner[S0].txt.  Here is that log:

 

# AdwCleaner v4.111 - Logfile created 07/03/2015 at 20:32:37
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tommi - TOMMI-PC
# Running from : C:\Users\Tommi\Downloads\ADWcleaner\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

 

4.  Please see SUMMARY zip file attached.  Oops it will not attach!  Its zipped size is 181 kb but Bleepin Computer system restricts files to 5.29KB.  Please advise?

 

Thanks Gary!!!



#9 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 08 March 2015 - 01:44 AM

My zipped Summary.zip file is 181 KB and this site will not accept an attachment of this size.  I could upload it to BOX andpo st the link here (all anonymous).  Or do you have another suggestion?

 

Thanks Gary!

Mimi



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,591 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:33 PM

Posted 08 March 2015 - 04:23 PM

Hi Mimi,

Sorry for the delay. Please do this and then see if you can post the attachment.

===================================================

Managing Attachments

----------
  • Navigate to the top of this post
  • In the upper right hand corner you will see your screen name
  • Left click on that and a drop down list will appear
  • Select My Settings
  • On the left hand side under General Settings click on Manage Attachments
  • To the very right on the blue bar just above the first entry click on the open check box
  • All of the checkboxes should now be checked
  • Click Delete Selected
  • Your should now see You have used 0bytes of 250K

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 08 March 2015 - 04:59 PM

Thank you for the tips.  Here is last (Summary) attachment. 

 

Thanks!

Mimi

 

(Great marketplace ministry!)

Attached Files



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,591 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:33 PM

Posted 08 March 2015 - 05:45 PM

Thanks Mimi on several fronts! :)

How is your computer running?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 08 March 2015 - 06:24 PM

Slow but doable (likely because my hard drive is almost full which is why I need to be able to access my Zoolz reseller/back-up account which has 2TB of purchased storage)..  The concerning issues are that something is blocking me from using Remote Desktop Connection and also from connecting to my Zoolz back-up account.  while under extended warranty two or three tech support engineers could not solve the Remote Desktop connection issue, nor could a MS certified Engineer.  Thet were all stumped and I still cannot connect.

 

The Zoolsz tech support team spent hours trying things and having me try things on a shared screen and likewise could not resolve why I cannot connect to my Zoolz reseller/back-up account.  Everytime I try, the Zoolsz system displays a .Net framework error, however, both the Zoollz tech team and I ran the Net framework repair tool, then when that did not work, we uninstalled and reinstalled the newest version of Net Framework but got same error when trying to log-in to Zoolsz.  Today,          system would not let me install Winzip.  It just froze at 97% of install every time I tried.  Most other programs install and run fine.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,591 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:33 PM

Posted 08 March 2015 - 06:41 PM

Please rerun a FRST report making sure to place a check mark in the Addition.txt box. Post both logs for me.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 mimiy2k

mimiy2k
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 08 March 2015 - 07:03 PM

Hi Gary,

 

I just reran FRST and ADDITION>  Here is a paste of the two reports.

 

FRST REPORT:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
Ran by Tommi (administrator) on TOMMI-PC on 08-03-2015 16:51:51
Running from C:\Users\Tommi\Downloads\Farber_Recovery_Scan
Loaded Profiles: Tommi (Available profiles: Tommi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows  9.1\apmwinsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
() C:\Program Files (x86)\Livedrive\VSSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Smilebox, Inc.) C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe
(Learnpulse) C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Livedrive Internet Ltd) C:\Program Files (x86)\Livedrive\Livedrive.exe
(Starfield Technologies) C:\Users\Tommi\AppData\Local\Workspace\workspaceupdate.exe
(Starfield Technologies, LLC) C:\Users\Tommi\AppData\Local\Workspace\wben.exe
(Starfield Technologies, LLC) C:\Users\Tommi\AppData\Local\Workspace\outsync.exe
(Starfield Technologies) C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\Zoolz.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(CoffeeCup Software) C:\Program Files (x86)\CoffeeCup Software\CoffeeCup LockBox\LockBox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
(CoffeeCup Software) C:\Program Files (x86)\CoffeeCup Software\FreeZip\cczip.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(PC-Doctor, Inc.) C:\Program Files\PC-Doctor\pcdrcui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AvniTech Solutions) C:\Program Files (x86)\WhizFolders Organizer\whizfolders.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2011-11-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-11-12] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2011-11-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5702216 2015-01-30] (Box, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [798544 2015-03-06] (Webroot)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-06-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1518664 2014-09-17] (Seagate Technology LLC)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127080 2014-09-17] (Seagate Technology LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [596480 2014-04-21] (NETGEAR Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [SmileboxTray] => C:\Users\Tommi\AppData\Roaming\Smilebox\SmileboxTray.exe [342312 2014-09-12] (Smilebox, Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Screenpresso] => C:\Users\Tommi\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [11001872 2014-11-22] (Learnpulse)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Livedrive\Livedrive.exe [1842840 2014-07-24] (Livedrive Internet Ltd)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Starfield Updater] => C:\Users\Tommi\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2014-11-23] (Starfield Technologies)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [wben] => C:\Users\Tommi\AppData\Local\Workspace\wben.exe [1078896 2014-10-20] (Starfield Technologies, LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [ogcsn] => C:\Users\Tommi\AppData\Local\Workspace\outsync.exe [1011696 2013-07-09] (Starfield Technologies, LLC)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Workspace Status] => C:\Users\Tommi\AppData\Local\Workspace\workspacestatus.exe [694760 2014-11-23] (Starfield Technologies)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [Zoolz Tray] => C:\Program Files\Genie9\Zoolz2\Zoolz.exe [1961832 2015-01-20] (Genie9)
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Run: [UpdateAdmin] => C:\Users\Tommi\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {9a216f5d-3530-3b1a-8006-9a1233402fba} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {7388e4d9-88a2-3c0e-8452-869aea4d1abc} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {4c3d7a5e-7476-3c21-9717-0614ce209c44} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {aa0bacc8-a5df-34b0-acd8-e6739d92010e} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {0f20db5b-365d-3cc6-82eb-41207f77bb71} => C:\windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [BackupOverlay] -> {B44A5D93-1351-41A1-BD91-5E92435D8ECD} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.usatoday.com/
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://lenovo.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-136662411-4183305618-733280024-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-i3752
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-06-10] (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-07-12] (Microsoft Corporation)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2014-09-26] (MediaMall Technologies, Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-02-26] (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-12] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-06-10] (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25] (Oracle Corporation)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2014-09-26] (MediaMall Technologies, Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-02-26] (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25] (Oracle Corporation)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2014-09-26] (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2014-09-26] (MediaMall Technologies, Inc.)
DPF: HKLM {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://meetings.webex.com/client/WBXclient-T28L10NSP12-16655/webex/ieatgpc1.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-04-05] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog9-x64 01 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 02 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 03 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 04 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Winsock: Catalog9-x64 16 C:\windows\system32\EasyRedirect64.dll [503112] (EasyTech)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981
FF Homepage: www.usatoday.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-07-31] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2014-09-26] (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-06-26] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-06-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-06-26] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Tommi\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-07-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 -> C:\Users\Tommi\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll [2014-01-03] ( )
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/off -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npoff.dll [2014-11-23] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/off64 -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2014-11-23] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/wbe -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2013-02-07] (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-136662411-4183305618-733280024-1001: @starfield.com/wbe64 -> C:\Users\Tommi\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2013-02-07] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-06-09] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npoff.dll [2014-11-23] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npoff64.dll [2014-11-23] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npwbe.dll [2013-02-07] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Tommi\AppData\Roaming\mozilla\plugins\npwbe64.dll [2013-02-07] (Starfield Technology, LLC)
FF Extension: WBE Paste - C:\Users\Tommi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2012-03-05]
FF Extension: Workspace Email Zoom - C:\Users\Tommi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield [2012-03-05]
FF Extension: iCloud Bookmarks - C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981\Extensions\firefoxdav@icloud.com [2014-11-14]
FF Extension: PlayOn - C:\Users\Tommi\AppData\Roaming\Mozilla\Firefox\Profiles\ui3kyvda.default-1399152729981\Extensions\playonplugin@playon.tv [2015-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2015-03-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-26]
FF HKLM-x32\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2015-02-17]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Tommi\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 apmwinsrv; C:\Program Files (x86)\Paragon Software\HFS+ for Windows  9.1\apmwinsrv.exe [66768 2013-07-26] ()
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28696 2015-01-30] (Box, Inc.)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
R2 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-11-12] (Macrovision Europe Ltd.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-02-21] ()
R2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [210584 2014-07-24] ()
S2 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5911856 2015-02-09] (MediaMall Technologies, Inc.)
S3 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2012-12-07] (The Neat Company) [File not signed]
S2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [225792 2014-03-23] (NETGEAR) [File not signed]
R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-06-26] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [798544 2015-03-06] (Webroot)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [469864 2015-01-20] (Genie9)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-07-26] (Paragon Software Group)
R1 CbFs; C:\windows\system32\drivers\cbfs.sys [191960 2010-02-16] (EldoS Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2013-07-26] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [204496 2013-07-26] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-07-26] (Paragon Software Group)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46280 2013-02-21] (AnchorFree Inc.)
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\BF24.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [45776 2013-07-26] (Paragon Software Group)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-06-15] (CACE Technologies, Inc.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2015-03-06] (Webroot)
S3 wrUrlFlt; C:\windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-03-03] (Webroot)
S0 ydbIonxJ; C:\Windows\System32\drivers\ydbIonxJ.sys [114176 2015-03-07] (Webroot)
R3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-07 21:59 - 2015-03-07 21:59 - 00000000 ____D () C:\Users\Tommi\AppData\Local\WinZip
2015-03-07 21:59 - 2015-03-07 21:59 - 00000000 ____D () C:\ProgramData\WinZip
2015-03-07 21:58 - 2015-03-07 21:59 - 00000000 ____D () C:\Program Files\WinZip
2015-03-07 21:58 - 2015-03-07 21:58 - 00001110 _____ () C:\Users\Tommi\Desktop\Continue WinZip Installation.lnk
2015-03-07 21:58 - 2015-03-07 21:58 - 00000000 ____D () C:\windows\CD95F661A5C444F5A6AAECDD91C240E7.TMP
2015-03-07 21:57 - 2015-03-07 21:57 - 01079200 _____ (Software Program ) C:\Users\Tommi\Downloads\winzip19-new.exe
2015-03-07 21:53 - 2015-03-07 22:10 - 00000000 ____D () C:\Users\Tommi\AppData\Local\UpdateAdmin
2015-03-07 21:53 - 2015-03-07 21:53 - 00114176 _____ (Webroot) C:\windows\system32\Drivers\ydbIonxJ.sys
2015-03-07 21:53 - 2015-03-07 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
2015-03-07 21:53 - 2015-03-07 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-07 21:53 - 2015-03-07 21:53 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2015-03-07 21:51 - 2015-03-07 21:51 - 79310096 _____ () C:\Users\Tommi\Downloads\7zip-setup.exe
2015-03-07 21:29 - 2015-03-07 21:29 - 04074894 _____ () C:\Users\Tommi\Documents\SUMMARY.nfo
2015-03-07 21:06 - 2015-03-07 18:11 - 02094592 _____ (Farbar) C:\Users\Tommi\Desktop\FRST64.exe
2015-03-07 20:26 - 2015-03-07 20:32 - 00000000 ____D () C:\AdwCleaner
2015-03-07 20:25 - 2015-03-07 20:25 - 00000000 ____D () C:\Users\Tommi\Downloads\ADWcleaner
2015-03-07 19:14 - 2015-03-07 19:15 - 00000000 ____D () C:\Users\Tommi\Downloads\Auto_Runs
2015-03-06 12:16 - 2015-03-06 12:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 12:00 - 2015-03-06 12:00 - 00003340 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-03-06 12:00 - 2015-03-06 12:00 - 00003206 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-28 19:22 - 2015-03-07 20:32 - 02178947 _____ () C:\Users\Tommi\Documents\Getting Started with WhizFolders 6.6.wzfolder
2015-02-28 19:21 - 2015-02-28 19:21 - 00004975 _____ () C:\ProgramData\kgbednyf.fiy
2015-02-28 19:21 - 2015-02-28 19:21 - 00001073 _____ () C:\Users\Public\Desktop\WhizFolders.lnk
2015-02-28 19:21 - 2015-02-28 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhizFolders Organizer
2015-02-28 19:21 - 2015-02-28 19:21 - 00000000 ____D () C:\Program Files (x86)\WhizFolders Organizer
2015-02-28 19:06 - 2015-02-28 19:06 - 00000000 ____D () C:\Users\Tommi\Downloads\WhizFolders
2015-02-26 12:22 - 2015-02-26 12:22 - 658960182 _____ () C:\windows\MEMORY.DMP
2015-02-26 12:20 - 2015-03-03 02:51 - 00041040 ____T (Webroot) C:\windows\system32\Drivers\wrUrlFlt.sys
2015-02-25 16:34 - 2015-03-07 20:39 - 00003362 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-25 16:34 - 2015-03-07 20:39 - 00003228 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001
2015-02-25 13:36 - 2015-02-25 13:36 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-02-25 12:39 - 2015-02-25 12:39 - 00010048 ____N () C:\bootsqm.dat
2015-02-25 09:39 - 2015-03-08 16:52 - 00000000 ____D () C:\FRST
2015-02-25 08:57 - 2015-02-25 09:17 - 00000000 ____D () C:\Users\Tommi\Downloads\Hijack_This
2015-02-25 08:55 - 2015-02-25 08:55 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (4)
2015-02-25 08:54 - 2015-02-25 08:54 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (3)
2015-02-25 08:53 - 2015-03-08 16:51 - 00000000 ____D () C:\Users\Tommi\Downloads\Farber_Recovery_Scan
2015-02-25 08:53 - 2015-02-25 08:53 - 00000000 ____D () C:\Users\Tommi\Downloads\New folder (2)
2015-02-24 23:11 - 2015-02-24 23:15 - 00000000 ____D () C:\Users\Tommi\Desktop\Zoolz_Log_Folder
2015-02-24 22:50 - 2015-02-24 22:50 - 00000000 ____D () C:\Users\Tommi\New folder
2015-02-24 17:37 - 2015-02-24 17:37 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-24 17:35 - 2015-01-08 16:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-24 17:35 - 2015-01-08 16:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-22 09:03 - 2015-02-22 09:03 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-22 09:03 - 2015-02-22 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\Program Files\iTunes
2015-02-22 09:02 - 2015-02-22 09:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-22 09:02 - 2015-02-22 09:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-22 08:33 - 2015-02-22 08:33 - 00002053 _____ () C:\Users\Public\Desktop\PlayOn.lnk
2015-02-22 08:33 - 2015-02-22 08:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2015-02-22 08:30 - 2015-02-22 08:30 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2015-02-22 08:29 - 2015-02-25 12:08 - 00000000 ____D () C:\ProgramData\MediaMall
2015-02-22 08:22 - 2015-02-22 08:51 - 00000000 ____D () C:\Users\Tommi\Downloads\PlayOn-PlayLater
2015-02-22 01:04 - 2015-02-22 01:04 - 00000368 _____ () C:\windows\PFRO.log
2015-02-22 00:25 - 2015-02-22 00:25 - 00000000 ____D () C:\New folder
2015-02-21 23:43 - 2015-03-08 06:35 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-21 23:43 - 2015-02-21 23:43 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-21 23:43 - 2015-02-21 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-21 23:43 - 2015-02-21 23:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-21 23:43 - 2014-11-21 07:08 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-21 23:43 - 2014-11-21 07:07 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-21 23:43 - 2014-11-21 07:07 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-21 23:38 - 2015-02-21 23:39 - 00000000 ____D () C:\Users\Tommi\Downloads\MalwareBytes_Premium
2015-02-21 23:08 - 2015-02-21 23:19 - 00000000 ____D () C:\Users\Tommi\Documents\PetHotel
2015-02-21 20:28 - 2015-02-21 20:28 - 00262144 _____ () C:\windows\Minidump\022115-61121-01.dmp
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (14)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (13)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (12)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (11)
2015-02-20 04:50 - 2015-02-20 04:50 - 00000000 ____D () C:\Users\Tommi\Documents\New folder (10)
2015-02-20 04:40 - 2015-02-20 04:40 - 00347816 _____ (Microsoft Corporation) C:\Users\Tommi\Downloads\MicrosoftFixit.Printing.LB.1423478884003750.1.1.Run.exe
2015-02-20 00:52 - 2015-03-08 13:53 - 00002644 _____ () C:\windows\setupact.log
2015-02-20 00:52 - 2015-02-20 00:52 - 00000000 _____ () C:\windows\setuperr.log
2015-02-17 05:27 - 2015-02-17 05:27 - 00000948 _____ () C:\Users\Tommi\Desktop\Zoolz.lnk
2015-02-17 05:27 - 2015-02-17 05:27 - 00000000 ___RD () C:\Users\Tommi\Desktop\No-Zoolz Zone
2015-02-17 05:26 - 2015-02-17 05:26 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoolz
2015-02-17 05:18 - 2015-02-17 05:18 - 06391929 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetup.exe
2015-02-17 04:51 - 2015-02-17 04:52 - 00000000 ____D () C:\Users\Tommi\Documents\Fiddler2
2015-02-17 04:51 - 2015-02-17 04:51 - 00001888 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler4.lnk
2015-02-17 04:51 - 2015-02-17 04:51 - 00000000 ____D () C:\Program Files (x86)\Fiddler2
2015-02-17 04:50 - 2015-02-17 04:50 - 01173176 _____ (Telerik) C:\Users\Tommi\Downloads\fiddler4setup.exe
2015-02-17 03:57 - 2015-02-17 04:22 - 01965938 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetup.exe.part
2015-02-16 16:43 - 2015-02-16 16:43 - 00010910 _____ () C:\Users\Tommi\Desktop\AppDataFolder.zip
2015-02-16 16:41 - 2015-02-16 16:41 - 00002922 _____ () C:\Users\Tommi\Desktop\ProgramFilesLogs.zip
2015-02-16 16:08 - 2015-02-17 05:26 - 00000000 ____D () C:\Program Files\Genie9
2015-02-15 06:21 - 2015-02-15 08:50 - 00000000 ____D () C:\Users\Tommi\Documents\Healthcare.gov_Application
2015-02-15 01:29 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-02-15 01:29 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-02-15 01:29 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-02-15 01:29 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-02-15 01:29 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-02-15 01:29 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-02-15 01:29 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-02-15 01:29 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-02-15 01:28 - 2014-10-17 19:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-02-15 01:28 - 2014-10-17 18:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-02-15 01:25 - 2015-02-15 01:32 - 00000000 ____D () C:\Users\Tommi\Documents\backup_solutions
2015-02-15 00:18 - 2015-02-15 00:28 - 00000000 ____D () C:\Users\Tommi\Downloads\Zoolsz
2015-02-15 00:14 - 2015-02-15 00:14 - 50449456 _____ (Microsoft Corporation) C:\Users\Tommi\Downloads\dotNetFx40_Full_x86_x64.exe
2015-02-15 00:00 - 2015-02-16 23:30 - 00000000 ____D () C:\Users\Tommi\Downloads\MS_Net_Framework
2015-02-14 23:56 - 2015-02-14 23:56 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Genie9
2015-02-14 23:23 - 2015-02-14 23:25 - 06339368 _____ (Genie9) C:\Users\Tommi\Downloads\ZoolzSetupHome.exe
2015-02-10 20:51 - 2015-01-13 23:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-10 20:51 - 2015-01-13 22:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-10 20:51 - 2015-01-13 22:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-10 20:51 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-02-10 20:51 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-02-10 20:51 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-02-10 20:51 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-02-10 20:50 - 2015-01-13 23:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-10 20:50 - 2015-01-13 23:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-10 20:50 - 2015-01-13 23:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-10 20:50 - 2015-01-13 22:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-10 20:49 - 2015-02-03 20:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-10 20:49 - 2015-02-03 20:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-10 20:49 - 2015-01-27 16:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-10 20:48 - 2015-01-09 23:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-10 20:48 - 2015-01-09 23:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-10 20:48 - 2015-01-09 23:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-10 20:46 - 2015-01-13 22:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-10 20:46 - 2015-01-13 22:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-10 20:46 - 2015-01-11 20:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-10 20:46 - 2015-01-11 20:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-10 20:46 - 2015-01-11 20:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-10 20:46 - 2015-01-11 19:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-10 20:46 - 2015-01-11 19:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-10 20:46 - 2015-01-11 19:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-10 20:46 - 2015-01-11 19:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-10 20:46 - 2015-01-11 19:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-10 20:46 - 2015-01-11 19:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-10 20:46 - 2015-01-11 19:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-10 20:46 - 2015-01-11 19:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-10 20:46 - 2015-01-11 19:33 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-10 20:46 - 2015-01-11 19:32 - 06041088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-10 20:46 - 2015-01-11 19:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-10 20:46 - 2015-01-11 19:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-10 20:46 - 2015-01-11 19:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-10 20:46 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-10 20:46 - 2015-01-11 19:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 20:46 - 2015-01-11 19:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-10 20:46 - 2015-01-11 19:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-10 20:46 - 2015-01-11 19:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-10 20:46 - 2015-01-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-10 20:46 - 2015-01-11 19:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-10 20:46 - 2015-01-11 19:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-10 20:46 - 2015-01-11 19:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-10 20:46 - 2015-01-11 18:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-10 20:46 - 2015-01-11 18:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-10 20:46 - 2015-01-11 18:55 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-10 20:46 - 2015-01-11 18:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-10 20:46 - 2015-01-11 18:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-10 20:46 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-10 20:46 - 2015-01-11 18:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-10 20:46 - 2015-01-11 18:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-10 20:46 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-10 20:46 - 2015-01-11 18:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-10 20:46 - 2015-01-11 18:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 20:46 - 2015-01-11 18:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-10 20:46 - 2015-01-11 18:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-10 20:46 - 2015-01-11 18:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-10 20:46 - 2015-01-11 18:29 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-10 20:46 - 2015-01-11 18:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-10 20:46 - 2015-01-11 18:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-10 20:46 - 2015-01-11 18:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-10 20:46 - 2015-01-11 18:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-10 20:46 - 2015-01-11 18:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-10 20:46 - 2015-01-11 18:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-10 20:46 - 2015-01-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-10 20:46 - 2015-01-11 18:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-10 20:46 - 2015-01-11 17:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-10 20:46 - 2015-01-11 17:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-10 20:45 - 2015-01-15 01:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-10 20:45 - 2015-01-15 01:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-10 20:45 - 2015-01-15 01:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-10 20:45 - 2015-01-15 01:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-10 20:45 - 2015-01-15 01:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-10 20:45 - 2015-01-15 01:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-10 20:45 - 2015-01-15 01:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-10 20:45 - 2015-01-15 01:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-10 20:45 - 2015-01-15 01:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-10 20:45 - 2015-01-15 00:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-10 20:45 - 2015-01-15 00:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-10 20:45 - 2015-01-15 00:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-10 20:45 - 2015-01-15 00:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-10 20:45 - 2015-01-15 00:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-10 20:45 - 2015-01-15 00:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-10 20:45 - 2015-01-14 21:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-10 20:45 - 2015-01-12 20:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-10 20:45 - 2015-01-12 19:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-10 20:44 - 2014-12-11 22:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-10 20:44 - 2014-12-11 22:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-10 20:44 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-10 20:44 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-10 20:44 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-10 20:44 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-10 20:43 - 2014-11-25 20:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-10 20:43 - 2014-11-25 20:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-10 20:43 - 2014-10-03 19:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-10 20:43 - 2014-10-03 18:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-02-10 20:43 - 2014-10-03 18:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-02-10 20:42 - 2014-12-07 20:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-10 20:42 - 2014-12-07 19:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-10 20:41 - 2015-01-08 19:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-10 02:06 - 2015-02-10 02:06 - 00000000 ____D () C:\Users\Tommi\AppData\Local\Box Sync
2015-02-10 02:04 - 2015-02-10 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2015-02-10 02:02 - 2015-02-10 02:02 - 00000000 ____D () C:\Program Files\Box
2015-02-10 02:01 - 2015-02-10 02:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-10 01:58 - 2015-02-10 01:59 - 00000000 ____D () C:\Users\Tommi\Downloads\BOX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 16:49 - 2011-11-13 03:09 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\Skype
2015-03-08 16:40 - 2013-03-27 07:29 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 16:11 - 2011-12-18 11:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 16:11 - 2011-12-18 10:43 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 16:08 - 2014-03-06 18:29 - 00000562 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001.job
2015-03-08 14:15 - 2014-06-04 12:56 - 01416924 _____ () C:\windows\WindowsUpdate.log
2015-03-08 13:57 - 2014-06-15 18:02 - 00000000 ____D () C:\Users\Tommi\AppData\Local\Adobe
2015-03-08 13:55 - 2011-12-03 14:34 - 00003492 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2015-03-08 13:55 - 2011-12-03 14:34 - 00000466 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2015-03-08 06:36 - 2009-07-13 22:13 - 00815570 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-07 23:40 - 2011-12-12 20:41 - 00000000 ____D () C:\My Zip Files
2015-03-07 23:04 - 2011-11-16 00:01 - 00000000 ____D () C:\Users\Tommi\Documents\Medical
2015-03-07 22:13 - 2013-05-07 16:42 - 00000000 ____D () C:\ProgramData\WRData
2015-03-07 21:51 - 2013-10-15 12:27 - 00000000 ____D () C:\Users\Tommi\Documents\CAN_SPAM_LAWS
2015-03-07 21:08 - 2013-05-06 15:25 - 00000000 ____D () C:\Users\Tommi\AppData\Local\CrashDumps
2015-03-07 21:07 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\registration
2015-03-07 20:58 - 2009-07-13 21:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-07 20:58 - 2009-07-13 21:45 - 00022464 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-07 20:39 - 2011-11-12 08:01 - 00105510 _____ () C:\windows\system32\fastboot.set
2015-03-07 20:37 - 2014-11-10 03:09 - 00000406 _____ () C:\windows\Tasks\simplitec Service Provider.job
2015-03-07 20:37 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-07 20:36 - 2012-05-05 21:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 20:32 - 2012-11-30 20:06 - 01810676 _____ () C:\Users\Tommi\Documents\Getting Started with WhizFolders 6.5.7.wzfolder
2015-03-07 20:22 - 2013-02-17 13:20 - 00000000 ____D () C:\Users\Tommi\Documents\COX
2015-03-07 20:22 - 2011-11-12 07:58 - 00000000 ____D () C:\ProgramData\Temp
2015-03-06 18:35 - 2011-12-03 14:34 - 00003448 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2015-03-06 13:43 - 2013-05-07 16:45 - 00166128 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll
2015-03-06 13:43 - 2013-05-07 16:45 - 00114176 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys
2015-03-06 13:43 - 2013-05-07 16:45 - 00103816 _____ (Webroot) C:\windows\system32\WRusr.dll
2015-03-03 02:57 - 2014-06-15 15:04 - 00000000 ____D () C:\Users\Tommi\AppData\Local\NETGEARGenie
2015-03-02 08:04 - 2014-03-06 18:29 - 00003588 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001
2015-02-28 16:59 - 2013-10-26 15:07 - 00000000 ____D () C:\Users\Tommi\Documents\Populus
2015-02-27 15:48 - 2013-12-21 15:25 - 00044544 ___SH () C:\Users\Tommi\Thumbs.db
2015-02-26 14:29 - 2011-11-17 06:52 - 00000000 ____D () C:\Users\Tommi\Documents\Social_Security
2015-02-25 15:13 - 2013-04-22 15:51 - 00000075 _____ () C:\windows\pwkforms.ini
2015-02-24 22:50 - 2011-11-12 16:32 - 00000000 ____D () C:\Users\Tommi
2015-02-24 17:37 - 2014-05-17 10:49 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-24 17:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-02-24 17:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\AppCompat
2015-02-24 17:32 - 2011-11-13 05:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-22 09:02 - 2012-04-02 04:57 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-22 08:25 - 2013-01-24 21:47 - 00000000 ____D () C:\windows\Downloaded Installations
2015-02-22 01:21 - 2011-11-16 08:28 - 00000000 ____D () C:\Users\Tommi\Documents\Malware_Reports
2015-02-21 23:43 - 2012-05-04 20:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-21 23:28 - 2011-11-17 00:42 - 00000000 ____D () C:\Users\Tommi\Documents\To_Do
2015-02-21 20:28 - 2011-11-22 21:48 - 00000000 ____D () C:\windows\Minidump
2015-02-20 04:41 - 2013-05-25 02:51 - 00000000 ____D () C:\Users\Tommi\1_Min_WP_Launcher
2015-02-20 01:11 - 2013-03-28 17:37 - 00000000 ____D () C:\Users\Tommi\Documents\cc_cleaner_registry_backups
2015-02-20 00:37 - 2013-10-22 23:31 - 00000000 ____D () C:\Users\Tommi\AppData\Roaming\TeamViewer
2015-02-20 00:13 - 2011-12-18 10:43 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-16 15:21 - 2014-06-03 21:42 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-16 15:21 - 2014-06-03 21:42 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-02-16 14:35 - 2011-11-14 00:09 - 00808184 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-15 01:56 - 2009-07-13 21:45 - 05260744 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-15 01:51 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\tracing
2015-02-15 01:16 - 2013-09-30 19:27 - 00000000 ____D () C:\windows\system32\MRT
2015-02-09 00:13 - 2011-12-03 14:34 - 00000528 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-02-09 00:00 - 2011-12-03 14:34 - 00004230 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-07 20:17 - 2011-11-15 03:14 - 00000000 ____D () C:\Users\Tommi\Documents\AIM
2015-02-06 10:36 - 2011-11-16 07:54 - 00000000 ____D () C:\Users\Tommi\Documents\Bills

==================== Files in the root of some directories =======

2014-01-25 20:02 - 2014-07-18 14:33 - 0000096 _____ () C:\Users\Tommi\AppData\Roaming\Camdata.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0000408 _____ () C:\Users\Tommi\AppData\Roaming\CamLayout.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0000408 _____ () C:\Users\Tommi\AppData\Roaming\CamShapes.ini
2014-01-25 20:02 - 2014-07-18 14:33 - 0004535 _____ () C:\Users\Tommi\AppData\Roaming\CamStudio.cfg
2012-04-20 16:52 - 2014-10-27 03:04 - 0000151 _____ () C:\Users\Tommi\AppData\Roaming\FotoSketcher.ini
2011-11-12 17:34 - 2014-08-11 17:47 - 0898048 _____ () C:\Users\Tommi\AppData\Roaming\SharedSettings.ccs
2014-01-25 19:19 - 2014-07-18 14:33 - 0000096 _____ () C:\Users\Tommi\AppData\Roaming\version2.xml
2012-04-12 23:08 - 2014-09-17 22:56 - 0113709 _____ () C:\Users\Tommi\AppData\Local\ars.cache
2012-04-12 23:09 - 2014-09-17 22:56 - 1033406 _____ () C:\Users\Tommi\AppData\Local\census.cache
2013-07-22 16:40 - 2014-01-27 21:52 - 0005120 _____ () C:\Users\Tommi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-12 22:44 - 2012-04-12 22:44 - 0000036 _____ () C:\Users\Tommi\AppData\Local\housecall.guid.cache
2012-05-07 13:48 - 2014-06-28 15:39 - 0000600 _____ () C:\Users\Tommi\AppData\Local\PUTTY.RND
2014-01-05 20:34 - 2014-11-21 00:02 - 0007612 _____ () C:\Users\Tommi\AppData\Local\Resmon.ResmonCfg
2014-09-17 22:41 - 2014-09-17 22:41 - 0000010 _____ () C:\Users\Tommi\AppData\Local\sponge.last.runtime.cache
2011-12-10 21:35 - 2011-12-10 21:35 - 0017408 _____ () C:\Users\Tommi\AppData\Local\WebpageIcons.db
2014-06-13 12:43 - 2014-06-13 12:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-28 19:21 - 2015-02-28 19:21 - 0004975 _____ () C:\ProgramData\kgbednyf.fiy
2013-01-14 03:15 - 2013-01-15 01:46 - 0109096 _____ () C:\ProgramData\temp1.txt

Some content of TEMP:
====================
C:\Users\Tommi\AppData\Local\Temp\cct.dll
C:\Users\Tommi\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Tommi\AppData\Local\Temp\ICReinstall_winzip19-new.exe
C:\Users\Tommi\AppData\Local\Temp\JavaIC.dll
C:\Users\Tommi\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Tommi\AppData\Local\Temp\msscct32.dll
C:\Users\Tommi\AppData\Local\Temp\Quarantine.exe
C:\Users\Tommi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tommi\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\EasyRedirect.dll
C:\Windows\System32\igd10umd32.dll
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\igdumdx32.dll
C:\Windows\System32\MSVBVM60.DLL
C:\Windows\System32\olepro32.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2015-02-03 05:42

==================== End Of Log ============================

 

ADDITION REPORT:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2015 01
Ran by Tommi at 2015-03-08 16:53:52
Running from C:\Users\Tommi\Downloads\Farber_Recovery_Scan
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Disabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Disabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version:  - )
AbleBits.com Duplicate Remover for Microsoft Excel (HKLM-x32\...\{C937A2D1-D785-4931-9DDC-DA54D9320FBB}) (Version: 3.2.3 - Add-in Express Ltd.)
ActiveData For Excel (x86) (HKLM-x32\...\{E68102F0-D4B9-4885-931F-B31479E9D3A1}) (Version: 5.0.0 - InformationActive)
ActivePresenter (HKLM-x32\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 3.9.2 - Atomi Systems, Inc.)
Adobe Acrobat 8.1.0 Professional (HKLM-x32\...\Adobe Acrobat 8 Professional) (Version: 8.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
AKVIS ArtWork (HKLM\...\{DA2B4016-343D-4564-BE1C-99D84BE9673D}) (Version: 8.1.1709.10702 - AKVIS)
AKVIS ArtWork (HKLM-x32\...\{DA2B4016-343D-4564-BE1C-99D84BE9673D}) (Version: 7.0.1614.8662 - AKVIS)
Amazon Kindle (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASAP Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 5.0 - Bastien Mensink - A Must in Every Office BV)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AutoNext  (HKLM-x32\...\InstallShield_{FB776A40-C7CC-4A5C-8B96-AB30585FC0C0}) (Version: 1.00.0000 - eGrabber)
Beyond Compare 4.0.0 (HKLM-x32\...\BeyondCompare4_is1) (Version: 4.0.0.18847 - Scooter Software)
BlueGriffon version 1.6.2 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.6.2 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Shot 3D (HKLM\...\Box Shot 3D) (Version: 3.6 - Apps For Life)
Box Sync (HKLM\...\{D49B4848-D733-409C-A894-3CC0113F15A6}) (Version: 4.0.6035.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.6035.0 - Box Inc.) Hidden
Bulkr (HKLM-x32\...\com.prakaz.project.photogettr) (Version: 1.7 - Prakash Bajracharya)
Bulkr (x32 Version: 1.7 - Prakash Bajracharya) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11266.0 - Cisco Consumer Products LLC)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
CoffeeCup Direct FTP (HKLM-x32\...\{88741A14-4C9D-469F-BA36-8FDF6037BB68}) (Version: 3.9.2015 - CoffeeCup Software Inc.)
CoffeeCup Free Zip Wizard (HKLM-x32\...\CoffeeCup Free Zip Wizard) (Version:  - CoffeeCup Software)
CoffeeCup LockBox (HKLM-x32\...\CoffeeCup LockBox) (Version:  - )
CoffeeCup Places (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\CoffeeCup Places) (Version: 1.1 - CoffeeCup Software)
CoffeeCup Website Access Manager (HKLM-x32\...\CoffeeCup Website Access Manager) (Version:  - CoffeeCup Software)
Compare It! (HKLM-x32\...\Compare It + Synchronize It_is1) (Version: 4.1 - Grig Software)
Compare It! (HKLM-x32\...\Compare It!_is1) (Version: 4.2 - Grig Software)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.46.0.50 - Conexant)
Convert XLS (HKLM-x32\...\Convert XLS_is1) (Version:  - Softinterface, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Quality Components (HKLM\...\Data Quality Components_is1) (Version:  - Melissa Data Corp)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Directory Report (HKLM-x32\...\{0D9B75C0-3FC9-11D5-8617-00D0B707C2B6}) (Version: 34.00.0000 - AMB Software)
Dropbox (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Dropbox) (Version: 2.4.10 - Dropbox, Inc.)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
EmailAppend_Step2 (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\b5d2fe301b01077b) (Version: 1.0.0.0 - Microsoft)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo)
Energy Management (x32 Version: 6.0.1.5 - Lenovo) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ESDNOW Software Protection Technology v1.0.4 (HKLM-x32\...\{46F5DECB-ADB0-48D0-92D9-07D6524B0BD9}) (Version: 1.0.4 - ESDNOW)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.9 - Telerik)
Files Email Address Finder (HKLM-x32\...\{13F761B5-CFA4-419A-9DC1-BC5E40CFD9AD}) (Version: 5.0.0 - WindowIndia)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FlashFXP 4 (HKLM-x32\...\FlashFXP 4) (Version: 4.4.4.2046 - OpenSight Software LLC)
FontMSI (HKLM-x32\...\{ABB47A07-3209-42CE-9260-7BAC030CC6CA}) (Version: 1.00.0000 - AB)
FotoSketcher 2.30 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
FoxTab PDF Creator (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\FoxTab PDF Creator) (Version:  - ) <==== ATTENTION
FTPRush 2.1.8 (HKLM-x32\...\FTP Rush_is1) (Version: 2.1.8 - wftpserver.com)
Fuze Meeting (HKLM-x32\...\{88F800EE-C2E3-49F1-9A61-DB1EE6DD4245}) (Version: 14.1.3326 - Fuze Box, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.1.2392 (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\GoToMeeting) (Version: 7.1.1.2392 - CitrixOnline)
HIEOutlookPluginSetup (HKLM-x32\...\{F9EE5132-8BDC-4E3F-B355-BFC51496D00C}) (Version: 1.0.0 - High Impact eMail 5)
Hotspot Shield 2.93 (HKLM-x32\...\HotspotShield) (Version: 2.93 - AnchorFree Inc.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Imagekind Uploader (HKLM-x32\...\{C17351A0-DBB4-4449-9309-B2AFA3EA7ADA}) (Version: 1.0.3 - Imagekind)
ImageQuix Publisher (HKLM-x32\...\ImageQuixPublisher) (Version:  - )
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iSpring Free 6 (HKLM\...\{A2CB66EE-C96E-400E-A69B-B216DFA502F2}) (Version: 6.2.0 - iSpring Solutions Inc.)
iTunes (HKLM\...\{C36440D2-5DBE-4F20-8D39-39D83FDBBE4E}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kutools for Excel 5.1.0.0 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version:  - Detong)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo Hard Drive Quick Test (HKLM-x32\...\{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}) (Version: 6.0.5746.01 - PC-Doctor, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
ListGrabber AutoNext (x32 Version: 1.00.0000 - eGrabber) Hidden
Livedrive (HKLM\...\{7D2E0E90-3BBA-43B1-894D-EC39A4E18748}) (Version: 1.15.2.0 - Livedrive Internet Limited)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Excel Home and Student 2010 (HKLM-x32\...\Office14.EXCELR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 PowerPivot for Excel  32-bit (HKLM-x32\...\{4CFC749F-E178-42C7-8095-796C5814C9C3}) (Version: 11.1.3129.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neat (HKLM-x32\...\Neat) (Version: 5.1.29.304 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.1.29.304 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.24 - NETGEAR Inc.)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 2.5.2.56 - NTI Corporation)
NTI Backup Now EZ (x32 Version: 2.5.2.56 - NTI Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1005 - Microsoft Corporation) Hidden
Paragon HFS+ for Windows™ 9.1 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Stamp Remover 6.0 (HKLM-x32\...\Photo Stamp Remover_is1) (Version: 6.0 - SoftOrbits)
PlayOn (HKLM-x32\...\{55E63875-3DB1-4111-ADA7-E3AD2379A975}) (Version: 3.10.21 - MediaMall Technologies, Inc.)
Quick File Rename Professional Edition (HKLM-x32\...\{4B5FDE6F-6A43-49AD-B878-0C1562DAA3A2}) (Version: 8.01.0000 - Skyjuice Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Desktop Connection Manager (HKLM-x32\...\{173A2B7F-535A-4403-A454-B41531EF0D7F}) (Version: 2.2.0423 - Microsoft Corporation)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Screencast-O-Matic (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Screenpresso (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Screenpresso) (Version: 1.5.3.0 - Learnpulse)
Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0016-0000-0000-0000000FF1CE}_Office14.EXCELR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden
simpliclean (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 1.5.2.2 - simplitec GmbH)
SiteSpinner V2 (HKLM-x32\...\{355BCF4B-A2A6-46F1-A33E-FA8D6B1794C7}) (Version: 2.91.7 - Virtual Mechanics)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Photo Editor (HKLM-x32\...\SmartPhotoEditor1_is1) (Version: 1.18 - Anthropics Technology Ltd.)
Smart Photo Editor Trial (HKLM-x32\...\SmartPhotoEditor1Trial_is1) (Version: 1.18 - Anthropics Technology Ltd.)
Smilebox (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\Smilebox) (Version: 1.0.0.27714 - Smilebox, Inc.)
Snagit 10.0.1 (HKLM-x32\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
Snagit 11 (HKLM-x32\...\{44BD21C2-9132-48DB-B65B-23817E4C6F4B}) (Version: 11.2.0 - TechSmith Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.1 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.1.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
UpdateAdmin (HKLM-x32\...\{07B4B423-E4DA-47D1-8327-B589EB4BEB58}) (Version: 2.0.1885 - DownloadAdmin)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
Visual Site Designer (HKLM-x32\...\{5FA08EAD-6532-4609-9E78-DBBEBE9AE6D2}) (Version: 7.0.82 - CoffeeCup Software)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Web Designer Premium MX Update (Version: 8.1.4.30831 - Xara Group Ltd) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.7.33 - Webroot)
WhizFolders Organizer (HKLM-x32\...\wfcm_is1) (Version: 6.6 - AvniTech Solutions)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip (HKLM\...\WinZip) (Version:  19.0 (11294) - 64-bit - WinZip Computing, S.L.)
Wisdom-soft Set up ScreenHunter 5.1 Free (HKLM-x32\...\Wisdom-soft Set up ScreenHunter 5.1 Free) (Version:  - Wisdom Software Inc.)
Wondershare DVD Slideshow Builder Deluxe(Build 6.1.14.0) (HKLM-x32\...\Wondershare DVD Slideshow Builder Deluxe_is1) (Version: 6.1.14.0 - WonderShare Software Co.,Ltd.)
Wondershare MobileGo for iOS ( Version 3.2.0 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 3.2.0 - Wondershare)
Workspace Desktop (HKU\S-1-5-21-136662411-4183305618-733280024-1001\...\workspacedesktop) (Version:  - Starfield Technologies)
Xara Web Designer 10 Premium (HKLM\...\MX.{E8BB45AE-F37B-491B-9D97-502484028DFD}) (Version: 10.1.3.35257 - Xara Group Ltd)
Xara Web Designer 10 Premium (Version: 10.1.3.35257 - Xara Group Ltd) Hidden
Xara Web Designer 6 (HKLM-x32\...\MAGIX_MSI_Xara_Web_Designer_6) (Version: 6.0.1.13296 - Xara Group Ltd)
Xara Web Designer 6 (x32 Version: 6.0.1.13296 - Xara Group Ltd) Hidden
Xara Web Designer MX Premium (HKLM-x32\...\MAGIX_{38DEE9EC-DB2A-4151-84AD-1263FC396262}) (Version: 8.1.3.23942 - Xara Group Ltd)
Xara Web Designer MX Premium (Version: 8.1.3.23942 - Xara Group Ltd) Hidden
Zazzle Uploader (HKLM-x32\...\ZazzleUploader) (Version:  - Zazzle)
ZipRecover (HKLM-x32\...\ZipRecover) (Version:  - )
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{045281D6-AFD2-4cd6-A93D-C07AD6FB20A2}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\SVGFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{0A352EAA-8FF3-404c-AFED-1F9AA02818DD}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\ODPImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{1B00816B-14D7-4442-82B3-15CCF43C0254}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\RTFfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{47C58F72-DD97-4204-9A58-00E0A82E5207}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{4F8ABD16-E446-43C3-A154-484F507060B4}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{55E4C8A1-601C-407f-9DF5-A2652A241AAE}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\EMFFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{7DCC32F2-DAEF-4CDE-A81A-F45DAA3EB0B0}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\HTMLfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{7F75D6E7-EE09-46d8-A83E-040926610774}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\DocImport\DocImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{86A7051E-BCD5-4d1f-9DC6-94BADC257777}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{B189AF08-C20E-44e6-A12E-3790640BBCD0}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\RAWImport\RAWImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{BD1631EA-6D82-4407-9B96-5B40DA7BCCC1}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PDFImport\PDFImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{C0908775-F5BD-4caf-B8BE-7138F7EBAAEE}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\Filters\ENG\PPImport.dll ()
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\WebDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Web Designer 10 Premium\WebDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tommi\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-136662411-4183305618-733280024-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tommi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-04-24 17:19 - 00000019 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D77A937-CF66-497D-AA92-EED1C198FF87} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {0EA826B8-09D0-43EE-AEBB-4D6DBF8F006A} - System32\Tasks\{E3765F8A-4A8E-441B-B32B-83797E775907} => Firefox.exe
Task: {0EF25A48-59A8-4DC5-A08D-3148FCF72ED6} - System32\Tasks\{0E24DDD1-389A-47D8-B486-CCF51264E668} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {1028D589-9506-4831-9335-2CE9F6B94A98} - System32\Tasks\{74165826-46F4-455C-949A-AF8CCA72B3C1} => pcalua.exe -a C:\Users\Tommi\Downloads\InstantEyedropper.exe -d C:\Users\Tommi\Downloads
Task: {157FB062-7A88-4CEC-8B75-B57BB76DB539} - System32\Tasks\{F65E6BE3-A9A5-4B1B-BE90-1F1A96A75526} => pcalua.exe -a "C:\Users\Tommi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AX444FTW\freefileviewer.exe" -d C:\Users\Tommi\Desktop
Task: {178E27E0-D5F8-4AB4-B21D-CF23A4F67B50} - System32\Tasks\{22D93E76-DF0E-4BAF-878F-4AF1F02AE089} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {1CDA03D2-4483-4D4B-93CD-C7EAE019A1E4} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {1D06391F-E3EB-4943-A175-72F5CBA1100C} - System32\Tasks\Tommi DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-09-17] (Seagate Technology LLC)
Task: {21B9588C-A112-4FFE-91AB-A53BA509D23D} - System32\Tasks\{D093DC83-55BC-470F-A2BF-3D68196703A1} => Firefox.exe http://ui.skype.com/ui/0/6.6.59.106/en/abandoninstall?page=tsMain
Task: {27FB655A-C005-4ED9-BB51-264842D0900C} - System32\Tasks\{769BBE58-6962-444F-A274-38EA50EEA303} => pcalua.exe -a C:\Users\Tommi\Downloads\60-1.exe -d C:\Users\Tommi\Downloads
Task: {3049B04A-54A5-4BD1-BD3D-05406C8D893A} - System32\Tasks\{8D6FCCCC-8346-4C25-9E66-C003FBDEBA69} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {313C028E-99DC-4D41-AA99-3C1A9584F31B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {3EAE738C-7E1D-4723-8213-A67EB25FD872} - System32\Tasks\{5C85C66B-5824-4CCD-B4ED-2FD2C660A356} => pcalua.exe -a C:\Users\Tommi\Downloads\Access2010_64bit_Setup.exe -d C:\Users\Tommi\Documents\AIM\2012_Commercial_Orders
Task: {46C997B3-13C7-460D-9BC0-CB26B8BB76C5} - System32\Tasks\{A01D150E-34A9-487F-B8AC-253A9B48BAAD} => Firefox.exe
Task: {4A467191-75D5-4EA1-A296-05A26D9B119B} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {4E55F0DE-BC32-4F4B-8F97-2F1B89A47CAD} - System32\Tasks\{4978E2B2-5F41-4FA8-8FF9-BF84CFB2D04D} => Firefox.exe http://ui.skype.com/ui/0/5.9.59.115/en/abandoninstall?page=tsProgressBar
Task: {4F4A98EA-D263-4BAD-A8F9-DB12AEADEB3A} - System32\Tasks\{481C97F5-C938-46C8-B8ED-812740C36C03} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {5425FEC0-E0FD-43FB-B9BB-C3A39B7CBDD5} - System32\Tasks\{8968F0D5-7988-4190-863D-D63F4ACEC936} => pcalua.exe -a C:\Users\Tommi\Downloads\60-4.exe -d C:\Users\Tommi\Downloads
Task: {58A7330C-B310-44CB-A012-3B060FA838D8} - System32\Tasks\{FFF44390-B985-4F80-80E3-BD98CD0B43EA} => Firefox.exe
Task: {594AB513-57E7-4CD8-84C4-72A04FB41081} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {595B113E-A110-46E0-BE32-EFAD1A99CB3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5C5CB63F-46AD-434B-911B-529FF9E12FCD} - System32\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001 => C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\2392\g2mupdate.exe [2015-03-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {646C3396-1A08-412A-A54A-217CFF0D55DD} - System32\Tasks\{9CD888C7-A133-4153-9EEA-F92315741D09} => pcalua.exe -a C:\Users\Tommi\Downloads\Access2010_64bit_Setup.exe -d C:\Users\Tommi\Documents\AIM\2012_Commercial_Orders
Task: {6F9A3E75-4A94-454A-8EED-6311A92A1815} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {74396C92-01DB-4C95-9540-1AD8F83D1E14} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {77DB21CE-149D-4145-8242-D3AE5A45EAC6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {7831F242-327E-4FDE-9BB0-F08A62B21109} - System32\Tasks\{F1A0C9F4-1BA6-48C9-8786-2E58BFC15B27} => Firefox.exe
Task: {7F59DEFB-F9B4-4905-AF0C-0855AA2A1832} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {80C9A817-32E5-45DA-99CA-27493C8B4733} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-07-12] (Microsoft Corporation)
Task: {8C609522-E61A-4A2D-8F52-8CA902B59823} - System32\Tasks\{AD30D7BB-D810-4EEE-A183-D4A0C27F96F6} => pcalua.exe -a "C:\Users\Tommi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9XY321Z\NavNext_b63_032709.exe" -d C:\Users\Tommi\Desktop
Task: {8FF650D7-5B68-4BD7-9908-BAAF33CD4FE2} - System32\Tasks\{1AAA6186-BA5E-45FD-87EC-0F34457F1CB1} => Firefox.exe
Task: {9097C770-2E6C-40D7-BE93-F40A59DB7479} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {93286324-2203-476B-AEAD-87AEC7610E0E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {977D8E00-1B54-4D7B-A950-EE8E19047321} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {99CCC10D-7747-41AC-BB0C-1B38B901BC16} - System32\Tasks\{4A41BC90-C357-4381-A0DF-21B7AA891228} => Firefox.exe
Task: {9FCB25ED-062E-46A5-AA93-D815B4B1F2CA} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A3AE2F41-3032-49F7-8B45-AC69DB59E7B6} - System32\Tasks\{44D3C89E-9500-40B5-B237-6307DA5D8042} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {A533C13A-1DDE-431F-8A73-3683DBA1D8FA} - System32\Tasks\{27A41114-2E1F-40DA-92F5-8FE8AC2D5B3F} => pcalua.exe -a C:\Users\Tommi\Downloads\CoffeeCup\Lock-Box-Full-3.1.118.exe -d C:\Users\Tommi\Downloads\CoffeeCup
Task: {A9D5E424-7E49-445B-8B8D-C4DEE7AC4F97} - System32\Tasks\{867EF48D-E8F9-4218-B8C3-ECC374D4D737} => Firefox.exe
Task: {AD835F93-02A0-41F5-8F3D-2C78E45EE223} - System32\Tasks\{6BA770BA-0FD8-46A9-BCB5-CC3F92878F61} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {B095AFA3-F208-4DE9-8D1A-A3C39AF86DDF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC)
Task: {B60D7553-082E-440C-BD22-0992C1E078B5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {B7315678-A773-4278-BB59-D8F2828859AA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {C8CB6804-18B8-4D27-B648-6C7EB6B080AE} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe [2014-03-05] (simplitec GmbH)
Task: {DA31C59F-ED21-4AA9-9C11-8D83B6ABA532} - System32\Tasks\AdobeAAMUpdater-1.0-Tommi-PC-Tommi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {DF654C20-B926-4C38-AB5E-DC5F7E7BE5FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {E0C4E660-BA59-4D61-847C-A94A40877B39} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe [2014-03-05] (simplitec GmbH)
Task: {E96FA767-6B2B-4ED2-9594-750C89DAFF05} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EE5D8565-58C7-427E-A40B-B16DE9054B45} - System32\Tasks\{A24A8892-64F1-4776-A9A8-BFBED8233491} => C:\Program Files (x86)\eGrabber\ListGrabber Standard 4.0\ListGrabber.exe
Task: {EF22906E-BF9C-4ED3-9B31-CB5B2A7E62A1} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {F0F149CE-C3D5-4334-A732-B474EF7C67CD} - System32\Tasks\{AD133361-D264-4434-9F8A-B784E0E0B776} => Firefox.exe
Task: {F2FF35D3-95C3-4945-95D3-BD0F3DBB5A4B} - System32\Tasks\{0C554F2E-9580-41DD-838C-D4E3D1BDE74E} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {F588DFE7-880F-48E7-932E-D76337C55731} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F5F7A0B5-0FF9-4C98-A18A-956C82126D3B} - System32\Tasks\{8F735B00-8804-46E2-A97D-218BAF9BEDAC} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe [2006-09-14] (Adobe Systems Incorporated)
Task: {F68E7CE4-837C-4F99-81CE-5CE58760A0C9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-136662411-4183305618-733280024-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-136662411-4183305618-733280024-1001.job => C:\Users\Tommi\AppData\Local\Citrix\GoToMeeting\2392\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\windows\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) ==============

2013-07-12 08:34 - 2013-07-12 08:34 - 08865448 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-01 12:29 - 2014-05-01 12:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2006-09-14 07:56 - 2006-09-14 07:56 - 00102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2013-07-26 01:31 - 2013-07-26 01:31 - 00066768 _____ () C:\Program Files (x86)\Paragon Software\HFS+ for Windows  9.1\apmwinsrv.exe
2014-07-24 16:05 - 2014-07-24 16:05 - 00210584 _____ () C:\Program Files (x86)\Livedrive\VSSService.exe
2008-12-19 20:20 - 2011-11-12 07:59 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-19 20:20 - 2011-11-12 07:59 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-02-19 20:29 - 2014-02-19 20:29 - 01679832 _____ () C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
2014-02-19 20:29 - 2014-02-19 20:29 - 00012744 _____ () C:\Program Files\Lenovo\Lenovo Solution Center\App\Aspect.dll
2014-04-14 12:41 - 2014-04-14 12:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-06-10 17:50 - 2014-06-10 17:50 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-06-10 22:03 - 2014-06-10 22:03 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-01-19 02:29 - 2015-01-19 02:29 - 00065536 _____ () C:\Program Files\Genie9\Zoolz2\SharedLib.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00673280 _____ () C:\Program Files\Genie9\Zoolz2\Core.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00008704 _____ () C:\Program Files\Genie9\Zoolz2\LogManager.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00130560 _____ () C:\Program Files\Genie9\Zoolz2\Settings.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 01519616 _____ () C:\Program Files\Genie9\Zoolz2\Rescources.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00144896 _____ () C:\Program Files\Genie9\Zoolz2\OnlineManager.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00064512 _____ () C:\Program Files\Genie9\Zoolz2\Watcher.dll
2012-09-26 06:37 - 2012-09-26 06:37 - 00017408 _____ () C:\Program Files\Genie9\Zoolz2\Transitions.dll
2015-01-19 02:29 - 2015-01-19 02:29 - 00125440 _____ () C:\Program Files\Genie9\Zoolz2\XspHandler.dll
2014-04-21 23:11 - 2014-04-21 23:11 - 00098816 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2012-10-21 06:34 - 2012-10-21 06:34 - 00024576 _____ () C:\Program Files\Genie9\Zoolz2\DevNetGlobalCache.dll
2011-06-27 08:06 - 2011-06-27 08:06 - 00502352 _____ () C:\Program Files\PC-Doctor\libAsapiCSharp.dll
2011-06-27 08:06 - 2011-06-27 08:06 - 00100944 _____ () C:\Program Files\PC-Doctor\libCSharpCommonCS.dll
2011-06-27 08:06 - 2011-06-27 08:06 - 00018512 _____ () C:\Program Files\PC-Doctor\libGapiCSharp.dll
2011-06-27 08:06 - 2011-06-27 08:06 - 00029264 _____ () C:\Program Files\PC-Doctor\libDataStoreCSharp.dll
2011-06-27 08:06 - 2011-06-27 08:06 - 00092752 _____ () C:\Program Files\PC-Doctor\libTonopahClientCSharp.dll
2014-11-10 03:08 - 2014-03-05 14:17 - 00150816 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\common\asp_ipc32.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 03369922 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuin51.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00544817 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00989805 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 01978690 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuuc51.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 22378434 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icudt51.dll
2013-09-28 18:14 - 2013-09-28 18:14 - 01233408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2014-04-22 02:09 - 2014-04-22 02:09 - 00518656 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2014-04-15 22:12 - 2014-04-15 22:12 - 01554944 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-04-21 22:41 - 2014-04-21 22:41 - 00192512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-04-21 22:42 - 2014-04-21 22:42 - 00632832 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-04-25 01:25 - 2014-04-25 01:25 - 05992960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-03-23 20:33 - 2014-03-23 20:33 - 00068608 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2014-04-21 23:00 - 2014-04-21 23:00 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-03-23 20:33 - 2014-03-23 20:33 - 00144896 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2014-04-21 22:59 - 2014-04-21 22:59 - 01175552 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-04-23 20:13 - 2014-04-23 20:13 - 09825792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-04-28 18:44 - 2014-04-28 18:44 - 01360384 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-04-21 23:05 - 2014-04-21 23:05 - 00200192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-04-21 23:07 - 2014-04-21 23:07 - 00885248 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-04-21 23:09 - 2014-04-21 23:09 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00052224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00261120 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-04-08 01:07 - 2014-04-08 01:07 - 00081408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-04-08 01:06 - 2014-04-08 01:06 - 00143360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 02:56 - 2012-11-29 02:56 - 03332720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00074240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2014-04-21 23:07 - 2014-04-21 23:07 - 00642048 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-04-21 23:09 - 2014-04-21 23:09 - 00458752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-03-23 21:08 - 2014-03-23 21:08 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-03-23 20:31 - 2014-03-23 20:31 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2013-09-28 18:13 - 2013-09-28 18:13 - 00040960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-07-24 15:58 - 2014-07-24 15:58 - 00816128 _____ () C:\Program Files (x86)\Livedrive\Localisation.dll
2011-07-28 16:20 - 2011-07-28 16:20 - 00270336 _____ () C:\Program Files (x86)\Livedrive\AlphaFS.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\olepro32.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igdumdx32.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igdumd32.dll
2011-09-23 21:54 - 2011-09-23 21:54 - 00465344 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ\sqlite3.dll
2014-06-26 10:24 - 2014-06-26 10:24 - 00861784 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2015-02-15 06:50 - 2015-02-15 06:50 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-11-12 07:41 - 2010-11-05 16:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-04-20 07:15 - 2013-04-20 07:15 - 00000000 _____ () C:\windows\system32\igd10umd32.dll
2015-02-05 01:40 - 2015-02-05 01:40 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2006-10-01 22:49 - 2006-10-01 22:49 - 00389120 _____ () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
2014-10-16 02:15 - 2014-10-16 02:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 09:41 - 2014-05-24 09:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-06-07 16:16 - 2007-03-22 12:38 - 02748416 ____R () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\LIBMYSQLD.dll
2011-12-12 20:41 - 2004-08-24 12:06 - 00060416 _____ () C:\Program Files (x86)\CoffeeCup Software\FreeZip\CCUtils.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR322 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-136662411-4183305618-733280024-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-136662411-4183305618-733280024-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tommi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: EasyRedirect => 2

==================== Accounts: =============================

Administrator (S-1-5-21-136662411-4183305618-733280024-500 - Administrator - Disabled)
Guest (S-1-5-21-136662411-4183305618-733280024-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-136662411-4183305618-733280024-1004 - Limited - Enabled)
Tommi (S-1-5-21-136662411-4183305618-733280024-1001 - Administrator - Enabled) => C:\Users\Tommi

==================== Faulty Device Manager Devices =============

Name: Lenovo EasyCamera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2015 04:55:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:55:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:53:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:53:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:52:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:52:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:51:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 388: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:51:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


System errors:
=============
Error: (03/08/2015 01:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The pcicsa.sys service failed to start due to the following error:
%%2

Error: (03/08/2015 01:53:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (03/08/2015 01:52:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (03/08/2015 01:50:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (03/08/2015 01:50:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (03/08/2015 01:50:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (03/08/2015 01:50:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (03/08/2015 06:37:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (03/08/2015 06:34:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.

Error: (03/08/2015 00:33:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ehRecvr service.


Microsoft Office Sessions:
=========================
Error: (03/08/2015 04:55:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:55:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:53:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 540: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:53:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:52:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:52:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/08/2015 04:51:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 388: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/08/2015 04:51:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


CodeIntegrity Errors:
===================================
  Date: 2015-02-20 02:41:18.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:41:18.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:41:18.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:41:18.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_bf85c9bcfd585989\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:31.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:31.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:31.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:31.091
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appid.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:29.185
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 02:40:29.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18574_none_b5311f6ac8f7978e\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 71%
Total physical RAM: 4039.86 MB
Available physical RAM: 1147.28 MB
Total Pagefile: 14135.91 MB
Available Pagefile: 9357.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:18.91 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:23.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 71C44A65)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users