Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WebBrowsers with unauthorized Ads and Popups


  • This topic is locked This topic is locked
13 replies to this topic

#1 jammalg

jammalg

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 04 April 2015 - 10:21 AM

On 4/1/2015 my web browsers - Firefox, Chromium Secure, and MS Internet Explorer - started having numerous popups with "ADS BY NAME" or "Brought to you by name" on the lower left hand corner of the popup window and new browser windows automatically opened to sites for repairing various web browsers.  Just by opening Firefox and doing nothing else I was sent to approximately 82 websites.

 

When this has happened in the past I (not necessarily in this order, but close) turn off my System Restore, update  my anti-virus/malware software, disconnect the PC from the internet, restart in safe mode and run:

  • CCleaner to empty all temp folders and the Recycle bin
  • rkill
  • unhide
  • TDSSkiller
  • BitDefender <- my security program
  • SuperAntiSpyware
  • MalewareBytes 
  • Stinger

This process has always worked in this past but not this time.  One thing that I didn't fully do was remove ALL of the files and registry items pointed out by MalewareBytes and SuperAntiSypware - 

there were many files in the list labelled as Possible Unwanted Programs (PUP) and I wasn't familiar enough with the files to know for sure that they should be deleted - so I let them be.

 

I did notice that the problem started at 12:16 PM and exactly at 12:16 PM the following files were installed - but not by me

  • fun4u.exe - which kicked off
    • fun4u_notification_service and
    • fun4u_updating_service
  • hps2KQQ90qK3s3Ti

 

I manually removed the fun4u, hps2KQQ90qK3s3Ti and all related registry items that I could find.  However, the problem is still with me.

 

Please help,

 

Jammalg

 

---------------------------------------------------------------------------------------------------

 

I downloaded and ran FRST64  

 

[attachment=163535:FRST.txt]

[attachment=163534:Addition.txt]

 

Here are the outputs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by User (administrator) on JMALG-PC on 02-04-2015 21:14:26
Running from E:\PC_USERS\JAMES\jDownloads\Browser_Items
Loaded Profiles: User (Available profiles: User & Brian & Aran & Sara & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) E:\E_DRIVE\Programs\Super_anti_spyware\SASCore64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Duality Software) E:\E_DRIVE\Programs\DS Clock\dsetime.exe
() E:\E_DRIVE\Programs\Everything\Everything.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() E:\E_DRIVE\Programs\Comodo\IceDragon\icedragon_updater.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Livescribe) C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) E:\Programs\TomTom540XXL\TomTom HOME 2\TomTomHOMEService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(AddGadgets) F:\Utilities_002\PCMeterV4\PCMeterV0.4.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
() E:\E_DRIVE\Programs\Everything\Everything.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Greenshot) E:\E_DRIVE\Programs\Greenshot\Greenshot.exe
(Apple Inc.) E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\iCloudServices.exe
(Apple Inc.) E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\ApplePhotoStreams.exe
(Duality Software) E:\E_DRIVE\Programs\DS Clock\dsclock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\iCloudDrive.exe
(TomTom) E:\Programs\TomTom540XXL\TomTom HOME 2\TomTomHOMERunner.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Dominik Reichl) J:\Utilities_Portable\Portable_Apps\Portable_KeePass\KeePass.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(SUPERAntiSpyware) E:\E_DRIVE\Programs\Super_anti_spyware\SUPERAntiSpyware.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) E:\E_DRIVE\Programs\EverNote\EverNote\EvernoteClipper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Stardock) E:\E_DRIVE\Programs\Stardock\ObjectDock\ObjectDock.exe
() E:\E_DRIVE\Programs\TimeWarner\VoiceZoneConnect\VoiceZoneConnect.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mister Group) E:\E_DRIVE\Utilities\System Items\System Explorer f\System Explorer\SystemExplorer.exe
(Stardock) E:\E_DRIVE\Programs\Stardock\ObjectDock\Dock64.exe
() E:\E_DRIVE\Programs\Everything\Everything.exe
(Mister Group) E:\E_DRIVE\Utilities\System Items\System Explorer f\System Explorer\service\SystemExplorerService64.exe
(Stardock) E:\E_DRIVE\Programs\Stardock\ObjectDock\ObjectDockTray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Comodo) E:\E_DRIVE\Programs\Comodo\Chromium Secure\chromiumsecure.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-27] (Logitech Inc.)
HKLM\...\Run: [Fences] => E:\E_DRIVE\Programs\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-17] (Bitdefender)
HKLM\...\Run: [Everything] => E:\E_DRIVE\Programs\Everything\Everything.exe [1441792 2014-08-05] ()
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [QuickTime Task] => E:\E_DRIVE\Programs\Apple\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => E:\E_DRIVE\Utilities\System Items\System Explorer f\System Explorer\SystemExplorer.exe [3391712 2015-03-18] (Mister Group)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [Greenshot] => E:\E_DRIVE\Programs\Greenshot\Greenshot.exe [495616 2013-12-13] (Greenshot)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [iCloudServices] => E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [ApplePhotoStreams] => E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [DS Clock] => E:\E_DRIVE\Programs\DS Clock\DSClock.exe [1350608 2012-12-17] (Duality Software)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [iCloudDrive] => E:\E_DRIVE\Programs\Apple\Internet Services\iCloud\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [TomTomHOME.exe] => E:\Programs\TomTom540XXL\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [KeePass Password Safe 2] => J:\Utilities_Portable\Portable_Apps\Portable_KeePass\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-10] (Bitdefender)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [Process Hacker 2] => E:\E_DRIVE\Utilities\System Items\Process Hacker 2\ProcessHacker.exe [1448280 2013-12-22] (wj32)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Run: [SUPERAntiSpyware] => E:\E_DRIVE\Programs\Super_anti_spyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\MountPoints2: {473e1653-7e9c-11e3-a327-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\MountPoints2: {4e4a5248-7e94-11e3-928b-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\Users\Aran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\User\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> E:\E_DRIVE\Programs\EverNote\EverNote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> E:\E_DRIVE\Programs\EverNote\EverNote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VoiceZoneConnect.lnk
ShortcutTarget: VoiceZoneConnect.lnk -> E:\E_DRIVE\Programs\TimeWarner\VoiceZoneConnect\VoiceZoneConnect.exe ()
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Live Mail.lnk
ShortcutTarget: Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> E:\E_DRIVE\Programs\EverNote\EverNote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MUST DO.odt.lnk
ShortcutTarget: MUST DO.odt.lnk -> E:\Users\User\Desktop\MUST DO.odt ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> E:\E_DRIVE\Programs\Stardock\ObjectDock\ObjectDock.exe (Stardock)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VoiceZoneConnect.lnk
ShortcutTarget: VoiceZoneConnect.lnk -> E:\E_DRIVE\Programs\TimeWarner\VoiceZoneConnect\VoiceZoneConnect.exe ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => E:\E_DRIVE\Programs\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => E:\E_DRIVE\Programs\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => E:\E_DRIVE\Programs\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ifiltershop.com/sofilter.html
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {90B1BE14-2A11-41C2-A0FF-A842C348B06A} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {F1651D6A-13CE-4252-8F1E-AAE3D39A0C8E} URL = http://search.yahoo.com/?ourmark=4&p={searchTerms}
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-25] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\E_DRIVE\Programs\JAVA\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> E:\E_DRIVE\Programs\EverNote\EverNote\EvernoteIE.dll [2015-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-25] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\E_DRIVE\Programs\JAVA\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-25] (LastPass)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-10] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-25] (LastPass)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-10] (Bitdefender)
Toolbar: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default
FF DefaultSearchEngine: DuckDuckGo
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchEngine.US: DuckDuckGo
FF DefaultSearchUrl: hxxp://websearch.thesearchpage.info/?pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://america.aljazeera.com/
FF Keyword.URL: hxxp://websearch.thesearchpage.info/?pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-25] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> E:\E_DRIVE\Programs\JAVA\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> E:\E_DRIVE\Programs\JAVA\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-25] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> E:\E_DRIVE\Programs\SumatraPDF\npPdfViewer.dll [2013-10-01] (Simon Bünzli)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-01-21] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-01-21] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\E_DRIVE\Programs\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\E_DRIVE\Programs\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin HKU\S-1-5-21-2660834061-3649263539-3173229253-1000: @citrixonline.com/appdetectorplugin -> C:\Users\User\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-22] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2012-07-06] (Octoshape ApS)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\searchplugins\duckduckgo.xml [2014-01-22]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\searchplugins\github.xml [2015-03-15]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\searchplugins\youtube-video-search.xml [2015-03-09]
FF Extension: iCloud Bookmarks - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: MaskMe - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\idme@abine.com [2014-11-23]
FF Extension: KeeFox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\keefox@chris.tomlinson [2015-01-15]
FF Extension: LastPass - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\support@lastpass.com [2014-11-25]
FF Extension: Forecastfox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-05-15]
FF Extension: FEBE - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-03-26]
FF Extension: Qualys BrowserCheck - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-02-01]
FF Extension: CSHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2014-01-22]
FF Extension: Evernote Web Clipper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-22]
FF Extension: Disconnect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\2.0@disconnect.me.xpi [2014-11-23]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-01-22]
FF Extension: AdNauseam - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\adnauseam@rednoise.org.xpi [2014-09-12]
FF Extension: Bookmark Duplicate Cleaner - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\bookmarkdup@localghost.net.xpi [2014-11-23]
FF Extension: InvisibleHand - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2014-01-22]
FF Extension: Facebook Disconnect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\facebook@disconnect.me.xpi [2014-11-23]
FF Extension: Ghostery - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\firefox@ghostery.com.xpi [2014-01-22]
FF Extension: Google Disconnect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\google@disconnect.me.xpi [2014-11-23]
FF Extension: Translate This! - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-01-06]
FF Extension: Lightbeam - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-11-23]
FF Extension: DuckDuckGo Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-22]
FF Extension: NoTrace - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\notrace@unisa.it.xpi [2014-02-02]
FF Extension: PassIFox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\passifox@hanhuy.com.xpi [2014-11-23]
FF Extension: Private Tab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\privateTab@infocatcher.xpi [2015-01-10]
FF Extension: Clearly - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\readable@evernote.com.xpi [2014-02-07]
FF Extension: Disconnect Search - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\search@disconnect.me.xpi [2014-11-23]
FF Extension: Status-4-Evar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\status4evar@caligonstudios.com.xpi [2015-01-10]
FF Extension: www.Tran - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\trident@trident.com.ua.xpi [2014-01-22]
FF Extension: Twitter Disconnect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\twitter@disconnect.me.xpi [2014-11-23]
FF Extension: Flagfox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-07]
FF Extension: FlashGot - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-01-12]
FF Extension: Nautipolis for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}.xpi [2014-01-22]
FF Extension: NoScript - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-22]
FF Extension: YouTube High Definition - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-02-06]
FF Extension: Video DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-11]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; E:\E_DRIVE\Programs\Super_anti_spyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DSClockSyncTime; E:\E_DRIVE\Programs\DS Clock\dsetime.exe [62264 2009-11-19] (Duality Software)
R2 Everything; E:\E_DRIVE\Programs\Everything\Everything.exe [1441792 2014-08-05] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IceDragonUpdater; E:\E_DRIVE\Programs\Comodo\IceDragon\icedragon_updater.exe [1821384 2013-12-19] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 MBAMScheduler; E:\E_DRIVE\Programs\MalWareB\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; E:\E_DRIVE\Programs\MalWareB\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 PenCommService; C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2011-10-27] (Livescribe) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-15] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 SystemExplorerHelpService; E:\E_DRIVE\Utilities\System Items\System Explorer f\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TomTomHOMEService; E:\Programs\TomTom540XXL\TomTom HOME 2\TomTomHOMEService.exe [93040 2014-06-05] (TomTom)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [161744 2015-03-10] (RaMMicHaeL)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S3 VsEtwService120; H:\Computer Science - Programing\Visual Studio f\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-17] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ChromiumSecureUpdater; E:\E_DRIVE\Programs\Comodo\Comodo\Chromium Secure\chromiumsecure_updater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-27] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-10] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-10] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-10] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-10] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-03-17] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2014-01-15] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R1 KProcessHacker2; E:\E_DRIVE\Utilities\System Items\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [26112 2011-10-27] (Windows ® Win 7 DDK provider)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-19] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R1 SASDIFSV; E:\E_DRIVE\Programs\Super_anti_spyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; E:\E_DRIVE\Programs\Super_anti_spyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-02-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-02-07] (Acronis International GmbH)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-02-07] (Acronis International GmbH)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
R3 WinRing0_1_2_0; \??\C:\Users\User\AppData\Local\Temp\tmpBC5B.tmp [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-02 21:13 - 2015-04-02 21:14 - 00000000 ____D () C:\FRST
2015-04-02 17:22 - 2015-04-02 20:42 - 00032189 _____ () C:\Windows\WindowsUpdate.log
2015-04-02 17:22 - 2015-04-02 18:21 - 00000336 _____ () C:\Windows\setupact.log
2015-04-02 17:22 - 2015-04-02 17:22 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-02 15:54 - 2015-04-02 15:58 - 00000000 ____D () C:\AdwCleaner
2015-04-02 11:58 - 2015-04-02 12:08 - 00000034 _____ () C:\Windows\system32\STOOLSubmit.ret
2015-04-01 20:42 - 2015-04-02 12:42 - 00000528 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c04b00fa-7b81-4379-8de5-de6bc40bfaf0.job
2015-04-01 20:42 - 2015-04-02 02:00 - 00000528 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 006b0949-594b-4c13-9d25-f99cdacd1aaa.job
2015-04-01 20:42 - 2015-04-01 20:42 - 00003600 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 006b0949-594b-4c13-9d25-f99cdacd1aaa
2015-04-01 20:42 - 2015-04-01 20:42 - 00003526 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task c04b00fa-7b81-4379-8de5-de6bc40bfaf0
2015-04-01 20:42 - 2015-04-01 20:42 - 00000992 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-04-01 20:42 - 2015-04-01 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-04-01 20:32 - 2015-04-02 15:53 - 00000000 ____D () C:\Program Files\stinger
2015-04-01 20:04 - 2015-04-02 15:43 - 00003684 _____ () C:\Users\User\Desktop\unhide.txt
2015-04-01 19:20 - 2015-04-01 19:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2015-04-01 19:20 - 2015-04-01 19:20 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-04-01 18:09 - 2015-04-01 18:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-01 13:16 - 2015-04-01 13:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 04:14 - 2015-03-31 04:14 - 00004387 _____ () C:\Users\User\AppData\Roaming\hps2KQQ90qK3s3Ti
2015-03-28 14:45 - 2015-03-28 14:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-03-28 14:45 - 2015-03-28 14:45 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2015-03-27 13:28 - 2015-03-27 13:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2015-03-27 13:28 - 2015-03-27 13:28 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-03-26 11:33 - 2015-03-26 11:33 - 00000000 ____D () C:\ProgramData\CCP
2015-03-25 13:31 - 2015-03-25 13:31 - 00000678 _____ () C:\Users\User\James (4).lnk
2015-03-25 13:31 - 2015-03-25 13:31 - 00000678 _____ () C:\Users\User\James (3).lnk
2015-03-25 13:28 - 2015-03-25 13:28 - 00000678 _____ () C:\Users\User\James (2).lnk
2015-03-25 13:20 - 2015-03-25 13:20 - 00000678 _____ () C:\Users\User\James.lnk
2015-03-24 14:48 - 2015-03-13 11:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-24 14:47 - 2015-03-13 15:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-24 14:47 - 2015-03-13 15:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-24 14:47 - 2015-03-13 15:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-24 01:50 - 2015-03-24 03:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\CrashDumps
2015-03-18 02:51 - 2015-03-18 02:51 - 00003931 _____ () C:\Users\Brian\AppData\Local\recently-used.xbel
2015-03-18 02:49 - 2015-03-18 02:51 - 00000000 ____D () C:\Users\Brian\.gimp-2.8
2015-03-18 02:49 - 2015-03-18 02:49 - 00000000 ____D () C:\Users\Brian\AppData\Local\gegl-0.2
2015-03-18 02:49 - 2015-03-18 02:49 - 00000000 ____D () C:\Users\Brian\.thumbnails
2015-03-15 18:52 - 2015-03-15 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-03-14 17:52 - 2015-03-14 17:52 - 00000000 ____D () C:\Program Files\ConvertHelper3
2015-03-14 01:49 - 2015-03-14 01:49 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
2015-03-11 06:36 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 06:36 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 06:36 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 06:36 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 06:36 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 06:36 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 06:36 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 06:36 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 06:36 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 06:36 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 06:36 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 06:36 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 06:36 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 06:36 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 06:36 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 06:36 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 06:36 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 06:36 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 06:36 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 06:36 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 06:36 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 06:36 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 06:36 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 06:36 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 06:36 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 06:36 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 06:36 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 06:36 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 06:36 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 06:36 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 06:36 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 06:36 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 06:36 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 06:36 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 06:36 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 06:36 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 06:36 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 06:36 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 06:36 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 06:35 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 06:35 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 06:35 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 06:35 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 06:35 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 06:35 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 06:35 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 06:35 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 06:35 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 06:35 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 06:35 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 06:35 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 06:35 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 06:35 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 06:35 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 06:35 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 06:35 - 2015-02-23 23:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 06:35 - 2015-02-23 22:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 06:35 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 06:35 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 06:35 - 2015-02-20 20:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 06:35 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 06:35 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 06:35 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 06:35 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 06:35 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 06:35 - 2015-02-19 23:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 06:35 - 2015-02-19 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 06:35 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 06:35 - 2015-02-19 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 06:35 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 06:35 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 06:35 - 2015-02-19 22:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 06:35 - 2015-02-19 22:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 06:35 - 2015-02-19 22:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 06:35 - 2015-02-19 22:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 06:35 - 2015-02-19 22:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 06:35 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 06:35 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 06:35 - 2015-02-19 22:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 06:35 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 06:35 - 2015-02-19 22:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 06:35 - 2015-02-19 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 06:35 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 06:35 - 2015-02-19 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 06:35 - 2015-02-19 22:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 06:35 - 2015-02-19 22:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 06:35 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 06:35 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 06:35 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 06:35 - 2015-02-19 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 06:35 - 2015-02-19 22:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 06:35 - 2015-02-19 21:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 06:35 - 2015-02-19 21:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 06:35 - 2015-02-19 21:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 06:35 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 06:35 - 2015-02-19 21:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 06:35 - 2015-02-19 21:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 06:35 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 06:35 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 06:35 - 2015-02-19 21:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 06:35 - 2015-02-19 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 06:35 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 06:35 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 06:35 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 06:35 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 06:35 - 2015-02-19 21:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 06:35 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 06:35 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 06:35 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 06:35 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 06:35 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 06:35 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 06:35 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 06:35 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 06:35 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 06:35 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 06:35 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 06:35 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 06:35 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 06:35 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 06:35 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 06:35 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-09 17:04 - 2015-03-09 17:02 - 00017629 _____ () C:\Items on C root.ods
2015-03-06 05:31 - 2015-03-06 05:31 - 00000000 ___SD () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-03-06 05:31 - 2015-03-06 05:31 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-03-03 16:25 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 16:25 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 16:25 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 16:25 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-02 18:28 - 2009-07-14 00:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-02 18:28 - 2009-07-14 00:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-02 18:27 - 2009-07-14 01:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-02 18:22 - 2014-01-24 11:45 - 00000000 ___RD () C:\Users\User\Dropbox
2015-04-02 18:22 - 2014-01-24 11:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-04-02 18:21 - 2015-01-21 13:04 - 00002440 _____ () C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5_user.job
2015-04-02 18:21 - 2015-01-21 13:04 - 00002440 _____ () C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5.job
2015-04-02 18:21 - 2015-01-21 13:01 - 00004488 _____ () C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-4.job
2015-04-02 18:21 - 2015-01-21 13:01 - 00003456 _____ () C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-1.job
2015-04-02 18:21 - 2015-01-21 13:01 - 00001762 _____ () C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-10_user.job
2015-04-02 18:21 - 2015-01-21 13:01 - 00001334 _____ () C:\Windows\Tasks\BPHSKP.job
2015-04-02 18:21 - 2015-01-21 13:01 - 00000890 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-04-02 18:21 - 2014-09-21 08:48 - 00000000 ___RD () C:\Users\User\iCloudDrive
2015-04-02 18:21 - 2014-04-21 16:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 18:21 - 2014-01-16 09:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-02 18:21 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-02 17:24 - 2015-01-04 19:29 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 15:52 - 2015-01-04 15:10 - 00000000 ____D () C:\Program Files (x86)\stinger
2015-04-02 15:14 - 2015-02-03 20:22 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2660834061-3649263539-3173229253-1000.job
2015-04-02 15:03 - 2014-04-21 16:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 15:02 - 2014-01-24 11:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-02 12:57 - 2014-12-26 08:06 - 00000386 _____ () C:\Windows\Tasks\update-sys.job
2015-04-02 12:29 - 2015-02-15 11:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\Everything
2015-04-02 12:06 - 2015-01-21 13:01 - 00000894 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-04-02 11:57 - 2014-12-26 08:06 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-2660834061-3649263539-3173229253-1000.job
2015-04-02 11:41 - 2015-01-11 12:52 - 00000000 ____D () C:\ProgramData\BDLogging
2015-04-02 11:33 - 2014-02-06 09:10 - 00000313 _____ () C:\Users\User\AppData\Roaming\Earthquakes Meter_Settings.ini
2015-04-02 10:34 - 2014-01-16 02:54 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-04-02 09:06 - 2014-01-23 12:08 - 00000000 ____D () C:\Users\Sara
2015-04-02 09:06 - 2014-01-23 12:08 - 00000000 ____D () C:\Users\Brian
2015-04-02 07:06 - 2014-03-10 20:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2015-04-01 21:11 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2015-04-01 19:13 - 2015-01-04 19:28 - 00000976 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-01 19:13 - 2015-01-04 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-01 18:16 - 2015-02-02 17:23 - 00000000 ____D () C:\Windows\Minidump
2015-04-01 18:09 - 2014-10-24 14:37 - 00000000 ____D () C:\ProgramData\Unchecky
2015-04-01 12:16 - 2015-01-26 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-31 12:09 - 2015-02-25 16:41 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Everything
2015-03-31 11:19 - 2015-02-25 15:40 - 00000000 ___RD () C:\Users\Sara\iCloudDrive
2015-03-31 11:19 - 2014-01-23 18:07 - 00076008 _____ () C:\Users\Sara\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-30 10:03 - 2014-02-15 15:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-03-30 06:09 - 2014-01-22 20:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-28 15:19 - 2014-01-26 18:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\BitTorrent
2015-03-26 20:57 - 2010-01-31 19:31 - 00000000 ____D () C:\Users\User\AppData\Local\Thunderbird
2015-03-26 16:31 - 2014-04-14 08:05 - 00000000 ____D () C:\Users\User\.zenmap
2015-03-25 04:26 - 2015-02-27 03:01 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Everything
2015-03-24 14:49 - 2014-05-14 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-24 14:49 - 2014-01-16 06:36 - 00000000 ____D () C:\Temp
2015-03-24 14:48 - 2014-01-16 09:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-24 14:48 - 2014-01-16 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-23 22:36 - 2015-03-01 14:42 - 00000000 ____D () C:\Users\Aran\AppData\Roaming\Everything
2015-03-23 22:36 - 2014-01-23 17:15 - 00076008 _____ () C:\Users\Brian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-23 22:34 - 2015-03-01 15:28 - 00000000 ____D () C:\Users\Aran\AppData\Roaming\Curse Client
2015-03-23 22:34 - 2014-01-23 15:59 - 00076008 _____ () C:\Users\Aran\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-23 19:42 - 2014-01-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Local\Greenshot
2015-03-23 18:34 - 2014-01-24 13:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2015-03-23 18:32 - 2014-06-03 21:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-23 18:31 - 2014-01-24 13:53 - 00000000 ____D () C:\ProgramData\Skype
2015-03-22 14:20 - 2014-01-22 18:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 14:20 - 2009-07-14 00:45 - 00341984 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 14:19 - 2015-01-25 16:39 - 00001147 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2015-03-22 14:19 - 2015-01-25 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-03-22 14:19 - 2014-03-10 16:21 - 00076008 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-22 13:34 - 2010-10-29 18:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2015-03-20 19:33 - 2014-03-23 13:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2015-03-17 19:25 - 2009-07-14 01:08 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-17 08:06 - 2015-01-11 12:50 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-03-17 06:15 - 2015-01-04 19:28 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2015-01-04 19:28 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 06:15 - 2015-01-04 19:28 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-15 11:54 - 2014-01-23 11:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-15 11:51 - 2014-01-23 11:37 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-03-15 10:39 - 2014-07-02 15:47 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2015-03-15 10:39 - 2014-01-24 11:22 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-15 10:39 - 2014-01-24 11:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-15 10:39 - 2014-01-24 11:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-14 17:50 - 2015-02-03 20:22 - 00003580 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2660834061-3649263539-3173229253-1000
2015-03-14 16:07 - 2014-01-22 20:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-14 10:23 - 2015-01-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2015-03-13 17:29 - 2014-06-23 07:22 - 00007645 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2015-03-13 15:41 - 2015-01-18 11:21 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 15:41 - 2014-05-26 17:46 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 15:41 - 2014-05-14 08:18 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-13 15:41 - 2014-01-16 09:16 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 12:16 - 2014-10-25 15:44 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 12:16 - 2014-01-16 09:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 12:16 - 2014-01-16 09:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 12:16 - 2014-01-16 09:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 12:16 - 2014-01-16 09:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 12:16 - 2014-01-16 09:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 17:44 - 2014-03-28 10:03 - 47271936 ___SH () C:\tnd.dat
2015-03-12 03:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 03:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 03:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 03:05 - 2014-01-26 20:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 03:01 - 2014-01-26 20:10 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 09:10 - 2014-01-16 09:16 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-10 13:11 - 2014-01-24 11:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-05 21:37 - 2014-06-07 18:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-04 04:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
 
==================== Files in the root of some directories =======
 
2014-11-25 16:19 - 2014-11-25 16:19 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-03-26 20:10 - 2014-03-26 20:10 - 0000009 _____ () C:\Users\User\AppData\Roaming\2.4.0.1
2014-02-06 09:05 - 2014-09-26 07:49 - 0000627 _____ () C:\Users\User\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-01 04:18 - 2015-01-21 21:51 - 0001171 _____ () C:\Users\User\AppData\Roaming\BPHSKP
2014-06-18 12:01 - 2014-06-18 12:04 - 0000602 _____ () C:\Users\User\AppData\Roaming\Digital Clock_Settings.ini
2014-02-06 08:54 - 2014-07-10 14:11 - 0000851 _____ () C:\Users\User\AppData\Roaming\Drives Meter_Settings.ini
2014-02-06 09:10 - 2015-04-02 11:33 - 0000313 _____ () C:\Users\User\AppData\Roaming\Earthquakes Meter_Settings.ini
2014-02-06 08:51 - 2014-10-12 07:52 - 0000297 _____ () C:\Users\User\AppData\Roaming\GPU MeterV2_Settings.ini
2015-03-31 04:14 - 2015-03-31 04:14 - 0004387 _____ () C:\Users\User\AppData\Roaming\hps2KQQ90qK3s3Ti
2014-02-06 09:40 - 2014-12-23 13:20 - 0000954 _____ () C:\Users\User\AppData\Roaming\Network Meter_Settings.ini
2014-02-06 15:59 - 2014-08-18 07:22 - 0000025 _____ () C:\Users\User\AppData\Roaming\Network Meter_Usage.ini
2014-08-02 13:48 - 2014-08-07 07:24 - 0000474 _____ () C:\Users\User\AppData\Roaming\Weather Monitor_Settings.ini
2014-12-10 12:54 - 2014-12-10 12:54 - 0001206 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-06-23 07:22 - 2015-03-13 17:29 - 0007645 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2014-12-26 08:06 - 2014-12-26 08:06 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log
2014-12-26 08:06 - 2014-12-26 08:06 - 0000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml
2015-01-11 12:53 - 2015-01-11 12:53 - 0577833 _____ () C:\ProgramData\1420994970.bdinstall.bin
2014-06-16 14:25 - 2014-06-16 14:25 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2014-02-16 17:22 - 2015-02-20 12:44 - 0000614 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Files to move or delete:
====================
C:\Users\Aran\jagex_runescape_preferences.dat
C:\Users\Aran\jagex_runescape_preferences2.dat
C:\Users\Brian\jagex_cl_loginapplet_LIVE.dat
C:\Users\Brian\jagex_cl_oldschool_LIVE.dat
C:\Users\Brian\jagex_cl_runescape_LIVE.dat
C:\Users\Brian\random.dat
 
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpri1flk.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-25 00:51
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by User at 2015-04-02 21:15:01
Running from E:\PC_USERS\JAMES\jDownloads\Browser_Items
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\uTorrent) (Version: 3.4.2.38429 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
ActivePerl 5.16.3 Build 1604 (64-bit) (HKLM\...\{A7915697-1675-433D-AD07-759E8550582F}) (Version: 5.16.1604 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Amazon Kindle) (Version:  - Amazon)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version:  - The Chinese Room)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Bluetooth Suite (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.60 - ASUS Communications)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 4.3.0.0 - Auslogics Labs Pty Ltd)
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\Steam App 257350) (Version:  - Beamdog)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.4 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Beyond Compare 4.0.4 (HKLM-x32\...\BeyondCompare4_is1) (Version: 4.0.4.19477 - Scooter Software)
Bitcoin Core (64-bit) (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
BitTorrent (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (remove only) (HKLM-x32\...\CCleaner) (Version:  - Piriform)
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
CodeBlocks (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 26.0.0.2 - COMODO)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeepRipper v 1.1 (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\{778E2400-C2C4-4797-B82C-E5876619B577}) (Version:  - Astonsoft)
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - Trion Worlds, Inc.)
Disk Unlocker (HKLM-x32\...\{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}) (Version: 2.1.3 - ASUSTek Computer Inc.)
Dropbox (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DS Clock (HKLM\...\DS Clock_is1) (Version: 2.6.3 - Duality Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.9.1 - battleclinic.com)
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileZilla Client 3.1.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.1.0.1 - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.6.2492 (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\GoToMeeting) (Version: 7.1.6.2492 - CitrixOnline)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Iconoid version 3.8.6 (HKLM-x32\...\{BCD2FF98-7DF2-4FE2-B7E3-9593C5D66A4E}_is1) (Version: 3.8.6 - Sillysot Software)
IFilterShop StarOffice/OpenOffice IFilter 1.6 (remove only) (HKLM\...\IFilterShop_SOFilter) (Version:  - IFilterShop LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LibreOffice 4.2 Help Pack (English (United States)) (HKLM-x32\...\{16A8198E-985A-47BA-A5DE-FB69073FE031}) (Version: 4.2.4.2 - The Document Foundation)
LibreOffice 4.2.8.2 (HKLM-x32\...\{2D3234B2-FC7B-41CD-9FC8-4F9C2C20C131}) (Version: 4.2.8.2 - The Document Foundation)
Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)
Livescribe Connect (HKLM-x32\...\com.livescribe.LivescribeConnect) (Version: 1.2.1.58498 - Livescribe Inc)
Livescribe Connect (x32 Version: 1.2.1 - Livescribe Inc) Hidden
Livescribe Desktop (HKLM-x32\...\Livescribe Desktop 2.8.3) (Version: 2.8.3 - Livescribe Inc)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Meeting Service Editor (HKLM-x32\...\{4E5D8DB3-B289-401D-8458-DF0125189210}) (Version: 1.00.0000 - AT&T Communication Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 en-US)) (Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 en-US) (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\Mozilla Thunderbird 31.4.0 (x86 en-US)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.6 (HKLM-x32\...\{461A5021-EE14-4E57-9A06-8ABCE9C38FE4}) (Version: 1.2.6 - Thorvald Natvig)
NETGEAR Powerline Utility (HKLM-x32\...\InstallShield_{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.4 - NETGEAR Powerline)
NETGEAR Powerline Utility (x32 Version: 3.1.0.4 - NETGEAR Powerline) Hidden
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
Nmap 6.46 (HKLM-x32\...\Nmap) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24735 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Source Preview Handler (HKLM\...\{41E11405-033D-4156-A66A-126DC1CC572D}) (Version: 1.0.11.0 - SmartSoft Ltd.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
System Explorer 6.4.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Bard's Tale (HKLM-x32\...\Steam App 41900) (Version:  - inXile Entertainment)
The Secret World (HKLM-x32\...\Steam App 215280) (Version:  - Funcom)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher 2: Bonus Content (HKLM-x32\...\Steam App 20930) (Version:  - )
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00 - Ubisoft)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
uPlayer (HKLM-x32\...\{06810DC6-3501-40FE-BCB3-1A7BE6398A36}) (Version: 1.0.0 - Full Spectrum Interactive)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceZoneConnect (HKLM-x32\...\com.twc.voicezoneconnect) (Version: 1.5.0 - Time Warner Cable Media Inc)
VoiceZoneConnect (x32 Version: 1.5.0 - Time Warner Cable Media Inc) Hidden
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
WinBubble (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\WinBubble) (Version: 2.0.1.32 - Lawrence Albert)
WinDirStat 1.1.2 (HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
xplorer² Ultimate 64 bit (HKLM\...\xplorer2p64_u) (Version: 2.5.0.2 - Zabkat)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\User\AppData\Local\Citrix\GoToMeeting\2185\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{ede02d5b-1550-4fb7-be6a-1036b8883a4a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
ATTENTION: System Restore is disabled.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-04-02 18:21 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03EB09ED-1B7D-4AE9-8F77-DF5F9A820B02} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-1 => C:\Program Files (x86)\The-Go-Photo-it-v11\The-Go-Photo-it-v11-codedownloader.exe <==== ATTENTION
Task: {0B04F16D-C94B-41E8-A5FA-6892FA66FBA7} - \bc07e086-448b-4446-992a-155abf6feb7a-4 No Task File <==== ATTENTION
Task: {1A4633F0-2D3B-45D3-835D-5D28DCCDE537} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5_user => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-5.exe <==== ATTENTION
Task: {1D1BE8DE-402A-4C42-B553-A33C8FBA832B} - \BPHSKP No Task File <==== ATTENTION
Task: {1D1E78D3-63B5-4D78-9AC4-80FFFBC72AD0} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5 => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-5.exe <==== ATTENTION
Task: {381569FB-6E45-47EF-84DC-974896C4BF2E} - System32\Tasks\Norton Zone\Norton Error Analyzer => C:\Program Files (x86)\Norton Zone\Engine\2.0.97.14\SymErr.exe
Task: {3BF60530-CEC2-4C63-BBE5-22817535C4BB} - System32\Tasks\{1738D1EB-A21C-4F5A-8335-6F979C5373FA} => pcalua.exe -a "E:\E_DRIVE\Entertainment\Ubisoft\Ubisoft Game Launcher\cache\installers\110\Disk1\setup.exe" -d "E:/E_DRIVE/Entertainment/Ubisoft/Ubisoft Game Launcher/cache/installers/110/"
Task: {47D7CF27-7EA4-408C-BCBD-66BB49EC8C72} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {49816021-2298-4A75-91CB-ECB2CC294AFC} - System32\Tasks\{85E81A66-B540-4FFE-851F-491901BF97F2} => pcalua.exe -a C:\Users\User\Downloads\wlsetup-web.exe -d C:\Users\User\Downloads
Task: {4C19DED9-4B1F-4183-A2EA-D104F13D8AA3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {5326E87A-AC9F-4E95-A97B-6226209A9C89} - System32\Tasks\PCMeter\Startup => F:\Utilities_002\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {72FC5B3E-0B56-47D6-A9CB-BFB2FACDC637} - System32\Tasks\{74705E21-8E77-428D-8054-19C044191D98} => pcalua.exe -a C:\Users\User\Downloads\setup.exe -d C:\Users\User\Downloads
Task: {77265CB7-1789-44C8-8050-D4F897802F06} - System32\Tasks\G2MUpdateTask-S-1-5-21-2660834061-3649263539-3173229253-1000 => C:\Users\User\AppData\Local\Citrix\GoToMeeting\2457\g2mupdate.exe [2015-03-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {847E5368-8A0B-43FC-9E15-FC4232302222} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {97ACE110-EF1B-4ECA-87DE-F045E7CCE7CE} - \hps2KQQ90qK3s3Ti No Task File <==== ATTENTION
Task: {99DC5681-86DE-4167-982C-B4C534BFF139} - System32\Tasks\Game_Booster_AutoUpdate => E:\E_DRIVE\Programs\IObit\Game Booster 3\AutoUpdate.exe [2014-09-30] ()
Task: {A08EB905-1923-4D13-A2E8-63E3E0ED2637} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: {A753BC8C-4DEE-4360-A4AF-5B102FCA3AF0} - System32\Tasks\{7DB5EECD-BFB6-43E2-9FB0-CB27303CC77A} => pcalua.exe -a "E:\E_DRIVE\Entertainment\Ubisoft\Ubisoft Game Launcher\cache\installers\2\setup.exe" -d "E:/E_DRIVE/Entertainment/Ubisoft/Ubisoft Game Launcher/cache/installers/2/"
Task: {AA718CE8-A164-4866-A95C-CEDF062FD927} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {B05AFDAC-C2E0-445B-A82F-89345513DAC3} - System32\Tasks\Norton Zone\Norton Error Processor => C:\Program Files (x86)\Norton Zone\Engine\2.0.97.14\SymErr.exe
Task: {B61DA0FA-BCB8-4591-9E31-B4704343CB2B} - System32\Tasks\SUPERAntiSpyware Scheduled Task 006b0949-594b-4c13-9d25-f99cdacd1aaa => E:\E_DRIVE\Programs\Super_anti_spyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B959F743-48ED-4A03-B64C-6CB468108C81} - \ZGZW No Task File <==== ATTENTION
Task: {BB38472C-F924-4E73-8B31-CD3881238AE0} - System32\Tasks\{C007AD48-E7B7-4424-9AF5-E812332BE750} => pcalua.exe -a E:\Users\Aran\Downloads\setup.exe -d E:\Users\Aran\Downloads
Task: {CE0E8A26-2271-4F3E-BE35-18626D329BB3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-15] (Adobe Systems Incorporated)
Task: {D94F2452-DBB5-4CE7-9A81-C8D1EA5A131D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2660834061-3649263539-3173229253-1000
Task: {EB57C215-2F28-4819-9B71-52F3872357EF} - System32\Tasks\SUPERAntiSpyware Scheduled Task c04b00fa-7b81-4379-8de5-de6bc40bfaf0 => E:\E_DRIVE\Programs\Super_anti_spyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {F76EE5FA-B5C0-4A48-9AA3-F1A6D7314982} - System32\Tasks\update-S-1-5-21-2660834061-3649263539-3173229253-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {F7C2CD9A-D1A3-4D64-A9E0-32336F896973} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-10_user => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-10.exe <==== ATTENTION
Task: {FC1D0B6B-3ADF-4021-B361-7AB3037D7626} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FC7ED36A-9110-4A80-83B1-C7E24E94F4C1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-1.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-10_user.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-4.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5_user.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\BPHSKP.job => 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2660834061-3649263539-3173229253-1000.job => 
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => 
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 006b0949-594b-4c13-9d25-f99cdacd1aaa.job => 
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c04b00fa-7b81-4379-8de5-de6bc40bfaf0.job => 
Task: C:\Windows\Tasks\update-S-1-5-21-2660834061-3649263539-3173229253-1000.job => 
Task: C:\Windows\Tasks\update-sys.job => 
 
==================== Loaded Modules (whitelisted) ==============
 
2015-01-11 12:52 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-11 12:52 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-11 12:52 - 2014-12-17 15:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-11 12:52 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-04-02 08:21 - 2015-04-02 08:21 - 00785736 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00150_003\ashttpbr.mdl
2015-04-02 08:21 - 2015-04-02 08:21 - 00706408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00150_003\ashttpdsp.mdl
2015-04-02 08:21 - 2015-04-02 08:21 - 02681448 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00150_003\ashttpph.mdl
2015-04-02 08:21 - 2015-04-02 08:21 - 01324432 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00150_003\ashttprbl.mdl
2014-01-16 09:16 - 2015-03-13 12:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-16 06:30 - 2012-10-29 03:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2015-02-15 11:27 - 2014-08-05 21:04 - 01441792 _____ () E:\E_DRIVE\Programs\Everything\Everything.exe
2013-12-19 04:07 - 2013-12-19 04:07 - 01821384 _____ () E:\E_DRIVE\Programs\Comodo\IceDragon\icedragon_updater.exe
2014-05-31 13:04 - 2014-06-15 16:18 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-04 19:24 - 2015-02-04 19:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-10-01 11:26 - 2013-10-01 11:26 - 02810968 _____ () E:\E_DRIVE\Programs\Acronis\TrueImageHome\tishell64.dll
2008-07-24 14:24 - 2008-07-24 14:24 - 00111616 _____ () E:\E_DRIVE\Utilities\network apps f\FileZilla FTP Client\fzshellext_64.dll
2014-02-06 09:03 - 2014-02-06 09:03 - 00012520 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-06 09:03 - 2014-02-06 09:03 - 00015080 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-06 09:03 - 2014-02-06 09:03 - 00014056 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2015-01-26 10:16 - 2015-01-26 10:16 - 00046080 _____ () C:\Users\User\AppData\Local\KeePass\PluginCache\2Bpy6j3knGjdxFCRoheO\Fleck2.dll
2014-07-19 22:10 - 2014-07-19 22:10 - 00142336 _____ () E:\E_DRIVE\Programs\TimeWarner\VoiceZoneConnect\VoiceZoneConnect.exe
2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () E:\Programs\Notepad++\NppShell_06.dll
2015-02-10 08:54 - 2015-03-17 08:10 - 00471056 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdidntconp.dll
2015-03-17 08:10 - 2015-03-17 08:10 - 00187904 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\ui\bdidntconp.ui
2014-01-16 06:30 - 2015-04-02 18:21 - 00032256 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2014-01-16 06:30 - 2012-05-07 12:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2011-10-27 19:56 - 2011-10-27 19:56 - 00276992 _____ () C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommSdk.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-04 18:08 - 2015-03-04 18:08 - 00750080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-04-02 18:22 - 2015-04-02 18:22 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpri1flk.dll
2015-03-04 18:08 - 2015-03-04 18:08 - 00047616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 18:08 - 2015-03-04 18:08 - 00865280 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 18:07 - 2015-03-04 18:07 - 00200704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-03 18:29 - 2015-03-03 18:29 - 00439304 _____ () E:\E_DRIVE\Programs\EverNote\EverNote\libxml2.dll
2015-03-03 18:29 - 2015-03-03 18:29 - 00321032 _____ () E:\E_DRIVE\Programs\EverNote\EverNote\libtidy.dll
2015-02-05 05:20 - 2015-02-05 05:20 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-03-15 10:20 - 2015-03-15 10:20 - 04885152 _____ () c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-03-09 12:15 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2014-01-16 06:35 - 2013-03-12 17:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-25 05:43 - 2014-09-25 05:43 - 00880328 _____ () E:\E_DRIVE\Programs\Comodo\Chromium Secure\libglesv2.dll
2014-09-25 05:38 - 2014-09-25 05:38 - 00134856 _____ () E:\E_DRIVE\Programs\Comodo\Chromium Secure\libegl.dll
2014-09-25 05:38 - 2014-09-25 05:38 - 00956616 _____ () E:\E_DRIVE\Programs\Comodo\Chromium Secure\ffmpegsumo.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00270016 _____ () C:\Program Files (x86)\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () E:\E_DRIVE\Programs\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: EPSON Stylus CX6000 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIA.EXE /FU "C:\Windows\TEMP\E_SA545.tmp" /EF "HKCU"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: tvncontrol => "E:\E_DRIVE\Programs\Tight VNC\tvnserver.exe" -controlservice -slave
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2660834061-3649263539-3173229253-500 - Administrator - Enabled) => C:\Users\Administrator
Aran (S-1-5-21-2660834061-3649263539-3173229253-1002 - Administrator - Enabled) => C:\Users\Aran
Brian (S-1-5-21-2660834061-3649263539-3173229253-1001 - Administrator - Enabled) => C:\Users\Brian
Guest (S-1-5-21-2660834061-3649263539-3173229253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2660834061-3649263539-3173229253-1006 - Limited - Enabled)
J2 (S-1-5-21-2660834061-3649263539-3173229253-1004 - Limited - Enabled)
Sara (S-1-5-21-2660834061-3649263539-3173229253-1003 - Administrator - Enabled) => C:\Users\Sara
User (S-1-5-21-2660834061-3649263539-3173229253-1000 - Administrator - Enabled) => C:\Users\User
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/02/2015 06:23:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
 
System errors:
=============
Error: (04/02/2015 06:32:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}
 
Error: (04/02/2015 06:22:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (04/02/2015 06:22:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (04/02/2015 06:22:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (04/02/2015 06:21:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The COMODO Chromium Secure Update Service service failed to start due to the following error: 
%%2
 
Error: (04/02/2015 06:17:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (04/02/2015 05:25:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (04/02/2015 05:23:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (04/02/2015 05:23:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
 
Error: (04/02/2015 05:23:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
 
Microsoft Office Sessions:
=========================
Error: (04/02/2015 06:23:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (04/02/2015 06:21:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 16321.72 MB
Available physical RAM: 10005.5 MB
Total Pagefile: 16719.91 MB
Available Pagefile: 9676.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: (SSD) (Fixed) (Total:111.79 GB) (Free:24.63 GB) NTFS
Drive d: (TurboTax 2014) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
Drive e: (Internal_1TB_HD) (Fixed) (Total:931.41 GB) (Free:386.35 GB) NTFS
Drive f: (Multi-Media_HD) (Fixed) (Total:455.59 GB) (Free:267.02 GB) NTFS
Drive g: (Recovery) (Fixed) (Total:10.17 GB) (Free:6.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (Misc_HD) (Fixed) (Total:465.76 GB) (Free:372.11 GB) NTFS
Drive i: (Internal_3TB_HD) (Fixed) (Total:2794.39 GB) (Free:2718.21 GB) NTFS
Drive j: (J16) (Removable) (Total:15.38 GB) (Free:11.5 GB) FAT32
Drive k: (USB20FD) (Removable) (Total:29.95 GB) (Free:29.95 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: FD2D401B)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 2527A2C7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B8412160)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=455.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 61858E46)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 61858E4D)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (Size: 15.4 GB) (Disk ID: 69737369)
No partition Table on disk 5.
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)
 
==================== End Of Log ============================t

Edited by jammalg, 04 April 2015 - 11:49 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 05 April 2015 - 07:48 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled.

Turn System Restore on - Windows Help
http://windows.microsoft.com/en-ca/windows/turn-system-restore-on-off#1TC=windows-7
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShortcutTarget: Curse.lnk -> C:\Users\User\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2660834061-3649263539-3173229253-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2660834061-3649263539-3173229253-1000 -> {F1651D6A-13CE-4252-8F1E-AAE3D39A0C8E} URL = http://search.yahoo.com/?ourmark=4&p={searchTerms}
FF DefaultSearchEngine: DuckDuckGo
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchEngine.US: DuckDuckGo
FF DefaultSearchUrl: hxxp://websearch.thesearchpage.info/?pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.thesearchpage.info/?pid=244&r=2015/02/04&hid=4252856331661470275&lg=EN&cc=US&unqvl=74&l=1&q=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\searchplugins\duckduckgo.xml [2014-01-22]
FF Extension: DuckDuckGo Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zj3ttg91.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-22]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-01-21] (globalUpdate) [File not signed]
S2 ChromiumSecureUpdater; E:\E_DRIVE\Programs\Comodo\Comodo\Chromium Secure\chromiumsecure_updater.exe [X]
R3 WinRing0_1_2_0; \??\C:\Users\User\AppData\Local\Temp\tmpBC5B.tmp [X]
C:\Program Files (x86)\globalUpdate
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpri1flk.dll
Task: {03EB09ED-1B7D-4AE9-8F77-DF5F9A820B02} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-1 => C:\Program Files (x86)\The-Go-Photo-it-v11\The-Go-Photo-it-v11-codedownloader.exe <==== ATTENTION
Task: {0B04F16D-C94B-41E8-A5FA-6892FA66FBA7} - \bc07e086-448b-4446-992a-155abf6feb7a-4 No Task File <==== ATTENTION
Task: {1A4633F0-2D3B-45D3-835D-5D28DCCDE537} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5_user => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-5.exe <==== ATTENTION
Task: {1D1BE8DE-402A-4C42-B553-A33C8FBA832B} - \BPHSKP No Task File <==== ATTENTION
Task: {1D1E78D3-63B5-4D78-9AC4-80FFFBC72AD0} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5 => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-5.exe <==== ATTENTION
Task: {97ACE110-EF1B-4ECA-87DE-F045E7CCE7CE} - \hps2KQQ90qK3s3Ti No Task File <==== ATTENTION
Task: {A08EB905-1923-4D13-A2E8-63E3E0ED2637} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: {B959F743-48ED-4A03-B64C-6CB468108C81} - \ZGZW No Task File <==== ATTENTION
Task: {F7C2CD9A-D1A3-4D64-A9E0-32336F896973} - System32\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-10_user => C:\Program Files (x86)\The-Go-Photo-it-v11\bc07e086-448b-4446-992a-155abf6feb7a-10.exe <==== ATTENTION
Task: {FC7ED36A-9110-4A80-83B1-C7E24E94F4C1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-21] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-1.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-10_user.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-4.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\bc07e086-448b-4446-992a-155abf6feb7a-5_user.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\BPHSKP.job => 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2660834061-3649263539-3173229253-1000.job => 
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>  <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>  <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Run the latest version of AdwCleaner and remove everything that will be found.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#3 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 06 April 2015 - 10:33 AM

Hi Nasdaq,  That you for helping me. Except for restarting the System Restore (I'll do it after I send this to you) I've done everything as requested.

Attached are the Fixlog.txt [attachment=163576:Fixlog.txt] and AdwCleaner[S0].txt. [attachment=163577:AdwCleanerS0.txt] files.

 

As soon as I started FireFox the same problems are occurring as before:

  • Popups
  • Being sent to other sites

By just opening FF, Bitdefender detected 14 "Infected webpage detected" items.

 

My Chromium Secure browser "seems" OK - though probably isn't.

Internet Explorer - which I never use but cannot get rid of - when I opened it up was sent to 1 site that was, according to BirDefender, malware infested.

 

What next?

 

Jammalg

 

 

 

 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 06 April 2015 - 01:04 PM

Reset the browsers that have been compromised.

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

How is the computer running now?

#5 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 06 April 2015 - 04:01 PM

Everything seemed to be fine after resetting the browsers but the problem started up again after about 2 or 3 minutes.

 

I have restarted Firefox a couple of times now and each time the problem doesn't occur as soon as I start the browser, as it was before.

Now there is a definite delay in the problem starting.  It seems like I have to click on a menu item or try to go to a different URL - then the ads

and re-direction starts.

 

Suggestions?

 

Jammalg


Edited by jammalg, 06 April 2015 - 04:15 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 07 April 2015 - 07:02 AM

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Before proceeding save your Bookmarks.
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Install the latest version of the application.

You can then import them to the new version of Firefox.

Firefox Password manager -
Remember, delete and change saved passwords in Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-passwords
<<<>>>

#7 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 07 April 2015 - 09:45 AM

Hi nasdaq,

 

I have totally removed firefox and am contacting you via Chromium Secure.  Things were getting pretty bad because 

I was being blocked from connecting to bleepingcomputer.com - after FF removal, I can connect once again.

 

At this point, I'm not sure if I even want to use FF again and I have not tried IE yet.

I do have quite a bit of work  that I could not do because of the browser problem - which I must get done. So let me get some 

work done and then I'll re-install FF, try IE and get back to you.  

 

Of course, if anything seems even minimally wrong, I'll contact you immediately.

 

Thank you for your much needed help.  Talk to you in a day or 2.

 

Jammalg



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 07 April 2015 - 10:25 AM

Waiting.

#9 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 09 April 2015 - 05:37 PM

Hi Nasdaq,  Today I re-installed Firefox and ran it with no modifications - no extensions, apps or plugins were added by me.  There were no popups and I was never directed to a different site.  However, using System Explorer and Process Hacker I could see many processes and network connections were being kicked off by FF. There were so many that the only thing I could visibly see on Firefox was the blue "process" circle going round and round - for 10 or 15 minutes. 85% of the FF window had no content and any mouse clicking I did appeared to have no effect. In the end, FF ended up crashing.  I tried to use FF 3 times and the same thing happened every time.

 

Internet Explorer had 1 re-direction but nothing more - and I did use it quite a bit.

 

Chromium Secure seems to running smoothly.

 

Suggestions?

 

Thank you for the work you're doing to help me out.

 

Jammalg



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 10 April 2015 - 07:04 AM


Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
If the problem persists and you are using a router it may just be that it's compromised.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

Keep me posted.

#11 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 10 April 2015 - 10:29 AM

I ran MiniToolBox with the suggested settings and have attached the txt output.  [attachment=163704:Result.txt]

 

I need to get more work done today - like taxes - and will note any problems with my browsers in my next reply to you.  

 

Regarding routers, the router situation is more complicated than just a single router - I have 3, 4 or more depending on how you look at it.

I have (1) an UBEE Cable/Telephone Modem from my TimeWarner cable co that also provides WiFi and our telephone. The WiFi from this box is NOT used.

The UBEE outputs to (2) a small Linksys SE 1500 that spits the ethernet to my printer, PC and to an AC ethernet box - a Netgear PowerlineAV-500...call it PowerlineAV-500 #01.

PowerlineAV-500 #02 outputs the ethernet to a (3) Netgear Rangemax Wireless-N 150 Router (WPN824N) - which is used just for the WiFi.

PowerlineAV-500 #03 outputs to a (4) Netgear F5605 v3 5 port 10/100Mbps Switch (router) that splits the ethernet to the TV and game consoles.

PowerlineAV-500 #04 outputs to another PC.

 

I thought the Linksys SE 1500 and Netgear F5605 v3 Switch were basically just spliters with no real intelligence. I hate to ask, but which router(s) in my list might need resetting if the problem continues? Maybe you might want to wait see if the problem continues before having to answer.

 

Thanks again, nasdaq. I will try to get back to you later today with the browser update.

 

Jammalg

 

UPDATE: 4/10 at 5:17 PM

I tried running Firefox 5 times and it just crashed after a few seconds. A crash report form, with collected data, did pop up and I sent it on to Mozilla.

 

At this time Chromium Secure and I.E. both seem  to be running without problem.

 

Suggestions?


Edited by jammalg, 10 April 2015 - 04:36 PM.


#12 jammalg

jammalg
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:37 AM

Posted 17 April 2015 - 12:12 PM

Nasdaq,  

 

So are we done at the point?  How it stands is that

 

1) I have not edited my routers (see my previous reply dated 4/10/2015 11:29 AM and 5:17 PM)  I was waiting to see what you would reply/say

2) I cannot run FF at all. Just starting it causes FF to crash immediately.

 

Jammalg



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 17 April 2015 - 01:24 PM

Sorry I missed you last post.

I would rather you check with the experts in the Networking forum for your router.
http://www.bleepingcomputer.com/forums/f/21/networking/

This is not my forte.

What you can try now is to reset your Hosts file to factory level.
Follow the instructions for your version of Windows.
https://support.microsoft.com/en-us/kb/972034

Keep me posted.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:37 AM

Posted 24 April 2015 - 10:49 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users