Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer running extremely slow


  • This topic is locked This topic is locked
11 replies to this topic

#1 scubaman2009

scubaman2009

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 02 May 2015 - 01:08 AM

ok so recently my computer started to run extremely slow and im completely confused as to what happened. from what ive viewed its not ram problem because typically it runs around 20%-50% depending on the program...  the issue is that the disk shoots up to 100%... im not doing anything different than normal use that ive been doing on it so it should be having this problem... the im pretty sure its some sort of virus/spyware/malware. ive done pretty much everything i ran the chkdk from command prompt. checked the ram...restored to an earlier date.... virus scans.. used cc cleaner... none have helped... wish there was more info that i could give but thats pretty much all i have im completely stumped.. thank u advance for any help u can give...please see logs from the requested scans below

......................................

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by bubba7420 (administrator) on SCUBAMAN2009 on 01-05-2015 03:22:55
Running from C:\Users\bubba7420\Desktop
Loaded Profiles: bubba7420 (Available profiles: bubba7420)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\postgres\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Apache Software Foundation) C:\apache-tomcat-6.0.18\bin\tomcat6.exe
() C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
() C:\Users\bubba7420\Downloads\memboost_1959\memboost_1959\memBoost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\nsapp.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\Indexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.244\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.28\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.141\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-06-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3993744 2014-05-22] (Stardock Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [uTorrent] => C:\Users\bubba7420\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-14] (BitTorrent Inc.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-03-26] (Siber Systems)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Policies\Explorer: [NofolderOptions] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2014-08-04]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\bubba7420\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rizone Memory Booster.lnk [2015-04-29]
ShortcutTarget: Rizone Memory Booster.lnk -> C:\Users\bubba7420\Downloads\memboost_1959\memboost_1959\memBoost.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2003-02-14] (Autodesk)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-03-26] (Siber Systems Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-03-26] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-03-26] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-03-26] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} file:///C:/ProgramData/20-20%20Technologies/VSAT/Core/Player/2020PlayerAX_WEB_Win32.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2010-12-02] (SHARP CORPORATION)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1122B8DA-A3F1-40B3-BBF7-BAA0F6566FB7}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{79F36B57-ABE3-406B-B44E-BC1F2D5E8487}: [NameServer] 8.8.8.8,4.4.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\mintrayr@tn123.ath.cx [2014-08-07]
FF Extension: TooManyTabs - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\TooManyTabs@visibotech.com [2014-08-04]
FF Extension: Flashblock - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-24]
FF Extension: DownloadHelper - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Flash and Video Download - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-31]
FF Extension: DownThemAll! AntiContainer - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\anticontainer@downthemall.net.xpi [2014-08-04]
FF Extension: Flash OnOff - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\jid0-XXocAsQYPfKHSY8ebTi0VcX8eNQ@jetpack.xpi [2014-08-04]
FF Extension: Load Control - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\loadcontrol@mcphate.org.xpi [2014-08-04]
FF Extension: New Tabs at the End - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\new-tabs-at-end@forerunnerdesigns.com.xpi [2014-08-04]
FF Extension: Open Link in New Tab - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\openlinkintab@piro.sakura.ne.jp.xpi [2014-08-04]
FF Extension: Tab Kit 2nd Edition - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\tabkit2@pikachuexe.amateur.hk.xpi [2014-08-04]
FF Extension: Tab Utilities - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\tabutils@ithinc.cn.xpi [2014-08-04]
FF Extension: FlashGot - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-08-04]
FF Extension: Tab Control - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{39952c40-5197-11da-8cd6-0800200c9a66}.xpi [2014-08-04]
FF Extension: Flash Block - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2014-11-24]
FF Extension: Tab Mix Plus - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-08-04]
FF Extension: DownThemAll! - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-30]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.symbaloo.com/
CHR StartupUrls: Default -> "hxxp://www.symbaloo.com/", "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bubba7420\AppData\Roaming\Mozilla\plugins\npatgpc.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll No File
CHR Profile: C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-02-16]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-08-04]
CHR Extension: (Planbox - Agile Project Management Tool) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapfbnhbikoppmmhgkocdolgomnodnna [2015-02-16]
CHR Extension: (Bookmark Manager) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-16]
CHR Extension: (PMRobot Project Management) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgmbdjbioclglfplibgckdieigaakmh [2015-02-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]
CHR Extension: (Poppit!) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-02-16]
CHR Extension: (CrowdFlower) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd [2015-04-10]
CHR Extension: (Google Wallet) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (RoboForm) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-03-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-27]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-27]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2015-03-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-16] (NVIDIA Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-16] (NVIDIA Corporation)
R2 pgsql-8.2; c:\postgres\bin\pg_ctl.exe [79948 2007-09-17] (PostgreSQL Global Development Group) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-03-28] (Stardock Software, Inc)
R2 Tomcat6; c:\apache-tomcat-6.0.18\bin\tomcat6.exe [57344 2008-07-22] (Apache Software Foundation) [File not signed]
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [34240 2015-02-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 CSEntService; "C:\csremote38\jdk1.6.0_10\bin\java.exe" "-classpath" "C:\csremote38\WEB-INF\classes\yajsw-stable-11.0\wrapper.jar" "-Xrs" "-Dwrapper.service=true" "-Dwrapper.working.dir=C:\csremote38\WEB-INF\classes" "-Dwrapper.config=C:\csremote38\WEB-INF\classes\yajsw-stable-11.0\conf\wrapper.conf" "-Dwrapper.additional.1x=-Xrs" "org.rzo.yajsw.boot.WrapperServiceBooter" 
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-18] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-04-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-04-26] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150429.001\IDSvia64.sys [671448 2015-04-24] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150430.002\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150430.002\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\drivers\SNTUSB64.SYS [58664 2008-07-11] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-04-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2014-10-14] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-01 03:22 - 2015-05-01 03:23 - 00034907 _____ () C:\Users\bubba7420\Desktop\FRST.txt
2015-05-01 03:06 - 2015-05-01 03:06 - 02101248 _____ (Farbar) C:\Users\bubba7420\Desktop\frst64.exe
2015-05-01 03:04 - 2015-05-01 03:05 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\bubba7420\Desktop\cbSetup.exe
2015-04-30 20:19 - 2015-04-30 20:19 - 00000000 ____H () C:\ProgramData\cm-lock
2015-04-29 19:11 - 2015-04-29 19:16 - 691053558 _____ () C:\Users\bubba7420\Downloads\hih13891-720p.mp4
2015-04-29 19:08 - 2015-04-29 19:13 - 576207628 _____ () C:\Users\bubba7420\Downloads\smv14205-720p.mp4
2015-04-29 19:05 - 2015-04-29 19:10 - 583349750 _____ () C:\Users\bubba7420\Downloads\bbc14216-720p.mp4
2015-04-29 19:01 - 2015-04-29 19:08 - 942116308 _____ () C:\Users\bubba7420\Downloads\bb14317-720p.mp4
2015-04-29 19:00 - 2015-04-29 19:05 - 669634869 _____ () C:\Users\bubba7420\Downloads\ms8362-720p.mp4
2015-04-28 22:06 - 2015-04-28 22:16 - 563038750 _____ () C:\Users\bubba7420\Downloads\therealworkout_kylee_strutt_full_hi.wmv
2015-04-28 22:06 - 2015-04-28 22:15 - 562202848 _____ () C:\Users\bubba7420\Downloads\therealworkout_ava_taylor_full_hi.mp4
2015-04-28 21:59 - 2015-04-28 22:05 - 427482582 _____ () C:\Users\bubba7420\Downloads\shesnew_kimber_lee_full_hi.mp4
2015-04-28 21:58 - 2015-04-28 22:05 - 522083643 _____ () C:\Users\bubba7420\Downloads\teenpies_kaylee_haze_full_hi.mp4
2015-04-28 21:51 - 2015-04-28 21:58 - 542710406 _____ () C:\Users\bubba7420\Downloads\teencurves_kelsi_monroe_full_hi.mp4
2015-04-28 21:50 - 2015-04-28 21:59 - 625768879 _____ () C:\Users\bubba7420\Downloads\teensdoporn_jade_nile_full_hi.mp4
2015-04-28 17:56 - 2015-04-28 18:01 - 506072109 _____ () C:\Users\bubba7420\Downloads\teenpies_rahyndee_full_hi.mp4
2015-04-28 17:50 - 2015-04-28 17:58 - 642635361 _____ () C:\Users\bubba7420\Downloads\teenpies_london_lynn_full_hi.mp4
2015-04-28 17:50 - 2015-04-28 17:55 - 541724044 _____ () C:\Users\bubba7420\Downloads\teenpies_sabrina_banks_full_hi.mp4
2015-04-28 17:44 - 2015-04-28 17:50 - 749665773 _____ () C:\Users\bubba7420\Downloads\teenpies_lucy_tyler_full_hi.mp4
2015-04-28 17:43 - 2015-04-28 17:49 - 620728730 _____ () C:\Users\bubba7420\Downloads\teenpies_ada_full_hi.mp4
2015-04-28 17:37 - 2015-04-28 17:43 - 557087512 _____ () C:\Users\bubba7420\Downloads\teenpies_sasha_summers_full_hi.mp4
2015-04-28 17:36 - 2015-04-28 17:43 - 585051342 _____ () C:\Users\bubba7420\Downloads\teenpies_charli_acacia_full_hi.mp4
2015-04-28 17:32 - 2015-04-28 17:37 - 600070384 _____ () C:\Users\bubba7420\Downloads\teenpies_rachel_rose_full_hi.mp4
2015-04-28 17:28 - 2015-04-28 17:33 - 645364348 _____ () C:\Users\bubba7420\Downloads\teenpies_natalie_lust_full_hi.mp4
2015-04-28 17:22 - 2015-04-28 17:28 - 564186030 _____ () C:\Users\bubba7420\Downloads\teenpies_keisha_grey_full_hi.mp4
2015-04-28 17:16 - 2015-04-28 17:21 - 551156698 _____ () C:\Users\bubba7420\Downloads\teenpies_allie_rae_full_hi.mp4
2015-04-28 17:13 - 2015-04-28 17:15 - 03925665 _____ () C:\Users\bubba7420\Downloads\29.APR.HQ MIX and more else.rar
2015-04-27 20:40 - 2015-04-27 20:48 - 724571307 _____ () C:\Users\bubba7420\Downloads\amrahyndeejoey_qt.mp4
2015-04-27 17:11 - 2015-04-27 17:11 - 00002806 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-27 17:11 - 2015-04-27 17:11 - 00001736 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-04-27 17:11 - 2015-04-27 17:11 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\Program Files\Defraggler
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-27 17:10 - 2015-04-27 17:10 - 04532776 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\dfsetup219.exe
2015-04-27 17:09 - 2015-04-27 17:10 - 00001714 _____ () C:\Users\bubba7420\Downloads\Defraggler.ini
2015-04-27 17:09 - 2015-04-27 17:09 - 00000000 ____D () C:\Users\bubba7420\Downloads\lang
2015-04-27 17:09 - 2015-04-27 17:09 - 00000000 _____ () C:\Users\bubba7420\Downloads\statistics.bin
2015-04-27 17:09 - 2014-04-09 13:05 - 04419352 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\Defraggler64.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 03503384 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\Defraggler.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 01555736 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\df64.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 01275160 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\df.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 00164632 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\DefragglerShell.dll
2015-04-27 17:09 - 2014-04-09 13:05 - 00106264 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\DefragglerShell64.dll
2015-04-27 17:09 - 2013-08-20 14:35 - 00005540 _____ () C:\Users\bubba7420\Downloads\License.txt
2015-04-27 17:09 - 2012-06-05 10:35 - 00000010 _____ () C:\Users\bubba7420\Downloads\portable.dat
2015-04-27 17:03 - 2015-04-27 17:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SCUBAMAN2009-Microsoft-Windows-8.1-(64-bit).dat
2015-04-27 17:02 - 2015-04-27 17:02 - 04776783 _____ () C:\Users\bubba7420\Downloads\dfsetup218.zip
2015-04-27 17:02 - 2015-04-27 17:02 - 00002302 _____ () C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\RegBackup
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-04-27 17:00 - 2015-04-27 17:01 - 03443632 _____ () C:\Users\bubba7420\Downloads\tweaking.com_simple_system_tweaker_setup.exe
2015-04-27 16:27 - 2015-04-27 16:27 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2015-04-27 16:24 - 2015-04-27 16:24 - 06064000 _____ (TeamViewer) C:\Users\bubba7420\Downloads\TeamViewerQS (1).exe
2015-04-27 16:09 - 2015-04-27 16:09 - 06064000 _____ (TeamViewer) C:\Users\bubba7420\Downloads\TeamViewerQS.exe
2015-04-27 15:22 - 2015-04-27 15:27 - 127880191 _____ () C:\Users\bubba7420\Downloads\gemon_1q.zip
2015-04-27 15:22 - 2015-04-27 15:25 - 75860383 _____ () C:\Users\bubba7420\Downloads\kohler-b.zip
2015-04-27 11:14 - 2015-04-27 16:21 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-27 11:14 - 2015-04-27 16:20 - 00002460 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-04-27 11:14 - 2015-04-27 11:14 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-04-27 11:14 - 2015-04-27 11:14 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-04-27 11:14 - 2015-04-27 11:14 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-04-27 11:12 - 2015-04-27 16:22 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-04-27 11:12 - 2015-04-27 16:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-04-27 11:12 - 2015-04-27 11:12 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2015-04-27 10:47 - 2015-04-27 10:47 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\2020 Design.lnk
2015-04-27 10:47 - 2015-04-27 10:47 - 00001397 _____ () C:\Users\Public\Desktop\2020 Design.lnk
2015-04-27 10:47 - 2015-04-27 10:47 - 00001361 _____ () C:\Users\Public\Desktop\Catalog Manager.lnk
2015-04-27 10:35 - 2015-04-27 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Design
2015-04-27 10:17 - 2015-04-27 10:17 - 01021632 _____ (Symantec Corporation) C:\Users\bubba7420\Downloads\Norton_Download_Manager.exe
2015-04-27 10:05 - 2015-04-27 10:06 - 00000000 ____D () C:\Users\bubba7420\Documents\WebCam Media
2015-04-27 10:05 - 2015-04-27 10:05 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-04-27 04:44 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-27 04:44 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-27 04:44 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-27 04:44 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-27 04:44 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-27 04:44 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-27 04:44 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-27 04:44 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-27 04:44 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-27 04:44 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-27 04:44 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-27 04:44 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-27 04:43 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-27 04:43 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-27 04:43 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-27 04:43 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-27 04:43 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-27 04:43 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-27 04:43 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-27 04:43 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-27 04:43 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-27 04:43 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-27 04:43 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-27 04:43 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-27 04:43 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-27 04:43 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-27 04:43 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-27 04:43 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-27 04:43 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-27 04:43 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-27 04:43 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-27 04:43 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-27 04:43 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-27 04:43 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-27 04:43 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-27 04:43 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-27 04:43 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-27 04:43 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-27 04:43 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-27 04:43 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-27 04:43 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-27 04:43 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-27 04:43 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-27 04:43 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-27 04:43 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-27 04:43 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-27 04:43 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-27 04:43 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-27 04:43 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-27 04:43 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-27 04:43 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-27 04:42 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-27 04:42 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-27 04:42 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-27 04:42 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-27 04:42 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-27 04:42 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-27 04:42 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-27 04:42 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-27 04:42 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-27 04:42 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-27 04:42 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-27 04:42 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-27 04:42 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-26 20:51 - 2015-04-26 20:51 - 00001138 _____ () C:\ProgramData\SMRResults430.dat
2015-04-26 20:38 - 2015-04-26 20:39 - 00000000 ____D () C:\NPE
2015-04-26 20:36 - 2015-04-26 20:45 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\NPE
2015-04-26 15:53 - 2015-04-26 20:35 - 00007606 _____ () C:\Users\bubba7420\AppData\Local\Resmon.ResmonCfg
2015-04-25 20:52 - 2015-04-25 21:01 - 378414085 _____ () C:\Users\bubba7420\Downloads\mp4_480_2000-{dd9f9acb-a45d-49a2-9477-cae655063aac}.dtapart
2015-04-25 20:51 - 2015-04-25 21:01 - 359548645 _____ () C:\Users\bubba7420\Downloads\mp4_480_2000-{6dc90d6f-73d7-460a-a1d7-e4c1c5e6048a}.dtapart
2015-04-25 20:47 - 2015-04-25 20:54 - 165125687 _____ () C:\Users\bubba7420\Downloads\mp4_480_2000-{d65a8bcb-1869-4b2b-b5b7-11f495aca8f8}.dtapart
2015-04-25 20:24 - 2015-04-25 20:24 - 00000566 _____ () C:\Users\bubba7420\Downloads\TipMediaPlayer_Setup.website
2015-04-25 14:43 - 2015-04-25 14:43 - 01065505 _____ () C:\Users\bubba7420\Downloads\memboost_1959.zip
2015-04-25 14:43 - 2015-04-25 14:43 - 00000000 ____D () C:\Users\bubba7420\Downloads\memboost_1959
2015-04-24 16:16 - 2015-04-24 16:16 - 00000072 _____ () C:\arrays.xml
2015-04-22 23:09 - 2015-04-22 23:09 - 00000876 _____ () C:\nsinst.log
2015-04-22 23:09 - 2015-04-22 23:09 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight
2015-04-22 20:53 - 2015-04-24 16:31 - 00000000 ____D () C:\kingsbury
2015-04-22 15:15 - 2015-04-22 15:16 - 03925665 _____ () C:\Users\bubba7420\Downloads\23.APR.HQ MIX and more else.rar
2015-04-21 22:48 - 2015-04-21 22:48 - 00000518 _____ () C:\Users\bubba7420\Downloads\gamewham-setup.website
2015-04-21 16:42 - 2015-04-21 16:43 - 00000000 ____D () C:\Users\bubba7420\Desktop\unity
2015-04-21 16:36 - 2015-04-21 16:43 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\Unity
2015-04-21 16:12 - 2015-04-21 16:43 - 00000000 ____D () C:\ProgramData\Unity
2015-04-19 21:29 - 2015-04-19 21:29 - 01018630 _____ () C:\Users\bubba7420\Desktop\laundry sink standalone.skp
2015-04-17 16:16 - 2015-04-27 03:59 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Unity
2015-04-17 16:06 - 2015-04-17 16:16 - 00000000 ____D () C:\Program Files\Unity
2015-04-17 04:31 - 2015-04-17 04:33 - 709526861 _____ () C:\Users\bubba7420\Downloads\bbs_isabella_kendra_lc020815_480p_2600.wmv.part
2015-04-17 04:31 - 2015-04-17 04:33 - 342918423 _____ () C:\Users\bubba7420\Downloads\lst_nicki_ortega_jl121214_480p_2600.wmv.part
2015-04-16 10:53 - 2015-04-16 10:56 - 00000000 ____D () C:\harmony
2015-04-16 10:36 - 2015-04-16 10:36 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-04-16 10:34 - 2015-04-27 04:00 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Citrix
2015-04-15 23:55 - 2015-04-15 23:55 - 00000000 ____D () C:\harmony1866jre1845
2015-04-13 00:53 - 2015-04-13 00:59 - 273524621 _____ () C:\Users\bubba7420\Downloads\mlib_alexa_tomas_kl020315_720p_8000.mp4.part
2015-04-12 13:52 - 2015-04-12 13:56 - 38772736 _____ () C:\Users\bubba7420\Downloads\c1433_horny_babe_with_amazing_body_bleeped_hard_in_office_720.wmv.part
2015-04-12 01:42 - 2015-04-12 01:42 - 02312522 _____ () C:\Users\bubba7420\Desktop\14023_ID_1.dwfx
2015-04-10 22:05 - 2015-05-01 03:10 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 22:05 - 2015-04-30 22:10 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 22:05 - 2015-04-30 20:11 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-10 22:05 - 2015-04-27 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-10 22:05 - 2015-04-10 22:05 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-10 22:05 - 2015-04-10 22:05 - 00003666 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-10 22:04 - 2015-04-10 00:38 - 00050720 _____ () C:\Users\bubba7420\Desktop\leary vanities right.skb
2015-04-10 22:02 - 2015-04-10 22:02 - 00000000 __SHD () C:\Users\bubba7420\AppData\Local\EmieBrowserModeList
2015-04-10 13:47 - 2015-04-23 16:50 - 01060696 _____ () C:\Users\bubba7420\Desktop\leary residence vanity shop drawing.dwg
2015-04-10 13:47 - 2015-04-23 02:39 - 01044359 _____ () C:\Users\bubba7420\Desktop\leary residence vanity shop drawing.bak
2015-04-10 00:38 - 2015-04-10 22:04 - 00051488 _____ () C:\Users\bubba7420\Desktop\leary vanities right.skp
2015-04-09 22:24 - 2015-04-09 22:24 - 28883181 _____ () C:\Users\bubba7420\Desktop\14028-LEARY REMODEL DV_rev 1.dwfx
2015-04-09 18:21 - 2015-04-09 18:21 - 00002178 _____ () C:\Users\Public\Desktop\Style Builder 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00002092 _____ () C:\Users\Public\Desktop\LayOut 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00002003 _____ () C:\Users\Public\Desktop\SketchUp 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-04-09 18:20 - 2015-04-09 18:20 - 00000000 ____D () C:\Program Files\SketchUp
2015-04-09 18:12 - 2015-04-09 18:22 - 00000000 ____D () C:\Users\bubba7420\Downloads\SKETCHUP PRO 2015 PTBR www.ricmessimasters.com
2015-04-09 13:52 - 2015-04-09 14:53 - 02074368 _____ () C:\Users\bubba7420\Desktop\leary^3.kit
2015-04-09 13:52 - 2015-04-09 13:57 - 02073323 _____ () C:\Users\bubba7420\Desktop\leary^3.bak
2015-04-08 21:55 - 2015-04-09 02:38 - 02161187 _____ () C:\Users\bubba7420\Desktop\leary^2.kit
2015-04-08 21:55 - 2015-04-09 02:25 - 02261419 _____ () C:\Users\bubba7420\Desktop\leary^2.bak
2015-04-07 15:59 - 2015-04-07 15:59 - 00001540 _____ () C:\Users\bubba7420\Desktop\Crystal Product Catalog.lnk
2015-04-07 15:59 - 2015-04-07 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Product Catalog
2015-04-07 15:58 - 2015-04-07 15:59 - 00000000 ____D () C:\Catalog_Kiosk
2015-04-07 15:35 - 2015-04-27 04:00 - 00000000 ____D () C:\postgres
2015-04-07 15:34 - 2015-04-27 04:00 - 00000000 ____D () C:\apache-tomcat-6.0.18
2015-04-07 15:32 - 2015-04-27 04:00 - 00000000 ____D () C:\csremote38
2015-04-07 02:03 - 2015-04-07 02:17 - 455304191 _____ () C:\Users\bubba7420\Downloads\danicadillonkf020915-bgvid_full.mp4.part
2015-04-07 01:48 - 2015-04-08 20:57 - 01121763 _____ () C:\Users\bubba7420\Desktop\leary^1.kit
2015-04-07 01:48 - 2015-04-08 20:56 - 01121736 _____ () C:\Users\bubba7420\Desktop\leary^1.bak
2015-04-06 18:41 - 2015-04-06 23:35 - 00782005 _____ () C:\Users\bubba7420\Desktop\leary.kit
2015-04-06 18:41 - 2015-04-06 23:31 - 00781832 _____ () C:\Users\bubba7420\Desktop\leary.bak
2015-04-04 19:53 - 2015-04-27 04:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 19:53 - 2015-04-04 19:53 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 15:21 - 2015-04-04 15:21 - 00929078 _____ () C:\Users\bubba7420\Desktop\custom vanities_toscana.skb
2015-04-03 23:50 - 2015-04-04 18:04 - 00923295 _____ () C:\Users\bubba7420\Desktop\custom vanities_toscana.skp
2015-04-03 21:42 - 2015-04-03 21:42 - 00520013 _____ () C:\Users\bubba7420\Desktop\4913_2d.dxf
2015-04-02 15:09 - 2015-04-02 15:09 - 04919844 _____ () C:\Users\bubba7420\Desktop\edge_ltg.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-01 03:23 - 2015-02-15 18:08 - 00000000 ____D () C:\FRST
2015-05-01 03:21 - 2014-08-04 14:16 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\Skype
2015-05-01 02:57 - 2014-08-04 15:39 - 01502330 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 02:41 - 2014-09-19 21:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-30 23:01 - 2015-01-09 20:07 - 01884160 ___SH () C:\Users\bubba7420\Desktop\Thumbs.db
2015-04-30 22:20 - 2014-08-04 15:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC6E30AF-41D7-461F-A0AA-2DE72C7924F9}
2015-04-30 20:44 - 2014-08-04 12:44 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2035716259-1072719170-3345313272-1001
2015-04-30 20:31 - 2014-08-15 02:17 - 00005006 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SCUBAMAN2009-bubba7420 SCUBAMAN2009
2015-04-30 20:26 - 2014-08-04 13:31 - 00000000 ____D () C:\Temp
2015-04-30 20:19 - 2013-08-22 10:46 - 00041979 _____ () C:\Windows\setupact.log
2015-04-30 20:18 - 2014-08-04 15:28 - 00829652 _____ () C:\Windows\PFRO.log
2015-04-30 20:18 - 2014-08-04 12:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-30 20:18 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 16:17 - 2014-10-10 16:18 - 00000386 _____ () C:\Windows\Tasks\Indexing Task - bubba7420.job
2015-04-30 13:42 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-04-30 09:55 - 2014-08-04 21:46 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\CrashDumps
2015-04-29 23:13 - 2014-10-18 14:03 - 51872768 ___SH () C:\Users\bubba7420\Downloads\Thumbs.db
2015-04-29 22:54 - 2014-08-04 14:15 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 22:45 - 2014-12-12 18:11 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-29 22:45 - 2014-08-09 14:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-29 20:38 - 2014-08-04 15:39 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Packages
2015-04-29 14:32 - 2014-08-06 13:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-29 14:13 - 2014-08-06 13:00 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-29 14:13 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-28 22:30 - 2014-08-04 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 03:20 - 2014-08-04 15:39 - 00000000 ____D () C:\Users\bubba7420
2015-04-28 00:19 - 2014-08-06 15:28 - 00000000 ____D () C:\Users\bubba7420\Downloads\v
2015-04-27 17:40 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-27 17:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-27 11:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-27 11:26 - 2014-08-04 13:44 - 00000000 ____D () C:\ProgramData\Norton
2015-04-27 11:16 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-27 11:09 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-27 10:48 - 2014-08-04 16:35 - 00000355 _____ () C:\Windows\SysWOW64\lsprst7.tgz
2015-04-27 10:48 - 2014-08-04 16:35 - 00000341 _____ () C:\Windows\SysWOW64\lsprst7.dll
2015-04-27 10:48 - 2014-08-04 16:35 - 00000016 ____H () C:\Windows\SysWOW64\servdat.slm
2015-04-27 10:48 - 2014-08-04 16:26 - 00000000 ____D () C:\ProgramData\20-20 Technologies
2015-04-27 10:48 - 2014-08-04 14:36 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-04-27 10:35 - 2014-09-18 01:56 - 00000000 ____D () C:\Program Files (x86)\20-20 Technologies
2015-04-27 10:05 - 2014-08-04 14:20 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\ArcSoft
2015-04-27 04:01 - 2015-02-11 04:37 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\TunnelBear
2015-04-27 04:01 - 2014-10-29 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-27 04:01 - 2014-08-07 18:35 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\TeraCopy
2015-04-27 04:01 - 2014-08-06 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harmony
2015-04-27 04:01 - 2014-08-04 14:14 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\uTorrent
2015-04-27 04:01 - 2013-08-22 15:11 - 00000000 ____D () C:\Windows\ShellNew
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 __RSD () C:\Windows\Media
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-27 04:01 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-04-27 04:01 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-04-27 03:53 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration
2015-04-27 03:47 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-27 03:46 - 2014-08-24 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 03:44 - 2014-10-29 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 03:43 - 2014-08-07 12:16 - 00000000 __RHD () C:\MSOCache
2015-04-27 03:34 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-23 16:50 - 2014-08-22 20:25 - 00045124 _____ () C:\Users\bubba7420\Documents\acltstk.dmp
2015-04-21 13:29 - 2014-08-09 23:46 - 00056021 _____ () C:\datamanager.log
2015-04-20 21:45 - 2014-08-11 16:22 - 00004806 _____ () C:\Windows\LkmdfCoInst.log
2015-04-16 20:36 - 2014-08-09 23:45 - 00000779 _____ () C:\dealer.log
2015-04-15 10:39 - 2014-11-12 13:07 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 12:41 - 2014-09-19 21:27 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 19:24 - 2015-03-14 15:06 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-13 19:24 - 2015-03-14 15:06 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 00:27 - 2015-02-11 04:37 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2015-04-11 18:34 - 2014-08-09 02:22 - 00000000 ____D () C:\Users\bubba7420\Desktop\Sketchup
2015-04-11 17:27 - 2014-08-04 15:42 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-11 01:16 - 2014-10-13 14:28 - 00000000 ____D () C:\Users\bubba7420\Desktop\2020 help
2015-04-10 22:22 - 2014-08-04 22:39 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Adobe
2015-04-10 22:05 - 2014-08-04 13:12 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-09 18:14 - 2014-12-08 20:48 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-04-07 15:35 - 2014-08-06 14:17 - 00001566 _____ () C:\Users\Public\Desktop\Harmony.lnk
2015-04-07 11:02 - 2014-08-11 16:22 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
 
==================== Files in the root of some directories =======
 
2014-11-01 20:30 - 2014-11-13 12:27 - 0000004 _____ () C:\Users\bubba7420\AppData\Roaming\appdataFr2.bin
2014-10-14 13:02 - 2014-10-14 13:02 - 0000303 _____ () C:\Users\bubba7420\AppData\Roaming\FotoSketcher.ini
2015-04-26 15:53 - 2015-04-26 20:35 - 0007606 _____ () C:\Users\bubba7420\AppData\Local\Resmon.ResmonCfg
2015-04-30 20:19 - 2015-04-30 20:19 - 0000000 ____H () C:\ProgramData\cm-lock
2015-04-26 20:51 - 2015-04-26 20:51 - 0001138 _____ () C:\ProgramData\SMRResults430.dat
 
Files to move or delete:
====================
C:\ProgramData\SMRResults430.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-29 11:51
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by bubba7420 at 2015-05-01 03:24:31
Running from C:\Users\bubba7420\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2035716259-1072719170-3345313272-500 - Administrator - Disabled)
bubba7420 (S-1-5-21-2035716259-1072719170-3345313272-1001 - Administrator - Enabled) => C:\Users\bubba7420
Guest (S-1-5-21-2035716259-1072719170-3345313272-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2035716259-1072719170-3345313272-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aide PDF to DWG Converter 10.0 (HKLM-x32\...\Aide PDF to DWG Converter_is1) (Version:  - Aide CAD Systems Incorporated.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.278 - ArcSoft)
AutoCAD LT 2004 (HKLM-x32\...\{5783F2D7-0209-0409-0000-0060B0CE6BBA}) (Version: 16.0.0.086 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Bovada Casino  (HKLM-x32\...\Bovada Casino) (Version:  - Bovada)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CCW Special Cabinet Estimate (HKLM-x32\...\ST6UNST #1) (Version:  - )
CodeMeter Runtime Kit v5.00 (HKLM\...\{5FE750E9-5EB2-477C-86D2-4D886ABB0D01}) (Version: 5.00.1057.500 - WIBU-SYSTEMS AG)
Crystal Architectural Catalog 02.14 (HKLM-x32\...\Crystal Architectural Catalog) (Version: 02.14 - Crystal Cabinet Works Inc.)
Crystal Cabinet Works (HKLM-x32\...\{055534B1-9BE5-44E5-920B-1942B319C4A6}) (Version: 1.0.3 - 20-20 Technologies)
Crystal Product Catalog 04.15 (HKLM-x32\...\Crystal Product Catalog) (Version: 04.15 - Crystal Cabinet Works Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Design (HKLM-x32\...\{BFA3868A-B6F1-4562-B3BE-263AD30BBF66}) (Version: 11.1.0.55 - 20-20 Technologies)
Dropbox (HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
FotoSketcher 2.99 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Harmony 3.80.1865 (HKLM-x32\...\Harmony) (Version: 3.80.1865 - Crystal Cabinet Works Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
RoboForm 7-9-12-2 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-12-2 - Siber Systems)
Sentinel Protection Installer 7.5.0 (HKLM-x32\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{8664FCE8-F91A-42BC-927C-AA318185E5EA}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{6496C7D3-51A9-48BC-8524-BEAEDD827791}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.41 - Stardock Software, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TunnelBear (HKLM-x32\...\{f9cc160f-ca8c-4098-84e2-39b7b9625569}) (Version: 2.3.6.0 - TunnelBear)
TunnelBear (x32 Version: 2.3.6.0 - TunnelBear) Hidden
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.2.08070 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.0.0.04160 - Sony Corporation)
Visualizer for SketchUp (HKLM\...\{4CBF1403-23FC-48BC-93FA-125DA7C3069E}) (Version: 1.1.11.0 - Imagination)
Wibu Share 64 Dll (HKLM-x32\...\{3359F638-219D-45DD-87A3-02718F299D8D}) (Version: 1.0.0 - 20-20 Technologies)
Windows Driver Package - Ricoh Company (risdsnpe) hdc  (12/25/2009 6.13.03.02) (HKLM\...\181DCE8F6E8325736063FE20BB12023D439F671C) (Version: 12/25/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Ricoh Company MS Host Controller (12/21/2009 6.13.03.02) (HKLM\...\398F0BAAFBB5C68EB2C413A98F8C385C3E0897D6) (Version: 12/21/2009 6.13.03.02 - Ricoh Company)
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/27/2009 8.0.1.2) (HKLM\...\4E827A70BAA738C408DBDD024BCACE5085D946F1) (Version: 11/27/2009 8.0.1.2 - Sony Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\bubba7420\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02A69894-5CF0-4FD6-9589-34C59EBBEA68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2A72A6C2-00E5-41B9-A16B-A2138B5224FF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {3DC82C7D-AFE0-409F-B32C-C8444E75C802} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {43B2CDDB-9A9F-4DEC-AA4A-543E60D65C1E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SCUBAMAN2009-bubba7420 SCUBAMAN2009 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {46334A5D-3B04-460F-961F-B13341FDCD1A} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4769C62C-AA23-4B2F-BDA9-467EECE88514} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {4CF32592-3952-47A2-98E1-0310D268A048} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {55EB4566-E3FF-4108-B854-6927533F7599} - System32\Tasks\{DA476395-1C4D-456C-80EE-69AFA5155E69} => Chrome.exe http://ui.skype.com/ui/0/7.1.0.105/en/go/help.faq.installer?LastError=1618
Task: {5807AC7B-4BFD-46A1-B799-2B90EBFD74C3} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-05-28] (Sony Corporation)
Task: {665892A5-374F-4459-A0B2-3645587F3FA5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {6CEF5E54-52D8-4457-990C-FC60D46E3EB5} - System32\Tasks\Indexing Task - bubba7420 => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTask.exe [2010-12-02] (SHARP CORPORATION)
Task: {6F907FA7-F7B6-4DF7-8B15-21176FA7FE67} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {892CCBC2-24AB-46FE-9413-C5A7804B8422} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {928C3745-6C47-4184-897F-D12B58020F8B} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A5C9582F-7825-4373-950D-6B76998AFD43} - System32\Tasks\{093437DD-5915-4CE2-897C-A1CF4576ECF7} => pcalua.exe -a C:\Users\bubba7420\Downloads\dacor10.exe -d C:\Users\bubba7420\Downloads
Task: {A6A7FCED-1577-4DD0-95E8-E64E20553315} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-29] (Microsoft Corporation)
Task: {B1492CD3-6F6E-43BE-B852-A941AF973613} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2035716259-1072719170-3345313272-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {B949712A-6186-4ADE-A6D4-8D252042694B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {BAC41126-49FD-45B7-BC38-310008FC03AC} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {BB2815BB-1B72-4901-ACCB-9D4ADF622FB6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {C0390D15-A97B-4D70-905E-2F7E07B0ED53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)
Task: {C84E4EBE-32B0-4E0B-A76A-FAC60254E97B} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-03-26] (Siber Systems)
Task: {CC710E04-7266-40CF-A8AD-CE158212F6FE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {E32D6725-E973-49DF-86BC-E0105AC0E878} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Indexing Task - bubba7420.job => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTask.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-08-04 12:47 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-07 12:10 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-10 13:41 - 2015-02-10 13:41 - 00034240 _____ () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
2015-03-14 15:33 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-07 18:32 - 2012-01-29 16:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2015-04-29 23:12 - 2014-08-31 07:25 - 01277952 _____ () C:\Users\bubba7420\Downloads\memboost_1959\memboost_1959\memBoost.exe
2014-01-21 17:54 - 2014-01-21 17:54 - 01301688 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-04-29 12:19 - 2015-04-29 12:19 - 02323448 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.244\deploy\LoLLauncher.exe
2015-04-29 13:11 - 2015-04-29 13:11 - 03797496 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.28\deploy\LoLPatcher.exe
2014-12-13 18:44 - 2014-12-13 18:44 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.141\deploy\LolClient.exe
2007-09-17 08:09 - 2007-09-17 08:09 - 00187044 _____ () c:\postgres\bin\libpq.dll
2003-02-01 14:51 - 2003-02-01 14:51 - 00051016 _____ () c:\postgres\bin\libintl-2.dll
2003-01-31 17:41 - 2003-01-31 17:41 - 00916849 _____ () c:\postgres\bin\libiconv-2.dll
2014-08-04 15:51 - 2009-11-20 15:19 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-12-02 17:04 - 2010-12-02 17:04 - 00006144 _____ () C:\Program Files (x86)\Sharp\Sharpdesk\discoveryps.dll
2010-12-02 17:12 - 2010-12-02 17:12 - 00930304 _____ () C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8 - 4.4.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Constant Guard.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\StartupApproved\Run: => "RoboForm"
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{24D69161-DF2B-45C7-88B2-BE3448AA4C29}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7FB86357-3B59-47E4-AAF9-7FF61728C7C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D8011F30-AF43-4861-AFD4-0A0B2F9444FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DE679BB1-D9DF-4078-B31A-EDBC69C25301}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DF939261-1273-4674-ADAB-AD158E331422}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{038A4C61-215D-4656-B3B6-390BA8371FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{054DCDF3-55FE-4A11-B7AA-A790530C0109}] => (Allow) C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4FD04D12-DE83-4DEE-AD5F-706172538362}] => (Allow) C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AD526B9B-2436-4095-A6C1-D39E2A33B0D9}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{22901B17-ABE9-487A-AE04-E5FA25EBFF84}] => (Allow) C:\Users\bubba7420\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50215692-B88B-4B8D-B388-44C63DC6AE47}] => (Allow) C:\Users\bubba7420\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{297AC47F-2E15-49A2-A236-BDA03F47F39C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{AF781AA5-20E1-4478-BE81-0265485B13F1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0F9B47B1-3A0F-43FA-B080-617CEBE500BD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{1ECE85A0-7C04-4375-8899-0610B3F50211}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{7AF06378-C2C2-4246-9453-317171DF412F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{795F7273-E213-477C-91FC-1591ECA3F862}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{2864889B-B453-4D89-8939-C9E2540FE669}] => (Allow) C:\Users\bubba7420\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{A0E2D520-5413-4EEB-B7D6-44ED2448603C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{172BB3C8-618A-49D9-99DF-280850A3B1A5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{0D187E2E-26F3-42B8-9E6D-6579DF2D96AC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{30502C00-8C66-4358-B169-82B5210B58BF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E8F491D9-8692-474F-A1A2-892741CF92B7}C:\users\bubba7420\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bubba7420\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{7E61D233-F947-4FA4-A0B5-446A3DDA5AD7}C:\users\bubba7420\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\bubba7420\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{8B574F8A-6B3F-42F5-B4DA-933F268C5434}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0C31C63-ED84-4E65-9B5F-3BDE02C88088}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{968E8228-6424-4F99-A691-96777C8C1B6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F17E3DD9-2580-42A1-87CB-BB30D6B65DFC}] => (Allow) C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exe
FirewallRules: [{C0245845-76BF-4029-A8F6-C71C3F6B241B}] => (Allow) LPort=4040
FirewallRules: [{F74AA9D0-77F4-4785-9DEA-D2B3C4E9C769}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/30/2015 08:26:58 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.
 
Error: (04/30/2015 08:26:51 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.
 
Error: (04/30/2015 09:55:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: design.exe, version: 11.1.0.55, time stamp: 0x55262382
Faulting module name: apphelp.dll, version: 6.3.9600.17415, time stamp: 0x54504a2b
Exception code: 0xc0000005
Fault offset: 0x000442c9
Faulting process id: 0x430
Faulting application start time: 0xdesign.exe0
Faulting application path: design.exe1
Faulting module path: design.exe2
Report Id: design.exe3
Faulting package full name: design.exe4
Faulting package-relative application ID: design.exe5
 
Error: (04/30/2015 09:54:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: design.exe, version: 11.1.0.55, time stamp: 0x55262382
Faulting module name: apphelp.dll, version: 6.3.9600.17415, time stamp: 0x54504a2b
Exception code: 0xc0000005
Fault offset: 0x000442c9
Faulting process id: 0x14dc
Faulting application start time: 0xdesign.exe0
Faulting application path: design.exe1
Faulting module path: design.exe2
Report Id: design.exe3
Faulting package full name: design.exe4
Faulting package-relative application ID: design.exe5
 
Error: (04/30/2015 02:14:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: design.exe, version: 11.1.0.55, time stamp: 0x55262382
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0x1798
Faulting application start time: 0xdesign.exe0
Faulting application path: design.exe1
Faulting module path: design.exe2
Report Id: design.exe3
Faulting package full name: design.exe4
Faulting package-relative application ID: design.exe5
 
Error: (04/30/2015 01:11:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rf-chrome-nm-host.exe, version: 7.9.12.2, time stamp: 0x54bfad84
Faulting module name: roboform.dll, version: 7.9.12.2, time stamp: 0x54bfad12
Exception code: 0xc0000005
Fault offset: 0x001e9705
Faulting process id: 0xf98
Faulting application start time: 0xrf-chrome-nm-host.exe0
Faulting application path: rf-chrome-nm-host.exe1
Faulting module path: rf-chrome-nm-host.exe2
Report Id: rf-chrome-nm-host.exe3
Faulting package full name: rf-chrome-nm-host.exe4
Faulting package-relative application ID: rf-chrome-nm-host.exe5
 
Error: (04/29/2015 11:10:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: design.exe, version: 11.1.0.55, time stamp: 0x55262382
Faulting module name: apphelp.dll, version: 6.3.9600.17415, time stamp: 0x54504a2b
Exception code: 0xc0000005
Fault offset: 0x000442c9
Faulting process id: 0xcc4
Faulting application start time: 0xdesign.exe0
Faulting application path: design.exe1
Faulting module path: design.exe2
Report Id: design.exe3
Faulting package full name: design.exe4
Faulting package-relative application ID: design.exe5
 
Error: (04/29/2015 11:10:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: design.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at <Module>.GBase3D.IsOfType(GBase3D*, GBaseType)
   at MMgrContextEdit.FindItemForNode(GBase3D*)
   at MMgrContextEdit.FindVarEdit(GBase3D*, IOCItem*)
   at MMgrVariables.FillPanel(GBase3D*, IOCItem*, EventArgsEditAttribut)
   at EditAttr.EditAttributDlg.ReloadVarEdit(VAR_EDIT*, DBParm*)
   at <Module>.WrapEditAttrLite.UpdateVarEdit(WrapEditAttrLite*)
   at <Module>.EditAttrLiteDlg.OnSpecChanged(EditAttrLiteDlg*, T_EVENT*)
   at InfoVariableNum.ApplySpecOnWorkingItem(Boolean)
   at InfoVariableStyle.Accepted(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.raise_OnAccepted(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.OnBrowserClosing(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.OnButtonClick(System.Object, System.EventArgs)
   at System.Windows.Forms.Control.OnClick(System.EventArgs)
   at System.Windows.Forms.Button.OnClick(System.EventArgs)
   at System.Windows.Forms.Button.OnMouseUp(System.Windows.Forms.MouseEventArgs)
   at System.Windows.Forms.Control.WmMouseUp(System.Windows.Forms.Message ByRef, System.Windows.Forms.MouseButtons, Int32)
   at System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.ButtonBase.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Button.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Control+ControlNativeWindow.OnMessage(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Control+ControlNativeWindow.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
   at <Module>.?MyInitInstance@@YAHXZ()
 
Error: (04/29/2015 11:03:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: design.exe, version: 11.1.0.55, time stamp: 0x55262382
Faulting module name: apphelp.dll, version: 6.3.9600.17415, time stamp: 0x54504a2b
Exception code: 0xc0000005
Fault offset: 0x000442c9
Faulting process id: 0x16d0
Faulting application start time: 0xdesign.exe0
Faulting application path: design.exe1
Faulting module path: design.exe2
Report Id: design.exe3
Faulting package full name: design.exe4
Faulting package-relative application ID: design.exe5
 
Error: (04/29/2015 10:57:33 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.
 
 
System errors:
=============
Error: (04/30/2015 08:33:50 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:33:50 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:33:50 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:17 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2015 08:20:02 PM) (Source: DCOM) (EventID: 10016) (User: SCUBAMAN2009)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}SCUBAMAN2009bubba7420S-1-5-21-2035716259-1072719170-3345313272-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (04/30/2015 08:26:58 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/30/2015 08:26:51 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/30/2015 09:55:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: design.exe11.1.0.5555262382apphelp.dll6.3.9600.1741554504a2bc0000005000442c943001d0834d33256813C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exeC:\Windows\system32\apphelp.dll9f466093-ef40-11e4-829d-54424961b99e
 
Error: (04/30/2015 09:54:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: design.exe11.1.0.5555262382apphelp.dll6.3.9600.1741554504a2bc0000005000442c914dc01d0834c99e9c441C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exeC:\Windows\system32\apphelp.dll664f6265-ef40-11e4-829d-54424961b99e
 
Error: (04/30/2015 02:14:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: design.exe11.1.0.5555262382KERNELBASE.dll6.3.9600.1741554504adee043435200014598179801d083006f5b2434C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exeC:\Windows\SYSTEM32\KERNELBASE.dll2b3b8fee-ef00-11e4-829d-54424961b99e
 
Error: (04/30/2015 01:11:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rf-chrome-nm-host.exe7.9.12.254bfad84roboform.dll7.9.12.254bfad12c0000005001e9705f9801d08300128e74baC:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exeC:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll55ea304f-eef7-11e4-829d-54424961b99e
 
Error: (04/29/2015 11:10:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: design.exe11.1.0.5555262382apphelp.dll6.3.9600.1741554504a2bc0000005000442c9cc401d082f24c7dc6f8C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exeC:\Windows\system32\apphelp.dll73d30f48-eee6-11e4-829d-54424961b99e
 
Error: (04/29/2015 11:10:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: design.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at <Module>.GBase3D.IsOfType(GBase3D*, GBaseType)
   at MMgrContextEdit.FindItemForNode(GBase3D*)
   at MMgrContextEdit.FindVarEdit(GBase3D*, IOCItem*)
   at MMgrVariables.FillPanel(GBase3D*, IOCItem*, EventArgsEditAttribut)
   at EditAttr.EditAttributDlg.ReloadVarEdit(VAR_EDIT*, DBParm*)
   at <Module>.WrapEditAttrLite.UpdateVarEdit(WrapEditAttrLite*)
   at <Module>.EditAttrLiteDlg.OnSpecChanged(EditAttrLiteDlg*, T_EVENT*)
   at InfoVariableNum.ApplySpecOnWorkingItem(Boolean)
   at InfoVariableStyle.Accepted(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.raise_OnAccepted(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.OnBrowserClosing(System.Object, EditAttr.AcceptedEventArgs)
   at EditAttr.PanelBrowse.OnButtonClick(System.Object, System.EventArgs)
   at System.Windows.Forms.Control.OnClick(System.EventArgs)
   at System.Windows.Forms.Button.OnClick(System.EventArgs)
   at System.Windows.Forms.Button.OnMouseUp(System.Windows.Forms.MouseEventArgs)
   at System.Windows.Forms.Control.WmMouseUp(System.Windows.Forms.Message ByRef, System.Windows.Forms.MouseButtons, Int32)
   at System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.ButtonBase.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Button.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Control+ControlNativeWindow.OnMessage(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.Control+ControlNativeWindow.WndProc(System.Windows.Forms.Message ByRef)
   at System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
   at <Module>.?MyInitInstance@@YAHXZ()
 
Error: (04/29/2015 11:03:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: design.exe11.1.0.5555262382apphelp.dll6.3.9600.1741554504a2bc0000005000442c916d001d082f0cc820d83C:\Program Files (x86)\20-20 Technologies\Design\Bin\System\design.exeC:\Windows\system32\apphelp.dll8515d1a4-eee5-11e4-829d-54424961b99e
 
Error: (04/29/2015 10:57:33 PM) (Source: MsiInstaller) (EventID: 11706) (User: SCUBAMAN2009)
Description: Product: Sharpdesk -- Error 1706.No valid source could be found for product Sharpdesk.  The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 32%
Total physical RAM: 6126.05 MB
Available physical RAM: 4140.53 MB
Total Pagefile: 7598.05 MB
Available Pagefile: 4089.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.17 GB) (Free:768.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 41FCD3DE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:15 PM

Posted 07 May 2015 - 01:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/575018 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 scubaman2009

scubaman2009
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 07 May 2015 - 01:34 AM

hi..so my computer is running extremely slow...im not sure as to why this is... from what ive viewed its not ram problem because typically it runs around 20%-50% depending on the program... i use some autocad and 3d design software on it for school.. the issue is that the disk shoots up to 100%... im not doing anything different than normal use that ive been doing on it so it should be having this problem... the hard drive is less than a year old...the im pretty sure its some sort of virus/spyware/malware. ive done pretty much everything i ran the chkdk from command prompt. checked the ram...restored to an earlier date.... virus scans.. used cc cleaner.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01

Ran by bubba7420 (administrator) on SCUBAMAN2009 on 07-05-2015 02:29:23
Running from C:\Users\bubba7420\Desktop
Loaded Profiles: bubba7420 (Available profiles: bubba7420)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\postgres\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Apache Software Foundation) C:\apache-tomcat-6.0.18\bin\tomcat6.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
() C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Sun Microsystems, Inc.) C:\csremote38\jdk1.6.0_10\bin\java.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgres\bin\postgres.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\nsapp.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe
(SHARP CORPORATION) C:\Program Files (x86)\Sharp\Sharpdesk\Indexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-06-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3993744 2014-05-22] (Stardock Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [uTorrent] => C:\Users\bubba7420\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-14] (BitTorrent Inc.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-05-01] (Siber Systems)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\...\Policies\Explorer: [NofolderOptions] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2014-08-04]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\bubba7420\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rizone Memory Booster.lnk [2015-04-29]
ShortcutTarget: Rizone Memory Booster.lnk -> C:\Users\bubba7420\Downloads\memboost_1959\memboost_1959\memBoost.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bubba7420\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2003-02-14] (Autodesk)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-05-01] (Siber Systems Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-05-01] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-05-01] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-05-01] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} file:///C:/ProgramData/20-20%20Technologies/VSAT/Core/Player/2020PlayerAX_WEB_Win32.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2010-12-02] (SHARP CORPORATION)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1122B8DA-A3F1-40B3-BBF7-BAA0F6566FB7}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{79F36B57-ABE3-406B-B44E-BC1F2D5E8487}: [NameServer] 8.8.8.8,4.4.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-10] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\mintrayr@tn123.ath.cx [2014-08-07]
FF Extension: TooManyTabs - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\TooManyTabs@visibotech.com [2014-08-04]
FF Extension: Flashblock - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-11-24]
FF Extension: DownloadHelper - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Flash and Video Download - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-31]
FF Extension: DownThemAll! AntiContainer - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\anticontainer@downthemall.net.xpi [2014-08-04]
FF Extension: Flash OnOff - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\jid0-XXocAsQYPfKHSY8ebTi0VcX8eNQ@jetpack.xpi [2014-08-04]
FF Extension: Load Control - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\loadcontrol@mcphate.org.xpi [2014-08-04]
FF Extension: New Tabs at the End - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\new-tabs-at-end@forerunnerdesigns.com.xpi [2014-08-04]
FF Extension: Open Link in New Tab - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\openlinkintab@piro.sakura.ne.jp.xpi [2014-08-04]
FF Extension: Tab Kit 2nd Edition - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\tabkit2@pikachuexe.amateur.hk.xpi [2014-08-04]
FF Extension: Tab Utilities - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\tabutils@ithinc.cn.xpi [2014-08-04]
FF Extension: FlashGot - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-08-04]
FF Extension: Tab Control - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{39952c40-5197-11da-8cd6-0800200c9a66}.xpi [2014-08-04]
FF Extension: Flash Block - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2014-11-24]
FF Extension: Tab Mix Plus - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-08-04]
FF Extension: DownThemAll! - C:\Users\bubba7420\AppData\Roaming\Mozilla\Firefox\Profiles\fuw03owc.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-05-06]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.symbaloo.com/
CHR StartupUrls: Default -> "hxxp://www.symbaloo.com/", "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bubba7420\AppData\Roaming\Mozilla\plugins\npatgpc.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll No File
CHR Profile: C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-02-16]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-08-04]
CHR Extension: (Planbox - Agile Project Management Tool) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapfbnhbikoppmmhgkocdolgomnodnna [2015-02-16]
CHR Extension: (Bookmark Manager) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-16]
CHR Extension: (PMRobot Project Management) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgmbdjbioclglfplibgckdieigaakmh [2015-02-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]
CHR Extension: (Poppit!) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-02-16]
CHR Extension: (CrowdFlower) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd [2015-04-10]
CHR Extension: (Google Wallet) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (RoboForm) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-03-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-27]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-27]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2015-03-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-16] (NVIDIA Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-16] (NVIDIA Corporation)
R2 pgsql-8.2; c:\postgres\bin\pg_ctl.exe [79948 2007-09-17] (PostgreSQL Global Development Group) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-03-28] (Stardock Software, Inc)
R2 Tomcat6; c:\apache-tomcat-6.0.18\bin\tomcat6.exe [57344 2008-07-22] (Apache Software Foundation) [File not signed]
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [34240 2015-02-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 CSEntService; "C:\csremote38\jdk1.6.0_10\bin\java.exe" "-classpath" "C:\csremote38\WEB-INF\classes\yajsw-stable-11.0\wrapper.jar" "-Xrs" "-Dwrapper.service=true" "-Dwrapper.working.dir=C:\csremote38\WEB-INF\classes" "-Dwrapper.config=C:\csremote38\WEB-INF\classes\yajsw-stable-11.0\conf\wrapper.conf" "-Dwrapper.additional.1x=-Xrs" "org.rzo.yajsw.boot.WrapperServiceBooter" 
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-04-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-04-26] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150506.003\IDSvia64.sys [671448 2015-04-24] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150506.002\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150506.002\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\drivers\SNTUSB64.SYS [58664 2008-07-11] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-04-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2014-10-14] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-07 02:26 - 2015-05-07 02:26 - 00000000 ____D () C:\Users\bubba7420\Desktop\FRST-OlderVersion
2015-05-07 00:54 - 2015-05-07 00:58 - 501841932 _____ () C:\Users\bubba7420\Downloads\plib_rachel_roxxx_ss032915_480p_2000(1).mp4
2015-05-07 00:51 - 2015-05-07 00:56 - 587073058 _____ () C:\Users\bubba7420\Downloads\btaw_alix_lynx_rp031915_480p_2000.mp4
2015-05-07 00:47 - 2015-05-07 00:51 - 603548398 _____ () C:\Users\bubba7420\Downloads\bgb_anya_ivy_vl030515_480p_2000.mp4
2015-05-06 22:52 - 2015-05-06 23:00 - 00011849 _____ () C:\Users\bubba7420\Desktop\leary changes and accessories.xlsx
2015-05-06 17:25 - 2015-05-07 00:53 - 00000351 _____ () C:\Users\bubba7420\Downloads\plib_rachel_roxxx_ss032915_480p_2000.mp4
2015-05-06 17:16 - 2015-05-06 17:20 - 592881355 _____ () C:\Users\bubba7420\Downloads\bex_blondie_fesser_om030115_480p_2000.mp4
2015-05-06 17:16 - 2015-05-06 17:20 - 589609493 _____ () C:\Users\bubba7420\Downloads\bex_missy_martinez_rp032015_480p_2000.mp4
2015-05-06 01:43 - 2015-05-06 01:43 - 00006210 _____ () C:\Windows\PFRO.log
2015-05-05 23:04 - 2015-05-05 23:04 - 00092017 _____ () C:\Users\bubba7420\Desktop\leary vanities right.dwg
2015-05-05 22:56 - 2015-05-05 23:04 - 00000000 _____ () C:\Users\bubba7420\Desktop\Audit report.txt
2015-05-05 22:56 - 2015-05-05 22:56 - 00094203 _____ () C:\Users\bubba7420\Desktop\leary vanities left.dwg
2015-05-05 22:10 - 2015-05-05 22:10 - 00066690 _____ () C:\Users\bubba7420\Desktop\leary vanities left.skp
2015-05-04 22:15 - 2015-05-04 22:15 - 00000965 _____ () C:\Windows\LkmdfCoInst.log
2015-05-04 21:53 - 2015-05-04 22:07 - 1929804718 _____ () C:\Users\bubba7420\Downloads\btas_farrah_dahl_vl031915_720p_8000.mp4
2015-05-04 21:53 - 2015-05-04 21:58 - 745469981 _____ () C:\Users\bubba7420\Downloads\mic_joslyn_lucy_bb022615_480p_2000.mp4
2015-05-04 20:40 - 2015-05-04 20:41 - 01435680 _____ (Microsoft Corporation) C:\Users\bubba7420\Downloads\adksetup.exe
2015-05-04 19:01 - 2015-05-04 19:12 - 294502426 _____ () C:\Users\bubba7420\Downloads\003006_2000.scene.mp4.part
2015-05-04 18:52 - 2015-05-04 19:08 - 716273030 _____ () C:\Users\bubba7420\Downloads\001571_2000.scene.mp4
2015-05-04 18:50 - 2015-05-04 19:04 - 671950991 _____ () C:\Users\bubba7420\Downloads\006207_2000.scene.mp4
2015-05-04 18:48 - 2015-05-04 19:02 - 648076472 _____ () C:\Users\bubba7420\Downloads\008825_2000.scene.mp4
2015-05-04 18:46 - 2015-05-04 18:59 - 648374833 _____ () C:\Users\bubba7420\Downloads\003910_2000.scene.mp4
2015-05-04 18:45 - 2015-05-04 19:01 - 757461780 _____ () C:\Users\bubba7420\Downloads\008846_2000.scene.mp4
2015-05-04 17:22 - 2015-05-06 13:22 - 00002204 _____ () C:\Windows\setupact.log
2015-05-04 17:22 - 2015-05-04 17:22 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-03 22:49 - 2015-05-03 22:50 - 00114401 _____ () C:\Users\bubba7420\Desktop\bug.txt
2015-05-03 21:55 - 2015-05-03 21:55 - 00000000 ____D () C:\Users\bubba7420\Desktop\attachments (2)
2015-05-03 21:54 - 2015-05-03 21:55 - 02536741 _____ () C:\Users\bubba7420\Downloads\attachments (2).zip
2015-05-02 19:56 - 2015-05-03 01:28 - 00675465 _____ () C:\Users\bubba7420\Desktop\lutz ent center.kit
2015-05-02 19:56 - 2015-05-03 00:54 - 00651596 _____ () C:\Users\bubba7420\Desktop\lutz ent center.bak
2015-05-02 15:51 - 2015-05-02 16:03 - 405712226 _____ () C:\Users\bubba7420\Downloads\mp4_480_2000-{b21c7e5e-2a12-421b-8ee7-3347be22afdf}.dtapart
2015-05-02 15:32 - 2015-05-02 15:36 - 566464482 _____ () C:\Users\bubba7420\Downloads\ihwrichelleseth_qt.mp4
2015-05-01 22:23 - 2015-05-01 22:23 - 01477453 _____ () C:\Users\bubba7420\Downloads\CleanSuite.zip
2015-05-01 21:09 - 2015-05-01 21:09 - 01521256 _____ (Luth Research LLC.) C:\Users\bubba7420\Downloads\SavvyConnect.exe
2015-05-01 21:07 - 2015-05-01 21:07 - 00797248 _____ (Generic ) C:\Users\bubba7420\Downloads\adobe_flash_setup.exe
2015-05-01 18:51 - 2015-05-06 19:16 - 00432401 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 18:44 - 2015-05-01 18:44 - 00881814 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-01 18:37 - 2015-05-01 18:44 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\ZoomInfoCEUtility
2015-05-01 18:36 - 2015-05-01 18:36 - 00181136 _____ () C:\Users\bubba7420\Downloads\ZoomInfoContactContributor-48 (1).exe
2015-05-01 18:35 - 2015-05-01 18:47 - 00000000 ____D () C:\Users\bubba7420\Documents\Outlook Files
2015-05-01 18:33 - 2015-05-01 18:33 - 00181136 _____ () C:\Users\bubba7420\Downloads\ZoomInfoContactContributor-48.exe
2015-05-01 18:30 - 2015-05-01 18:32 - 00209628 _____ () C:\Users\bubba7420\Desktop\cc_20150501_183005.reg
2015-05-01 03:24 - 2015-05-01 03:25 - 00046452 _____ () C:\Users\bubba7420\Desktop\Addition.txt
2015-05-01 03:22 - 2015-05-07 02:29 - 00034236 _____ () C:\Users\bubba7420\Desktop\FRST.txt
2015-05-01 03:06 - 2015-05-07 02:26 - 02102272 _____ (Farbar) C:\Users\bubba7420\Desktop\FRST64.exe
2015-05-01 03:04 - 2015-05-01 03:05 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\bubba7420\Desktop\cbSetup.exe
2015-04-30 20:19 - 2015-04-30 20:19 - 00000000 ____H () C:\ProgramData\cm-lock
2015-04-27 20:40 - 2015-04-27 20:48 - 724571307 _____ () C:\Users\bubba7420\Downloads\amrahyndeejoey_qt.mp4
2015-04-27 17:11 - 2015-04-27 17:11 - 00002806 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-27 17:11 - 2015-04-27 17:11 - 00001736 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-04-27 17:11 - 2015-04-27 17:11 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\Program Files\Defraggler
2015-04-27 17:11 - 2015-04-27 17:11 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-27 17:10 - 2015-04-27 17:10 - 04532776 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\dfsetup219.exe
2015-04-27 17:09 - 2015-04-27 17:10 - 00001714 _____ () C:\Users\bubba7420\Downloads\Defraggler.ini
2015-04-27 17:09 - 2015-04-27 17:09 - 00000000 ____D () C:\Users\bubba7420\Downloads\lang
2015-04-27 17:09 - 2015-04-27 17:09 - 00000000 _____ () C:\Users\bubba7420\Downloads\statistics.bin
2015-04-27 17:09 - 2014-04-09 13:05 - 04419352 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\Defraggler64.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 03503384 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\Defraggler.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 01555736 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\df64.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 01275160 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\df.exe
2015-04-27 17:09 - 2014-04-09 13:05 - 00164632 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\DefragglerShell.dll
2015-04-27 17:09 - 2014-04-09 13:05 - 00106264 _____ (Piriform Ltd) C:\Users\bubba7420\Downloads\DefragglerShell64.dll
2015-04-27 17:09 - 2013-08-20 14:35 - 00005540 _____ () C:\Users\bubba7420\Downloads\License.txt
2015-04-27 17:09 - 2012-06-05 10:35 - 00000010 _____ () C:\Users\bubba7420\Downloads\portable.dat
2015-04-27 17:03 - 2015-04-27 17:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SCUBAMAN2009-Microsoft-Windows-8.1-(64-bit).dat
2015-04-27 17:02 - 2015-04-27 17:02 - 04776783 _____ () C:\Users\bubba7420\Downloads\dfsetup218.zip
2015-04-27 17:02 - 2015-04-27 17:02 - 00002302 _____ () C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\RegBackup
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-04-27 17:02 - 2015-04-27 17:02 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-04-27 17:00 - 2015-04-27 17:01 - 03443632 _____ () C:\Users\bubba7420\Downloads\tweaking.com_simple_system_tweaker_setup.exe
2015-04-27 16:27 - 2015-04-27 16:27 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2015-04-27 16:24 - 2015-04-27 16:24 - 06064000 _____ (TeamViewer) C:\Users\bubba7420\Downloads\TeamViewerQS (1).exe
2015-04-27 16:09 - 2015-04-27 16:09 - 06064000 _____ (TeamViewer) C:\Users\bubba7420\Downloads\TeamViewerQS.exe
2015-04-27 15:22 - 2015-04-27 15:27 - 127880191 _____ () C:\Users\bubba7420\Downloads\gemon_1q.zip
2015-04-27 15:22 - 2015-04-27 15:25 - 75860383 _____ () C:\Users\bubba7420\Downloads\kohler-b.zip
2015-04-27 11:14 - 2015-04-27 16:21 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-27 11:14 - 2015-04-27 16:20 - 00002460 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-04-27 11:14 - 2015-04-27 11:14 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-04-27 11:14 - 2015-04-27 11:14 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-04-27 11:14 - 2015-04-27 11:14 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-04-27 11:12 - 2015-04-27 16:22 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-04-27 11:12 - 2015-04-27 16:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-04-27 11:12 - 2015-04-27 11:12 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2015-04-27 10:47 - 2015-04-27 10:47 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\2020 Design.lnk
2015-04-27 10:47 - 2015-04-27 10:47 - 00001397 _____ () C:\Users\Public\Desktop\2020 Design.lnk
2015-04-27 10:47 - 2015-04-27 10:47 - 00001361 _____ () C:\Users\Public\Desktop\Catalog Manager.lnk
2015-04-27 10:35 - 2015-04-27 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Design
2015-04-27 10:17 - 2015-04-27 10:17 - 01021632 _____ (Symantec Corporation) C:\Users\bubba7420\Downloads\Norton_Download_Manager.exe
2015-04-27 10:05 - 2015-04-27 10:06 - 00000000 ____D () C:\Users\bubba7420\Documents\WebCam Media
2015-04-27 10:05 - 2015-04-27 10:05 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-04-27 04:44 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-27 04:44 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-27 04:44 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-27 04:44 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-27 04:44 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-27 04:44 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-27 04:44 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-27 04:44 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-27 04:44 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-27 04:44 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-27 04:44 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-27 04:44 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-27 04:43 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-27 04:43 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-27 04:43 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-27 04:43 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-27 04:43 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-27 04:43 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-27 04:43 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-27 04:43 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-27 04:43 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-27 04:43 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-27 04:43 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-27 04:43 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-27 04:43 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-27 04:43 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-27 04:43 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-27 04:43 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-27 04:43 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-27 04:43 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-27 04:43 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-27 04:43 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-27 04:43 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-27 04:43 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-27 04:43 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-27 04:43 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-27 04:43 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-27 04:43 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-27 04:43 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-27 04:43 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-27 04:43 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-27 04:43 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-27 04:43 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-27 04:43 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-27 04:43 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-27 04:43 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-27 04:43 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-27 04:43 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-27 04:43 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-27 04:43 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-27 04:43 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-27 04:42 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-27 04:42 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-27 04:42 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-27 04:42 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-27 04:42 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-27 04:42 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-27 04:42 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-27 04:42 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-27 04:42 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-27 04:42 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-27 04:42 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-27 04:42 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-27 04:42 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-27 04:42 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-26 20:51 - 2015-04-26 20:51 - 00001138 _____ () C:\ProgramData\SMRResults430.dat
2015-04-26 20:38 - 2015-04-26 20:39 - 00000000 ____D () C:\NPE
2015-04-26 20:36 - 2015-04-26 20:45 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\NPE
2015-04-26 15:53 - 2015-05-03 22:02 - 00007597 _____ () C:\Users\bubba7420\AppData\Local\Resmon.ResmonCfg
2015-04-25 20:24 - 2015-04-25 20:24 - 00000566 _____ () C:\Users\bubba7420\Downloads\TipMediaPlayer_Setup.website
2015-04-25 14:43 - 2015-04-25 14:43 - 01065505 _____ () C:\Users\bubba7420\Downloads\memboost_1959.zip
2015-04-25 14:43 - 2015-04-25 14:43 - 00000000 ____D () C:\Users\bubba7420\Downloads\memboost_1959
2015-04-24 16:16 - 2015-04-24 16:16 - 00000072 _____ () C:\arrays.xml
2015-04-22 23:09 - 2015-04-22 23:09 - 00000876 _____ () C:\nsinst.log
2015-04-22 23:09 - 2015-04-22 23:09 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight
2015-04-22 20:53 - 2015-04-24 16:31 - 00000000 ____D () C:\kingsbury
2015-04-21 22:48 - 2015-04-21 22:48 - 00000518 _____ () C:\Users\bubba7420\Downloads\gamewham-setup.website
2015-04-21 16:42 - 2015-04-21 16:43 - 00000000 ____D () C:\Users\bubba7420\Desktop\unity
2015-04-21 16:36 - 2015-04-21 16:43 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\Unity
2015-04-21 16:12 - 2015-04-21 16:43 - 00000000 ____D () C:\ProgramData\Unity
2015-04-19 21:29 - 2015-04-19 21:29 - 01018630 _____ () C:\Users\bubba7420\Desktop\laundry sink standalone.skp
2015-04-17 16:16 - 2015-04-27 03:59 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Unity
2015-04-17 16:06 - 2015-04-17 16:16 - 00000000 ____D () C:\Program Files\Unity
2015-04-16 10:53 - 2015-04-16 10:56 - 00000000 ____D () C:\harmony
2015-04-16 10:36 - 2015-04-16 10:36 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-04-16 10:34 - 2015-04-27 04:00 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Citrix
2015-04-15 23:55 - 2015-04-15 23:55 - 00000000 ____D () C:\harmony1866jre1845
2015-04-12 01:42 - 2015-04-12 01:42 - 02312522 _____ () C:\Users\bubba7420\Desktop\14023_ID_1.dwfx
2015-04-10 22:05 - 2015-05-07 02:10 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 22:05 - 2015-05-06 22:10 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 22:05 - 2015-04-30 20:11 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-10 22:05 - 2015-04-27 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-10 22:05 - 2015-04-10 22:05 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-10 22:05 - 2015-04-10 22:05 - 00003666 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-10 22:04 - 2015-04-10 00:38 - 00050720 _____ () C:\Users\bubba7420\Desktop\leary vanities right.skb
2015-04-10 22:02 - 2015-04-10 22:02 - 00000000 __SHD () C:\Users\bubba7420\AppData\Local\EmieBrowserModeList
2015-04-10 13:47 - 2015-04-23 16:50 - 01060696 _____ () C:\Users\bubba7420\Desktop\leary residence vanity shop drawing.dwg
2015-04-10 13:47 - 2015-04-23 02:39 - 01044359 _____ () C:\Users\bubba7420\Desktop\leary residence vanity shop drawing.bak
2015-04-10 00:38 - 2015-04-10 22:04 - 00051488 _____ () C:\Users\bubba7420\Desktop\leary vanities right.skp
2015-04-09 22:24 - 2015-04-09 22:24 - 28883181 _____ () C:\Users\bubba7420\Desktop\14028-LEARY REMODEL DV_rev 1.dwfx
2015-04-09 18:21 - 2015-04-09 18:21 - 00002178 _____ () C:\Users\Public\Desktop\Style Builder 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00002092 _____ () C:\Users\Public\Desktop\LayOut 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00002003 _____ () C:\Users\Public\Desktop\SketchUp 2015.lnk
2015-04-09 18:21 - 2015-04-09 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-04-09 18:20 - 2015-04-09 18:20 - 00000000 ____D () C:\Program Files\SketchUp
2015-04-09 18:12 - 2015-04-09 18:22 - 00000000 ____D () C:\Users\bubba7420\Downloads\SKETCHUP PRO 2015 PTBR www.ricmessimasters.com
2015-04-09 13:52 - 2015-04-09 14:53 - 02074368 _____ () C:\Users\bubba7420\Desktop\leary^3.kit
2015-04-09 13:52 - 2015-04-09 13:57 - 02073323 _____ () C:\Users\bubba7420\Desktop\leary^3.bak
2015-04-08 21:55 - 2015-04-09 02:38 - 02161187 _____ () C:\Users\bubba7420\Desktop\leary^2.kit
2015-04-08 21:55 - 2015-04-09 02:25 - 02261419 _____ () C:\Users\bubba7420\Desktop\leary^2.bak
2015-04-07 15:59 - 2015-04-07 15:59 - 00001540 _____ () C:\Users\bubba7420\Desktop\Crystal Product Catalog.lnk
2015-04-07 15:59 - 2015-04-07 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Product Catalog
2015-04-07 15:58 - 2015-04-07 15:59 - 00000000 ____D () C:\Catalog_Kiosk
2015-04-07 15:35 - 2015-04-27 04:00 - 00000000 ____D () C:\postgres
2015-04-07 15:34 - 2015-04-27 04:00 - 00000000 ____D () C:\apache-tomcat-6.0.18
2015-04-07 15:32 - 2015-04-27 04:00 - 00000000 ____D () C:\csremote38
2015-04-07 02:03 - 2015-04-07 02:17 - 455304191 _____ () C:\Users\bubba7420\Downloads\danicadillonkf020915-bgvid_full.mp4.part
2015-04-07 01:48 - 2015-04-08 20:57 - 01121763 _____ () C:\Users\bubba7420\Desktop\leary^1.kit
2015-04-07 01:48 - 2015-04-08 20:56 - 01121736 _____ () C:\Users\bubba7420\Desktop\leary^1.bak
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-07 02:29 - 2015-02-15 18:08 - 00000000 ____D () C:\FRST
2015-05-07 02:10 - 2014-08-04 14:16 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\Skype
2015-05-07 01:41 - 2014-09-19 21:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-06 22:48 - 2014-08-04 15:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC6E30AF-41D7-461F-A0AA-2DE72C7924F9}
2015-05-06 18:56 - 2014-08-15 02:17 - 00005004 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SCUBAMAN2009-bubba7420 SCUBAMAN2009
2015-05-06 16:36 - 2014-08-22 20:25 - 00047316 _____ () C:\Users\bubba7420\Documents\acltstk.dmp
2015-05-06 16:17 - 2014-10-10 16:18 - 00000386 _____ () C:\Windows\Tasks\Indexing Task - bubba7420.job
2015-05-06 16:17 - 2014-08-04 13:31 - 00000000 ____D () C:\Temp
2015-05-06 11:21 - 2015-01-09 20:07 - 02050048 ___SH () C:\Users\bubba7420\Desktop\Thumbs.db
2015-05-06 02:32 - 2014-08-04 15:39 - 00000000 ____D () C:\Users\bubba7420
2015-05-06 01:44 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-06 01:43 - 2014-08-04 12:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-06 01:43 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 17:23 - 2014-10-18 14:03 - 52535808 ___SH () C:\Users\bubba7420\Downloads\Thumbs.db
2015-05-05 13:53 - 2014-08-07 12:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-04 22:15 - 2014-08-11 16:22 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-05-04 19:31 - 2015-03-26 19:44 - 00004182 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2015-05-04 19:30 - 2015-03-26 19:44 - 00003510 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2015-05-03 23:18 - 2014-08-04 15:39 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\Adobe
2015-05-03 20:05 - 2015-02-11 04:37 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2015-05-02 17:13 - 2014-08-04 12:44 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2035716259-1072719170-3345313272-1001
2015-05-02 01:28 - 2014-08-04 21:46 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\CrashDumps
2015-05-01 17:39 - 2014-08-04 14:14 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\uTorrent
2015-05-01 17:38 - 2014-08-12 12:01 - 00000000 ____D () C:\Windows\Minidump
2015-05-01 17:38 - 2014-08-04 16:27 - 00000000 ____D () C:\Windows\Panther
2015-05-01 13:31 - 2015-03-26 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2015-05-01 12:35 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-30 13:42 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-04-29 22:54 - 2014-08-04 14:15 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 22:45 - 2014-12-12 18:11 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-29 22:45 - 2014-08-09 14:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-29 20:38 - 2014-08-04 15:39 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Packages
2015-04-29 14:32 - 2014-08-06 13:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-29 14:13 - 2014-08-06 13:00 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-29 14:13 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-28 22:30 - 2014-08-04 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 00:19 - 2014-08-06 15:28 - 00000000 ____D () C:\Users\bubba7420\Downloads\v
2015-04-27 17:40 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-04-27 17:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-27 11:26 - 2014-08-04 13:44 - 00000000 ____D () C:\ProgramData\Norton
2015-04-27 11:09 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-27 10:48 - 2014-08-04 16:35 - 00000355 _____ () C:\Windows\SysWOW64\lsprst7.tgz
2015-04-27 10:48 - 2014-08-04 16:35 - 00000341 _____ () C:\Windows\SysWOW64\lsprst7.dll
2015-04-27 10:48 - 2014-08-04 16:35 - 00000016 ____H () C:\Windows\SysWOW64\servdat.slm
2015-04-27 10:48 - 2014-08-04 16:26 - 00000000 ____D () C:\ProgramData\20-20 Technologies
2015-04-27 10:48 - 2014-08-04 14:36 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-04-27 10:35 - 2014-09-18 01:56 - 00000000 ____D () C:\Program Files (x86)\20-20 Technologies
2015-04-27 10:05 - 2014-08-04 14:20 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\ArcSoft
2015-04-27 04:01 - 2015-04-04 19:53 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-27 04:01 - 2015-02-11 04:37 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\TunnelBear
2015-04-27 04:01 - 2014-10-29 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-27 04:01 - 2014-08-07 18:35 - 00000000 ____D () C:\Users\bubba7420\AppData\Roaming\TeraCopy
2015-04-27 04:01 - 2014-08-06 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harmony
2015-04-27 04:01 - 2013-08-22 15:11 - 00000000 ____D () C:\Windows\ShellNew
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 __RSD () C:\Windows\Media
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-27 04:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-27 04:01 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-04-27 04:01 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-04-27 03:53 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration
2015-04-27 03:47 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-27 03:46 - 2014-08-24 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-27 03:44 - 2014-10-29 22:29 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-27 03:43 - 2014-08-07 12:16 - 00000000 __RHD () C:\MSOCache
2015-04-27 03:34 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-21 13:29 - 2014-08-09 23:46 - 00056021 _____ () C:\datamanager.log
2015-04-16 20:36 - 2014-08-09 23:45 - 00000779 _____ () C:\dealer.log
2015-04-15 10:39 - 2014-11-12 13:07 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 12:41 - 2014-09-19 21:27 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 19:24 - 2015-03-14 15:06 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-13 19:24 - 2015-03-14 15:06 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 18:34 - 2014-08-09 02:22 - 00000000 ____D () C:\Users\bubba7420\Desktop\Sketchup
2015-04-11 17:27 - 2014-08-04 15:42 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-11 01:16 - 2014-10-13 14:28 - 00000000 ____D () C:\Users\bubba7420\Desktop\2020 help
2015-04-10 22:22 - 2014-08-04 22:39 - 00000000 ____D () C:\Users\bubba7420\AppData\Local\Adobe
2015-04-10 22:05 - 2014-08-04 13:12 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-09 18:14 - 2014-12-08 20:48 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-04-07 15:35 - 2014-08-06 14:17 - 00001566 _____ () C:\Users\Public\Desktop\Harmony.lnk
 
==================== Files in the root of some directories =======
 
2014-11-01 20:30 - 2014-11-13 12:27 - 0000004 _____ () C:\Users\bubba7420\AppData\Roaming\appdataFr2.bin
2014-10-14 13:02 - 2014-10-14 13:02 - 0000303 _____ () C:\Users\bubba7420\AppData\Roaming\FotoSketcher.ini
2015-04-26 15:53 - 2015-05-03 22:02 - 0007597 _____ () C:\Users\bubba7420\AppData\Local\Resmon.ResmonCfg
2015-04-30 20:19 - 2015-04-30 20:19 - 0000000 ____H () C:\ProgramData\cm-lock
2015-04-26 20:51 - 2015-04-26 20:51 - 0001138 _____ () C:\ProgramData\SMRResults430.dat
 
Files to move or delete:
====================
C:\ProgramData\SMRResults430.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-29 11:51
 
==================== End Of Log ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,950 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:15 PM

Posted 08 May 2015 - 07:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

Toolbar: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bubba7420\AppData\Roaming\Mozilla\plugins\npatgpc.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll No File
CHR Extension: (Poppit!) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-02-16]
CHR Extension: (CrowdFlower) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd [2015-04-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#5 scubaman2009

scubaman2009
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 09 May 2015 - 12:18 AM

ok so i ran all that stuff, still is running slow and maxing out the disk usage..

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015 01
Ran by bubba7420 at 2015-05-08 11:18:17 Run:3
Running from C:\Users\bubba7420\Desktop
Loaded Profiles: bubba7420 (Available profiles: bubba7420)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
Toolbar: HKU\S-1-5-21-2035716259-1072719170-3345313272-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bubba7420\AppData\Roaming\Mozilla\plugins\npatgpc.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll No File
CHR Extension: (Poppit!) -
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-02-16]
CHR Extension: (CrowdFlower) - C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd [2015-04-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-2035716259-1072719170-3345313272-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found. 
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll not found.
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File not found.
C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll not found.
C:\Users\bubba7420\AppData\Roaming\Mozilla\plugins\npatgpc.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll not found.
CHR Extension: (Poppit!) - directory not found.
"C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-02-16]" => File/Directory not found.
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi => Moved successfully.
"C:\Users\bubba7420\AppData\Local\Google\Chrome\User Data\Default\Extensions\moncgiclmgkdhmkagcincfkkikpaggcd" => File/Directory not found.
 
 
The system needed a reboot. 
 
==== End of Fixlog 11:18:44 ====
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/8/2015
Scan Time: 3:02:26 PM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.05.08.07
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: bubba7420
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 382295
Time Elapsed: 33 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.CheapNEnjoy.A, C:\ProgramData\cheapnenjoy, Quarantined, [b97ea7eaabdf191d2e653294a95a3cc4], 
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
# AdwCleaner v4.203 - Logfile created 09/05/2015 at 01:05:21
# Updated 30/04/2015 by Xplode
# Database : 2015-05-08.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : bubba7420 - SCUBAMAN2009
# Running from : C:\Users\bubba7420\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v35.0 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.135
 
 
*************************
 
AdwCleaner[R0].txt - [3827 bytes] - [15/02/2015 17:46:28]
AdwCleaner[R1].txt - [902 bytes] - [08/05/2015 22:07:02]
AdwCleaner[R2].txt - [960 bytes] - [08/05/2015 22:10:55]
AdwCleaner[R3].txt - [1018 bytes] - [09/05/2015 01:04:25]
AdwCleaner[S0].txt - [3580 bytes] - [15/02/2015 17:48:31]
AdwCleaner[S1].txt - [945 bytes] - [09/05/2015 01:05:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1003  bytes] ##########
 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,950 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:15 PM

Posted 09 May 2015 - 06:27 AM

Check for missing or corrupted Operating files in your system.

Execute the instructions on this page.
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html
===

If that fails to correct the problem try this.

Restore your Windows 7 to the Last good configuration
Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7
<<<>>>

Keep me posted.

#7 scubaman2009

scubaman2009
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 11 May 2015 - 07:48 PM

ok so i did the sfc /scannow thing and it said that there where no errors and then i restored from the from the ast good config and its still running really slow disk is maxing out



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,950 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:15 PM

Posted 12 May 2015 - 08:05 AM

See if you can find the culprit.

How to perform a clean boot in Windows Vista, W7, W8.
http://support.microsoft.com/kb/929135

Read and follow the instructions on the page before proceeding.

Did you find any conflicting issues?
===

#9 scubaman2009

scubaman2009
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 17 May 2015 - 01:53 PM

i know that the file that causes it to jump to 100% is the ntoskrnl.exe system process



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,950 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:15 PM

Posted 18 May 2015 - 07:15 AM

i know that the file that causes it to jump to 100% is the ntoskrnl.exe system process


This can be caused by many things.
Refer to this topic.

https://social.technet.microsoft.com/Forums/lync/en-US/ee8834d0-3c6e-4eb8-9c31-a6d1651d61de/ntoskrnlexe-100-disk-usage-windows-80-and-81

It's not malware and not my forte.

I suggest you try to find a fix in the link above or start a new topic in the Windows 8 forum.
An expert with that operating system will be able to help you better than I can.

http://www.bleepingcomputer.com/forums/f/209/windows-8-and-windows-81/

I will leave this topic open if you need to return please do.

#11 scubaman2009

scubaman2009
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:FLORIDA
  • Local time:07:15 PM

Posted 18 May 2015 - 08:20 AM

ok will check it out and probably post something there. thank you so much for your help it is greatly appreciated



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,950 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:15 PM

Posted 24 May 2015 - 06:57 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users