I am using another computer to do this.
I hope I did this right.
I seem to have a virus or spyware on my windows 8 PC.
when i go to login the input box starts putting in [[[[[[[[[[[[[....0/.....[[[[ over and over. all i could do is login to guest because of no password. I cant browse windows or any folder as the folder changes rapidly to random folders. cant search internet because of the typing happens to any input box. I tried different keyboards but no luck. I managed to run avast and it is clean.
Anyone have some advice besides formatting and loosing everything?
Thanks to anyone who is up for this challenge.
Fubar First log file:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Guest (administrator) on DARRYLL on 17-03-2015 10:56:38
Running from C:\Users\Guest\Desktop
Loaded Profiles: Guest (Available profiles: Dmath1n & sheil_000 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Hewlett-Packard )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-4119854215-1993708495-3817598737-501\...\RunOnce: [Adobe Speed Launcher] => 1426602651
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => "C:\PROGRA~3\Wincert\WIN32C~1.DLL" File Not Found
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger]
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-4119854215-1993708495-3817598737-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/19
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://ca.search.yahoo.com/yhs/search? ... yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/19
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4119854215-1993708495-3817598737-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/19
HKU\S-1-5-21-4119854215-1993708495-3817598737-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/19
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://ca.search.yahoo.com/yhs/search? ... yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {90A3E7EE-32D9-4D9A-A359-DFCD08323B65} URL = http://www.amazon.ca/s/ref=azs_osd_ieac ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://ca.search.yahoo.com/yhs/search? ... yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-01] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-01] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\tg2t9exv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-01-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-01-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-09-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-09-12] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF Extension: No Name - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3 [2014-04-25]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-01] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink)
S3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-01-28] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-01-28] (Intel Corporation)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-01-07] (PowerUp Software, LLC) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-01] ()
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-15] (CyberLink)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2014-12-05] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-28] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [115272 2012-03-25] (MotioninJoy) [File not signed]
R3 Neo_VPN2; C:\Windows\system32\DRIVERS\Neo_VPN2.sys [28768 2015-01-11] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
U5 SEE; C:\Windows\System32\Drivers\SEE.sys [38240 2015-01-11] (SoftEther VPN Project at University of Tsukuba, Japan.)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [38112 2015-01-11] (SoftEther VPN Project at University of Tsukuba, Japan.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-17] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U3 fxtdapob; \??\C:\Users\Guest\AppData\Local\Temp\fxtdapob.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 10:56 - 2015-03-17 10:56 - 00019854 _____ () C:\Users\Guest\Desktop\FRST.txt
2015-03-17 10:56 - 2015-03-17 10:56 - 00000000 ____D () C:\FRST
2015-03-17 10:53 - 2015-03-17 10:53 - 01388672 _____ (Thisisu) C:\Users\Guest\Desktop\JRT.exe
2015-03-17 10:52 - 2015-03-17 10:52 - 02171392 _____ () C:\Users\Guest\Desktop\AdwCleaner.exe
2015-03-17 10:52 - 2015-03-17 10:52 - 02095616 _____ (Farbar) C:\Users\Guest\Desktop\FRST64(1).exe
2015-03-17 10:51 - 2015-03-17 10:51 - 02095616 _____ (Farbar) C:\Users\Guest\Desktop\FRST64.exe
2015-03-17 10:47 - 2015-03-17 10:47 - 00015846 _____ () C:\Users\Guest\Documents\.....................................log
2015-03-17 10:32 - 2015-03-17 10:33 - 00000000 ____D () C:\Users\Guest\Desktop\gmer
2015-03-17 08:54 - 2015-03-17 08:54 - 00688992 _____ (Swearware) C:\Users\Guest\Desktop\dds.scr
2015-03-17 07:53 - 2015-03-17 07:53 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2015-03-17 07:53 - 2015-03-17 07:53 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2015-03-17 07:53 - 2015-03-17 07:53 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieBrowserModeList
2015-03-16 18:36 - 2015-03-16 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2015-03-16 18:31 - 2015-03-04 17:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-16 18:31 - 2015-03-04 17:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-16 10:20 - 2015-03-16 10:20 - 00000000 ____D () C:\Users\Dmath1n\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-03-16 08:54 - 2015-03-16 08:54 - 00000000 ____D () C:\Program Files (x86)\DoGoodSoft
2015-03-15 10:42 - 2015-03-16 09:20 - 00000000 ____D () C:\Program Files (x86)\Card Data Recovery
2015-03-15 10:31 - 2015-03-15 10:31 - 00000000 ____D () C:\Program Files\EaseUS
2015-03-15 09:35 - 2015-03-15 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2015-03-15 09:35 - 2015-03-15 09:35 - 00000000 ____D () C:\Program Files (x86)\Western Digital Corporation
2015-03-11 03:12 - 2015-03-05 22:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 03:12 - 2015-03-05 22:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 03:12 - 2015-02-25 19:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 03:12 - 2015-02-19 23:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 03:12 - 2015-02-19 22:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 03:12 - 2015-02-19 22:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 03:12 - 2015-02-19 22:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 03:12 - 2015-02-06 19:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 03:12 - 2015-02-05 21:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 03:12 - 2015-02-05 21:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 03:12 - 2015-02-05 16:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 03:12 - 2015-02-03 19:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 03:12 - 2015-02-03 19:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 03:12 - 2015-02-03 19:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 03:12 - 2015-02-02 20:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 03:12 - 2015-02-02 20:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 03:12 - 2015-02-02 19:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 03:12 - 2015-02-02 19:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 03:12 - 2015-01-30 19:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 03:12 - 2015-01-30 19:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 03:12 - 2015-01-30 19:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 03:12 - 2015-01-29 23:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 03:12 - 2015-01-29 23:00 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 03:12 - 2015-01-29 22:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 03:12 - 2015-01-29 22:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 03:12 - 2015-01-29 21:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 03:12 - 2015-01-29 21:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 03:12 - 2015-01-29 21:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 03:12 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 03:12 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 03:12 - 2015-01-28 21:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 03:12 - 2015-01-28 21:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 03:12 - 2015-01-28 21:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 03:12 - 2015-01-28 21:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 03:12 - 2015-01-28 20:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 03:12 - 2015-01-28 20:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 03:12 - 2015-01-28 20:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 03:12 - 2015-01-28 20:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 03:12 - 2015-01-28 11:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 03:12 - 2015-01-28 11:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 03:12 - 2015-01-28 11:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 03:12 - 2015-01-27 22:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 03:12 - 2015-01-27 21:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 03:12 - 2015-01-27 00:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 03:12 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 03:12 - 2015-01-26 22:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 03:12 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 03:12 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 03:12 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 03:12 - 2014-10-28 23:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 03:12 - 2014-10-28 22:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 03:12 - 2014-10-28 22:46 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-03-11 03:12 - 2014-10-28 22:46 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-03-11 03:12 - 2014-10-28 22:45 - 01198080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-03-11 03:12 - 2014-10-28 22:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 03:12 - 2014-10-28 22:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 03:12 - 2014-10-28 22:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 03:12 - 2014-10-28 22:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 03:12 - 2014-10-28 22:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 03:12 - 2014-10-28 22:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 03:12 - 2014-10-28 22:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 03:12 - 2014-10-28 22:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 03:12 - 2014-10-28 22:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 03:12 - 2014-10-28 22:03 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2015-03-11 03:12 - 2014-10-28 22:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 03:12 - 2014-10-28 22:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 03:12 - 2014-10-28 21:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 03:12 - 2014-10-28 21:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 03:12 - 2014-10-28 21:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 03:12 - 2014-10-28 21:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 03:12 - 2014-10-28 21:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 03:12 - 2014-10-28 21:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 03:12 - 2014-10-28 21:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 03:12 - 2014-10-28 21:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 03:12 - 2014-10-28 21:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 03:12 - 2014-10-28 20:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 03:12 - 2014-10-28 20:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 03:12 - 2014-10-28 20:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 03:12 - 2014-10-28 20:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 03:12 - 2014-10-28 20:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 03:11 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 03:11 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 03:11 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 03:11 - 2015-02-20 20:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 03:11 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 03:11 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 03:11 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 03:11 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 03:11 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 03:11 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 03:11 - 2015-02-19 22:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 03:11 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 03:11 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 03:11 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 03:11 - 2015-02-19 22:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 03:11 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 03:11 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 03:11 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 03:11 - 2015-02-19 21:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 03:11 - 2015-02-19 21:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 03:11 - 2015-02-19 21:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 03:11 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 03:11 - 2015-02-19 21:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 03:11 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 03:11 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 03:11 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 03:11 - 2015-02-19 21:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 03:11 - 2015-02-19 21:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 03:11 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 03:11 - 2015-02-19 21:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 03:11 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 03:11 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 03:11 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 03:11 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 03:11 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 03:11 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 03:11 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 03:11 - 2015-02-12 13:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 03:11 - 2015-02-12 13:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 03:11 - 2015-02-07 19:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 03:11 - 2015-02-07 19:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 03:11 - 2015-01-29 22:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 03:11 - 2015-01-29 21:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 03:11 - 2015-01-29 21:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 03:11 - 2015-01-29 21:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 03:11 - 2015-01-29 21:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 03:11 - 2015-01-29 21:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 03:11 - 2015-01-29 21:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 03:11 - 2015-01-29 21:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 03:11 - 2015-01-29 14:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 03:11 - 2015-01-29 14:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 03:11 - 2015-01-27 21:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 03:11 - 2015-01-27 21:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 03:11 - 2015-01-27 19:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 03:11 - 2015-01-27 19:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 03:11 - 2015-01-21 01:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 03:11 - 2015-01-21 01:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 03:11 - 2014-12-11 01:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 03:11 - 2014-10-28 21:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 03:11 - 2014-10-28 20:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-10 10:13 - 2015-03-10 10:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-04 11:53 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-03-04 11:53 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-03-04 11:53 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-03-04 11:53 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-03-04 11:53 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-03-04 11:53 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-03-04 11:52 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-03-04 11:52 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-03-04 11:52 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-03-04 11:52 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-03-04 11:52 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-03-04 11:52 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-03-04 11:52 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-03-04 11:52 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-03-04 11:52 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-03-04 11:52 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-03-04 11:52 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-03-04 11:52 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-03-04 10:06 - 2015-03-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2015-03-03 11:03 - 2015-03-03 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-02-25 00:40 - 2014-12-13 17:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 00:40 - 2014-12-13 17:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 00:40 - 2014-10-28 21:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 00:40 - 2014-10-28 21:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 00:40 - 2014-10-28 21:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 00:40 - 2014-10-28 21:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-02-23 09:35 - 2015-03-04 10:06 - 00001995 _____ () C:\Users\Public\Desktop\InputMapper.lnk
2015-02-23 09:35 - 2015-03-04 10:06 - 00000000 ____D () C:\Users\Dmath1n\AppData\Roaming\InputMapper
2015-02-19 08:49 - 2015-02-19 08:49 - 00000000 ____D () C:\Users\Dmath1n\AppData\Local\DM
2015-02-19 05:08 - 2015-02-19 05:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2015-02-19 05:08 - 2015-02-19 05:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2015-02-19 05:08 - 2015-02-19 05:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-17 16:04 - 2015-02-17 16:04 - 01202848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 10:35 - 2013-11-14 03:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-17 10:32 - 2013-03-22 13:00 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-03-17 10:30 - 2014-10-17 08:22 - 00000000 ____D () C:\ProgramData\Kodak
2015-03-17 10:29 - 2014-10-06 09:35 - 00015131 _____ () C:\WINDOWS\setupact.log
2015-03-17 10:29 - 2014-09-27 18:30 - 00100032 _____ () C:\WINDOWS\PFRO.log
2015-03-17 10:29 - 2014-01-08 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-17 10:29 - 2013-10-19 03:19 - 00003635 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-03-17 10:29 - 2013-10-19 03:19 - 00000088 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-03-17 10:29 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-17 10:10 - 2014-04-09 10:39 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-17 10:08 - 2014-09-09 09:58 - 01211017 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-17 10:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-17 09:31 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-17 08:35 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-17 08:32 - 2014-06-17 09:09 - 00000465 _____ () C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2015-03-17 06:21 - 2015-01-06 09:29 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2015-03-16 20:46 - 2014-05-22 10:07 - 00000000 ____D () C:\Users\Dmath1n\Desktop\Torrents
2015-03-16 20:44 - 2014-01-02 11:25 - 00000000 ____D () C:\Users\Dmath1n\AppData\Roaming\vlc
2015-03-16 20:25 - 2013-12-30 17:25 - 00000000 ____D () C:\Users\Dmath1n\AppData\Roaming\uTorrent
2015-03-16 18:45 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-16 18:40 - 2014-11-21 11:05 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2015-03-16 18:39 - 2014-01-10 19:11 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-16 18:36 - 2014-11-21 11:05 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2015-03-16 18:29 - 2013-08-22 10:44 - 05126920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-16 18:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-16 11:10 - 2013-12-27 16:17 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4119854215-1993708495-3817598737-1001
2015-03-16 10:15 - 2014-04-21 13:22 - 00000000 ____D () C:\Users\Dmath1n\Desktop\shortcuts
2015-03-16 09:29 - 2014-01-08 17:02 - 00000000 ____D () C:\Users\Dmath1n
2015-03-14 20:08 - 2014-01-05 18:44 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-14 10:17 - 2014-10-15 09:42 - 00000000 ____D () C:\Users\Dmath1n\AppData\Local\Adobe
2015-03-14 10:17 - 2014-01-05 18:44 - 00003720 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-14 07:24 - 2014-02-17 16:31 - 00000512 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-03-14 07:21 - 2013-12-27 17:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-11 07:04 - 2013-12-28 13:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 07:00 - 2013-12-28 16:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-11 06:58 - 2013-12-28 16:34 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-09 10:02 - 2014-11-16 14:49 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-09 10:02 - 2014-11-16 14:49 - 00001130 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-04 11:55 - 2015-01-07 09:34 - 00000000 ____D () C:\Users\Dmath1n\Documents\Eidos
2015-03-04 11:53 - 2015-01-07 09:27 - 00375615 _____ () C:\WINDOWS\DirectX.log
2015-03-04 11:50 - 2015-01-09 09:13 - 00000000 ____D () C:\Program Files (x86)\Eidos
2015-03-04 10:06 - 2015-01-16 08:58 - 00000000 ____D () C:\Users\Dmath1n\AppData\Roaming\DSDCS
2015-02-25 09:24 - 2015-01-16 09:13 - 00000000 ____D () C:\ProgramData\DSDCS
2015-02-19 05:08 - 2014-12-26 14:36 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-02-19 05:08 - 2014-12-26 14:36 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-19 05:08 - 2014-12-26 14:36 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-19 05:08 - 2013-04-03 20:17 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-17 13:00 - 2015-01-07 09:26 - 00000000 ____D () C:\Program Files (x86)\Tomb Raider - Anniversary
2015-02-17 12:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
Some content of TEMP:
====================
C:\Users\Dmath1n\AppData\Local\Temp\CH.dll
C:\Users\Dmath1n\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dmath1n\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Dmath1n\AppData\Local\Temp\jre-8u31-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-17 08:30
==================== End Of Log ============================
Additional text log file
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Guest at 2015-03-17 10:57:13
Running from C:\Users\Guest\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.3.8518 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Bitnami phpBB Module (HKLM-x32\...\Bitnami phpBB Module 3.0.12-3) (Version: 3.0.12-3 - Bitnami)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.3003 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4016 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3007 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3324 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.3.0.0254 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.28 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ffdshow v1.3.4504 [2013-03-12] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4504.0 - )
ffvfw (uninstall only) (HKLM-x32\...\ffvfw) (Version: - )
File Splitter and Joiner (FFSJ v3.3) (HKLM-x32\...\File Splitter and Joiner_is1) (Version: - Le Minh Hoang)
FlashDevelop (HKLM-x32\...\FlashDevelop) (Version: 4.6.4 - FlashDevelop.org)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth PRO 7.1.2.2019 Final (HKLM-x32\...\Google Earth PRO 7.1.2.2019 Final7.1.2.2019) (Version: 7.1.2.2019 - Friends in War)
Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
Grim's Ping (HKLM-x32\...\ST6UNST #2) (Version: - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Half-Life 2 (HKLM-x32\...\Half-Life 2_is1) (Version: 2013.09.14 - Valve Corporation)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
InputMapper (HKLM-x32\...\{2EF39E81-9525-40FB-90C4-CE2AF318FF3F}) (Version: 1.5.24.0 - DSDCS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LeechFTP (HKLM-x32\...\LeechFTP) (Version: - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - http://www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
NVIDIA 3D Vision Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OFx Q3 Version Switch v2.05 (HKLM-x32\...\ST6UNST #1) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.1.0 - PowerUp Software)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Quake III Arena (HKLM-x32\...\Quake III Arena) (Version: - )
Quake III Arena Point Release 1.32 (HKLM-x32\...\Quake III Arena Point Release 1.32) (Version: - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version: - )
Unreal Development Kit: 2012-10 (HKLM\...\UDK-94f9ecb0-6f19-43ec-a523-3931cd5ae22e) (Version: - Epic Games, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Converter with FFmpeg (HKLM-x32\...\Video Converter with FFmpeg) (Version: - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D8}) (Version: 17.0.10381 - WinZip Computing, S.L. )
XAMPP 1.8.0 (HKLM-x32\...\xampp) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list restore points.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2014-11-24 13:27 - 00001231 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {20F5A1C2-6864-4133-A647-ED1CAD190D18} - System32\Tasks\{4803EB7A-2A9F-4BEA-A6A3-9550AB98DEA6} => pcalua.exe -a H:\setup.exe -d H:\
Task: {29AF0E45-ED7B-439B-82B1-D2A63E2E4894} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {3F171958-E853-49D3-938B-436FD6E7E261} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {444158B8-3DDD-407D-967C-DC2431A68233} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {48B6B1E3-22B8-47D0-8579-7D4738A8D5E7} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe
Task: {6AEC8FE7-F707-417B-BDB9-FD29304F8933} - System32\Tasks\{83348C49-9097-43DB-A33F-AA003718F801} => pcalua.exe -a "C:\Users\Dmath1n\Documents\personal\MY FILES\Manuals\TAXES\Personal\Personal docs\Banking\Bank\backup of all files\Program Files\Common Files\Logishrd\Bluetooth\BtDfuMWizard.exe" -d "C:\Users\Dmath1n\Documents\personal\MY FILES\Manuals\TAXES\Personal\Personal docs\Banking\Bank\backup of all files\Program Files\Common Files\Logishrd\Bluetooth"
Task: {6B8884CA-95DA-4016-A73B-CA290AC42E62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8D0899AD-C839-436C-93E7-31098EB0128F} - System32\Tasks\{B9A2138D-D8E9-4A24-85CF-A0EEF339A76C} => pcalua.exe -a "C:\Program Files\7-Zip\7zFM.exe" -d "H:\FILES\Appz\Windows Usefull Apps" -c "H:\FILES\Appz\Windows Usefull Apps\VBB+Arcade+many-hacks.rar"
Task: {97524FB6-2336-422D-97EA-50C11ACB8803} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {9F0AA3F9-10F2-4320-8CD0-09ED24852499} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-01] (AVAST Software)
Task: {A0A27B34-0946-4031-BF3F-38DFC3EE57BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {BBCB99A7-B779-4120-ACC1-F888B16B9625} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {E66EB46E-D663-4EBE-8C0A-97A55D88F91F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {E9ABEE67-E620-4BE9-9775-ED8B2380BF80} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {FE6BD7D6-E95A-4518-A128-5CD675FD4610} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2013-01-10 16:30 - 2013-01-10 16:30 - 00022528 _____ () C:\WINDOWS\system32\BsTrace.dll
2013-01-10 16:35 - 2013-01-10 16:35 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2015-03-17 07:54 - 2015-03-17 07:54 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031700\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-10 16:30 - 2013-01-10 16:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2003-10-28 12:44 - 2003-10-28 12:44 - 01613824 _____ () C:\Program Files (x86)\ffvfw\libavcodec.dll
2003-10-28 13:15 - 2003-10-28 13:15 - 00180224 _____ () C:\Program Files (x86)\ffvfw\ff_mpeg2enc.dll
2003-10-28 13:07 - 2003-10-28 13:07 - 00024576 _____ () C:\Program Files (x86)\ffvfw\ff_wmv9.dll
2013-03-22 13:06 - 2013-03-22 13:06 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 13:53 - 2011-07-05 13:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-01-10 16:35 - 2013-01-10 16:35 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2015-03-13 22:32 - 2015-03-13 22:32 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-28 17:37 - 2014-01-28 17:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Dmath1n\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Guest\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\sheil_000\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4119854215-1993708495-3817598737-501\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "WSHelperSetup.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-4119854215-1993708495-3817598737-500 - Administrator - Disabled)
Dmath1n (S-1-5-21-4119854215-1993708495-3817598737-1001 - Administrator - Enabled) => C:\Users\Dmath1n
Guest (S-1-5-21-4119854215-1993708495-3817598737-501 - Administrator - Enabled) => C:\Users\Guest
sheil_000 (S-1-5-21-4119854215-1993708495-3817598737-1007 - Administrator - Enabled) => C:\Users\sheil_000
UpdatusUser (S-1-5-21-4119854215-1993708495-3817598737-1006 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 14%
Total physical RAM: 12227.25 MB
Available physical RAM: 10481.59 MB
Total Pagefile: 42227.25 MB
Available Pagefile: 40695.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1841.98 GB) (Free:1543.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.21 GB) (Free:2.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (OLD WIN) (Fixed) (Total:74.52 GB) (Free:74.31 GB) NTFS
Drive g: () (Fixed) (Total:74.52 GB) (Free:72.87 GB) NTFS
Drive h: (UUI) (Removable) (Total:1.97 GB) (Free:0.6 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 082EA85B)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: 0B28E920)
Partition 2: (Not Active) - (Size=74.5 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or (Size: 74.5 GB) (Disk ID: D8F4D8F4)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 2 GB) (Disk ID: E9E4AC46)
Partition 1: (Active) - (Size=2 GB) - (Type=0C)
==================== End Of Log ============================