Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

"Could not connect to the Group Policy Client service"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

"Could not connect to the Group Policy Client service"

Unread postby tentakool » November 22nd, 2014, 6:29 am

Hi. Someone here helped me with a previous thread for my mother's laptop (thank you), but now it is my laptop is the one acting up.

Main concern I have is when I first load up the desktop I get a bubble from the tray that reads:
"Windows could not connect to the Group Policy Client service. This problem prevents standard users from signing in.
As an administrative user, you can review the system event log for details about why the service didn't respond"

Other problems/notes:
    Occasional slowdowns and internet slowness,
    Google Chrome slow to load or refuses to load,
    Had Soluto installed, but it seemed to stop working, so uninstalled it,
    I ran the tool twice and deleted the first set of text files, because I still had uTorrent installed. Hope that didn't affect the results.

FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-11-2014
Ran by Matt (administrator) on MATT-LAPTOP on 22-11-2014 09:42:14
Running from D:\Users\Matt\Downloads
Loaded Profile: Matt (Available profiles: Matt)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\Config\run\Service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
(Simplex Solutions Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Flux Software LLC) C:\Users\Matt\AppData\Local\FluxSoftware\Flux\flux.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(Simplex Solutions Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
(Fujitsu America, Inc.) C:\Program Files\Fujitsu\Utils\fjmnuico.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(HexaD) C:\Program Files\Duplicati\Duplicati.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(The OpenVPN Project) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [22360 2012-02-07] (Fujitsu America, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [101728 2013-12-11] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [TRUUpdater] => C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe [329104 2012-06-24] (Sierra Wireless, Inc.)
HKLM-x32\...\Run: [WatcherHelper] => C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe [140688 2012-06-15] (Sierra Wireless Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [FJ Camera_Monitor] => C:\Program Files (x86)\FJ Camera\monitor_Metro.exe [1724280 2013-10-23] (SunplusIT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-20] (AVAST Software)
HKLM-x32\...\Run: [Privatefirewall] => C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe [3048480 2013-12-17] (Privacyware/PWI, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\Run: [EPSON Stylus DX4400] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\Run: [f.lux] => C:\Users\Matt\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\Run: [EPSON Stylus DX4400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\Run: [VPN Unlimited] => C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe [2373632 2014-10-14] (Simplex Solutions Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD)
Startup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1863935396-269430365-1514907108-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://fujitsu13.msn.com
SearchScopes: HKLM -> DefaultScope {6F3B7780-136D-49AB-B1B9-B623FAE82074} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM -> {6F3B7780-136D-49AB-B1B9-B623FAE82074} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 -> DefaultScope {6F3B7780-136D-49AB-B1B9-B623FAE82074} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 -> {6F3B7780-136D-49AB-B1B9-B623FAE82074} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKU\S-1-5-21-1863935396-269430365-1514907108-1001 -> {6F3B7780-136D-49AB-B1B9-B623FAE82074} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 109.73.77.18 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1863935396-269430365-1514907108-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\a-i---google-books.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\mdn-javascript.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\oni-andy.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\oni.undefined.undefined
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\oni.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\phaser---html5-game-devs-forum.undefined.undefined
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\phaser---html5-game-devs-forum.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\rotten-tomatoes.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\startpage-search-engine.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\the-free-dictionary.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\thesauruscom.xml
FF SearchPlugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\searchplugins\wolframalpha.xml
FF Extension: British English Dictionary (Updated) - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\en-gb@flyingtophat.co.uk [2013-10-26]
FF Extension: JetBrains Firefox extension - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\firefox-connector@jetbrains.com [2014-11-04]
FF Extension: No Name - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\trash [2014-11-20]
FF Extension: Add to Search Bar - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2013-12-18]
FF Extension: Ghostery - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\firefox@ghostery.com.xpi [2013-10-11]
FF Extension: Google search link fix - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2014-11-16]
FF Extension: NoScript - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-19]
FF Extension: User Agent Switcher - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\w4kqwxeg.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-26]

Chrome:
=======
CHR Profile: C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-18]
CHR Extension: (YouTube) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google Search) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Ripple Emulator (Beta)) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geelfhphabnejjhdalkjhgipohgpdnoc [2014-03-27]
CHR Extension: (JetBrains IDE Support) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmhgeddbohgjknpmjagkdomcpobmllji [2014-07-30]
CHR Extension: (DownFlickr - Flickr Downloader) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idiemcijhbenngdhkdiipmpkafnkbkeg [2014-07-29]
CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Gmail) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-05] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 FjStaUpd; C:\Program Files\Fujitsu\Utils\Config\Run\Service.exe [13824 2012-07-31] (Fujitsu America, Inc.) [File not signed]
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [80752 2012-07-18] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 PFNet; C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-12-17] (Privacyware/PWI, Inc.)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2012-07-11] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608 2012-08-07] (FUJITSU LIMITED)
R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2014-07-28] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [File not signed]
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2014-07-28] () [File not signed]
R2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [331152 2012-09-06] (Sierra Wireless, Inc.)
R2 SwiService; C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe [198032 2012-10-18] (Sierra Wireless, Inc.)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [42496 2014-10-14] (Simplex Solutions Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTabletServiceISD; C:\Program Files\Tablet\ISD\WTabletServiceISD.exe [603928 2014-07-10] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20176 2013-08-09] (FUJITSU LIMITED)
R3 FjBtnDrv; C:\Windows\System32\drivers\FjBtnDrv.sys [25088 2013-07-10] (Fujitsu America, Inc.)
R0 FJGSDis2; C:\Windows\System32\DRIVERS\FJGSDis2.sys [17816 2013-02-28] (FUJITSU LIMITED)
R5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-03] (Microsoft Corporation)
S3 FscEfDmi; C:\Windows\System32\drivers\FscEfDmi.sys [25416 2012-10-31] (Fujitsu Technology Solutions)
S3 FscGabi; C:\Windows\System32\drivers\FscGabi.sys [29512 2012-10-31] (Fujitsu Technology Solutions)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [15696 2013-08-12] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [21200 2013-08-12] (FUJITSU LIMITED)
R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [94392 2013-07-16] (O2Micro)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344864 2013-09-23] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1510392 2013-10-22] (Sunplus)
R3 swg3kmbb00; C:\Windows\system32\DRIVERS\swg3kmbb00.sys [477560 2012-10-18] (Sierra Wireless Incorporated)
R3 swg3kser00; C:\Windows\system32\DRIVERS\swg3kser00.sys [269560 2012-10-18] (Sierra Wireless Incorporated)
S3 swg3kser03; C:\Windows\System32\drivers\swg3kser03.sys [269560 2012-10-18] (Sierra Wireless Incorporated)
S3 TrufosAlt; C:\Windows\System32\DRIVERS\TrufosAlt.sys [390776 2013-12-01] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 vdbus; \SystemRoot\System32\drivers\vdbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 09:21 - 2014-11-22 09:21 - 00006062 _____ () C:\Users\Matt\AppData\Local\recently-used.xbel
2014-11-22 08:16 - 2014-11-22 09:42 - 00000000 ____D () C:\FRST
2014-11-21 16:24 - 2014-11-21 16:24 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-21 16:24 - 2014-11-21 16:24 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-14 18:47 - 2014-11-14 18:47 - 00000000 __SHD () C:\Users\Matt\AppData\Local\EmieBrowserModeList
2014-11-14 15:44 - 2014-11-14 15:47 - 00000000 ____D () C:\Users\Matt\dwhelper
2014-11-14 15:43 - 2014-11-14 15:43 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-11-12 10:53 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 10:53 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 10:53 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 10:53 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 10:53 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 10:53 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 10:53 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 10:53 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 10:52 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 10:52 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 10:52 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 10:52 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 10:52 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 10:52 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 10:52 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 09:17 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 09:17 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 09:17 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 09:17 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 09:17 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 09:17 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 09:17 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 09:17 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 09:17 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 09:17 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 09:16 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 09:16 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 09:16 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 09:16 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 09:16 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 09:16 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 09:16 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 09:16 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 09:16 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 09:15 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 09:14 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 09:14 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 09:14 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 09:14 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 09:14 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 09:14 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 09:14 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 09:14 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 09:14 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 09:14 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 09:14 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 09:14 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 09:14 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 09:14 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 09:14 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 09:14 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 09:14 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 09:14 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 09:14 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 09:14 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 09:14 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 09:14 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 09:14 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 09:14 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 09:14 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 09:14 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 09:14 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 09:14 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 09:14 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 09:14 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 09:14 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 09:13 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 09:13 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 09:13 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 09:13 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 09:13 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 09:13 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 09:13 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 09:13 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 09:13 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 09:13 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 09:13 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 09:13 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 09:13 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 09:13 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 09:13 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 09:13 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 09:13 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 09:13 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:13 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 09:13 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 09:13 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 09:13 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 09:13 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 09:13 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 09:13 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 09:13 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 09:13 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 09:13 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 09:13 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 09:13 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 09:13 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 09:13 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 09:13 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 09:13 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 09:13 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 09:13 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 09:13 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 09:13 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 09:13 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 09:13 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 09:13 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 09:13 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 09:13 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 09:13 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 09:13 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 09:13 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 09:13 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:13 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 09:13 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 09:13 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 09:13 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 09:13 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 09:13 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 09:13 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 09:13 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 09:13 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 09:13 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 09:13 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 09:13 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 09:12 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 09:12 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 09:12 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 09:12 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 09:12 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 09:12 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 09:12 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 09:12 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 09:12 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 09:12 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 09:12 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 09:12 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 09:12 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 09:12 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 09:12 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 09:12 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 09:12 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 09:12 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 09:12 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 09:12 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 09:12 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 09:12 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 09:12 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 09:12 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 09:12 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 09:12 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 09:12 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 09:12 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 09:12 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 09:12 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 09:12 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 09:12 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 09:12 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 09:12 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 09:11 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 09:11 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 09:11 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 09:11 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 09:11 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 09:11 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 09:11 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 09:11 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 09:11 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 09:11 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 09:11 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 09:11 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 09:11 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 09:11 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 09:11 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 09:11 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 09:11 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 09:11 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 09:11 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 09:11 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 09:11 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 09:11 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 09:11 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 09:11 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 09:11 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-11 20:07 - 2013-09-02 07:58 - 00175528 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-11-11 11:15 - 2014-11-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 08:02 - 2014-11-05 08:02 - 00000830 _____ () C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Projects & Work.lnk
2014-11-04 13:54 - 2014-11-04 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-04 13:53 - 2014-11-14 11:58 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 13:53 - 2014-11-14 11:20 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 08:00 - 2014-10-24 08:00 - 00000000 _____ () C:\WINDOWS\Minidump\102414-28109-01.dmp
2014-10-23 15:31 - 2014-10-28 18:24 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-10-23 15:31 - 2014-10-23 21:30 - 00000041 ___SH () C:\ProgramData\.zreglib
2014-10-23 14:55 - 2014-11-14 15:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-23 14:54 - 2014-11-04 13:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 14:54 - 2014-10-24 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-23 14:54 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-23 14:54 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-23 14:54 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-23 09:20 - 2014-10-23 09:20 - 00000000 ____D () C:\Users\Matt\AppData\Local\Intel_Corporation

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 09:41 - 2013-11-14 12:43 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-22 09:38 - 2013-09-16 16:53 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\vlc
2014-11-22 09:35 - 2013-04-05 10:32 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1863935396-269430365-1514907108-1001
2014-11-22 09:30 - 2013-06-12 07:10 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\uTorrent
2014-11-22 09:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-22 08:03 - 2014-02-13 22:06 - 01164055 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-21 16:24 - 2014-04-26 13:15 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-21 16:24 - 2014-02-26 19:13 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-11-21 16:24 - 2014-02-26 19:12 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-21 16:24 - 2014-02-26 19:12 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-21 12:47 - 2014-01-11 12:51 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\KeePass
2014-11-18 21:44 - 2014-03-02 18:45 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-11-18 20:57 - 2014-03-02 18:45 - 00000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-11-18 20:57 - 2014-03-02 18:42 - 00000000 ____D () C:\ProgramData\Soluto
2014-11-17 11:23 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-16 09:39 - 2013-09-08 12:35 - 00000000 ____D () C:\Users\Matt\.gimp-2.8
2014-11-16 09:36 - 2014-02-13 21:52 - 00000000 ____D () C:\Users\Matt
2014-11-16 09:34 - 2013-09-09 09:53 - 00000000 ____D () C:\Users\Matt\AppData\Local\gtk-2.0
2014-11-14 15:47 - 2014-10-15 18:51 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\xVideoServiceThief
2014-11-14 11:58 - 2013-06-01 08:55 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-14 11:19 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-14 11:18 - 2013-11-14 04:34 - 00372860 _____ () C:\WINDOWS\PFRO.log
2014-11-13 08:18 - 2013-08-22 14:44 - 00608464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-13 08:17 - 2014-02-14 12:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 21:10 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-12 21:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-12 16:41 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-12 16:40 - 2013-05-08 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 19:59 - 2013-06-01 08:55 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-11 16:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-06 19:40 - 2013-08-22 14:46 - 00311241 _____ () C:\WINDOWS\setupact.log
2014-11-05 13:49 - 2013-05-08 14:04 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\FileZilla
2014-11-04 13:54 - 2013-04-09 09:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 13:53 - 2013-04-09 09:36 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-04 13:53 - 2013-04-09 09:36 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-30 14:24 - 2014-02-15 16:50 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Apple Computer
2014-10-30 00:55 - 2013-08-22 15:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-30 00:55 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-29 16:35 - 2013-05-08 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-10-29 16:35 - 2013-05-08 14:03 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-10-28 18:30 - 2014-10-13 19:11 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\Duplicati
2014-10-24 12:06 - 2014-09-16 10:48 - 00000082 _____ () C:\WINDOWS\SysWOW64\winsevr.dat
2014-10-24 11:58 - 2014-09-22 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2014-10-24 08:00 - 2014-04-28 07:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-24 08:00 - 2013-11-30 08:33 - 646139015 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-23 15:25 - 2014-10-22 15:42 - 00047104 _____ () C:\WINDOWS\SysWOW64\KMVIDC32.DLL

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-14 12:07

==================== End Of Log ============================


:flower: Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-11-2014
Ran by Matt at 2014-11-22 09:43:25
Running from D:\Users\Matt\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Privatefirewall (Disabled) {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{F888B1E9-64E3-479D-91DB-2D9193C39535}) (Version: 3.4.1.1013 - AuthenTec, Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1930 - CyberLink Corp.)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)
Duplicati (x64) (HKLM\...\{77BA8977-0BA6-4A83-A741-1DFAD23A6B23}) (Version: 1.3.4 - HexaD)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\Flux) (Version: - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Finger Zoom (HKLM-x32\...\InstallShield_{2499A33F-8875-4269-A16A-54F744DCDE52}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Finger Zoom (x32 Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.9.19 - SunplusIT)
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.1.0 - FUJITSU LIMITED)
Fujitsu BIOS Driver (Version: 1.1.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{0987D640-F480-42C0-9258-4176C12A58AB}) (Version: 8.01.10.100 - FUJITSU LIMITED)
Fujitsu Display Manager (Version: 8.01.10.100 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.5.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.5.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Manager (HKLM\...\{B0DCAAED-C1FB-42C1-9F3C-F8C49BACC372}) (Version: 8.00.0814.2012 - Fujitsu America, Inc.)
FujitsuShockSensorUtility (HKLM-x32\...\InstallShield_{EAD3A239-5029-4067-9071-47763DC249DD}) (Version: V7.01.02.001 - FUJITSU LIMITED)
FujitsuShockSensorUtility (Version: 7.01.00.001 - FUJITSU LIMITED) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Gpick 0.2.5 (HKLM-x32\...\{BF28C631-4EDF-48F1-B358-2D6D1D2C46D0}) (Version: 0.2.5 - Albertas Vyšniauskas)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.4.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
JetBrains WebStorm 8.0.4 (HKLM-x32\...\WebStorm 8.0.4) (Version: 135.1063 - JetBrains s.r.o.)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPaint 1.0.0 (HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\MyPaint) (Version: 1.0.0 - Martin Renold & MyPaint Development Team)
O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{FF9B34D5-DD56-44A9-9EA1-4F143C2865DE}) (Version: 2.1.4.225GS - O2Micro)
O2Micro OZ776 SCR Driver (Version: 2.1.4.225GS - O2Micro) Hidden
Photo & Graphic Designer 2013 Update (Version: 8.1.4.30831 - Xara Group Ltd) Hidden
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 7.0.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 7.0.001 - FUJITSU LIMITED) Hidden
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{CB0EA768-62F2-450E-88BC-74182237F564}) (Version: 43.0.0.0 (00.002) - FUJITSU LIMITED)
Power Saving Utility (HKLM-x32\...\InstallShield_{E50AF275-8A41-4FCF-847B-D6E60018F388}) (Version: 43.0.0.0 - FUJITSU LIMITED)
Power Saving Utility (Version: 33.01.00.000 - FUJITSU LIMITED) Hidden
Power Saving Utility (Version: 43.0.0.0 - FUJITSU LIMITED) Hidden
Privatefirewall 7.0 (HKLM-x32\...\{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}) (Version: 7.0.30.3 - PWI, Inc.)
Reader for PC (HKLM-x32\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6714 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Serif DrawPlus X5 (HKLM-x32\...\{2C10B17E-2043-4E7F-9021-A5B65CC4D387}) (Version: 12.0.4.027 - Serif (Europe) Ltd)
Shock Sensor Driver (HKLM-x32\...\InstallShield_{7ABCD56B-9C61-40FA-AB93-A8C3E2812074}) (Version: 2.01.00.000 - FUJITSU LIMITED)
Shock Sensor Driver (Version: 2.01.00.000 - FUJITSU LIMITED) Hidden
Sierra Wireless AirCard Watcher (HKLM-x32\...\{0FD905EE-F65C-4D63-8922-B6AE0309899F}) (Version: 6.0.3560.6607 - Sierra Wireless Inc.)
Sierra Wireless QMI Fujitsu Driver Package (HKLM-x32\...\SWIFujitsuDrvInstaller) (Version: 2.8.1210.1 - Sierra Wireless Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unity Web Player (HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPN Unlimited version 2.4 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 2.4 - Simplex Solutions Inc.)
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.2.0-10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (07/10/2013 5.1.0710.2013) (HKLM\...\A7864690EA851DC996C445E83C2F60DF60F62D30) (Version: 07/10/2013 5.1.0710.2013 - Fujitsu America, Inc.)
Windows Driver Package - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/01/2012 5.0.0801.2012) (HKLM\...\E6016825DCDFF59998FEFA0187F6835A281AF87F) (Version: 08/01/2012 5.0.0801.2012 - Fujitsu America, Inc.)
Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System (06/26/2013 1.23) (HKLM\...\068FEFD9ECB0E04D17792AACEDA1D0A43CD7F82C) (Version: 06/26/2013 1.23 - FUJITSU LIMITED)
Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0) (HKLM\...\39B67640DB636F6D78D660BE574C0C5DC39D08CF) (Version: 07/02/2013 1.30.1.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.1.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version: - )
Xara Photo & Graphic Designer 2013 (HKLM-x32\...\MAGIX_{DE722F40-8074-4D82-9DA7-45FB47A3B3C3}) (Version: 8.1.3.23942 - Xara Group Ltd)
Xara Photo & Graphic Designer 2013 (Version: 8.1.3.23942 - Xara Group Ltd) Hidden
xVideoServiceThief (HKLM-x32\...\{64A2A800-1992-4933-87A0-EB05F95A67E0}) (Version: 2.5.1 - Xesc & Technology)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

18-11-2014 20:55:50 Removed Soluto
21-11-2014 16:22:53 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 05:26 - 2014-02-14 19:44 - 00000878 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1BBD22E5-09FE-4B86-94BC-C0B189EF8667} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {1FDD9E7D-C5B9-4F4F-AC1D-3EA8CCF2C4F0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-21] (AVAST Software)
Task: {2E176B61-E168-4EE9-80C3-F5076ADDAF2C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-11] (Adobe Systems Incorporated)
Task: {5696A149-0B1E-4E95-8B07-5E01E6E964B4} - System32\Tasks\Fujitsu\SSUTY\FJSSDaemon => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [2012-09-06] (FUJITSU LIMITED)
Task: {57A6E784-5D12-4680-9BFA-9F4D371B27D9} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {677EF8A1-218D-4892-8103-01493A690478} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2013-08-19] (FUJITSU LIMITED)
Task: {7F66AA4A-B712-4921-AE30-716496C78134} - System32\Tasks\Fujitsu\PointingDeviceUtility\StartTabletAutoMode => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {88323B91-45D4-4110-8A1B-47BF8FAFAF0C} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2013-12-11] (Fujitsu Technology Solutions)
Task: {97FDE5A5-F0F5-423F-8924-EF552BF8253F} - System32\Tasks\Fujitsu\PointingDeviceUtility\OnLidSwitch => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {A112799A-0455-4CCA-9751-9F5ECF3441C2} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-04] (FUJITSU LIMITED)
Task: {A7F9585A-9075-4EA0-9EF4-9A8281099BE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {AEB51FE4-C1B5-484D-BE54-6A7EA9A7106F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {B00418E2-8720-42EA-9385-506A4D4A8581} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {B93A131D-DEB7-4F54-8764-F301BBF015F2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C6B70131-C2E9-442C-9AE1-6CA1D2696E27} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {DCE7B2FA-CC72-47CF-BED5-CDFDD9E0A38C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {F869F5D7-44C0-40CF-8C85-056B970BDF60} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FE0ABDE3-8B58-4E10-83AE-247CB1EB6184} - System32\Tasks\Fujitsu\FDM8\FDMDaemon => C:\Program Files\Fujitsu\FDM8\FdmDaemon.exe [2012-06-28] (FUJITSU LIMITED)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-25 14:20 - 2013-09-25 14:20 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-05-01 19:29 - 2014-05-01 19:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-09-27 14:18 - 2014-07-10 20:37 - 01356568 _____ () C:\Program Files\Tablet\ISD\libxml2.dll
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-21 19:41 - 2012-05-21 19:41 - 00131072 _____ () C:\Program Files\Duplicati\LightDatamodel.dll
2012-05-21 19:41 - 2012-05-21 19:41 - 00931840 _____ () C:\Program Files\Duplicati\SQLite\win64\System.Data.SQLite.dll
2013-08-22 07:19 - 2013-08-22 06:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2014-07-05 11:04 - 2014-07-05 11:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-14 11:20 - 2014-11-14 11:20 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111301\algo.dll
2014-11-21 16:22 - 2014-11-21 16:22 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14112100\algo.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-01 12:12 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-01 12:12 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-01 12:12 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-01 12:12 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-01 12:12 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-10-07 08:41 - 2014-10-14 15:38 - 00096768 _____ () C:\Program Files (x86)\VPN Unlimited\enc.dll
2014-07-05 11:04 - 2014-07-05 11:04 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-02-28 11:58 - 2012-07-18 02:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-10-07 08:41 - 2014-10-14 15:38 - 00632320 _____ () C:\Program Files (x86)\VPN Unlimited\rpc_lib.dll
2014-10-07 08:41 - 2014-10-14 15:38 - 00530432 _____ () C:\Program Files (x86)\VPN Unlimited\open_vpn_wrapper_lib.dll
2014-10-07 08:41 - 2014-10-10 10:23 - 00035328 _____ () C:\Program Files (x86)\VPN Unlimited\qtkeychain.dll
2012-06-24 18:37 - 2012-06-24 18:37 - 00251280 _____ () C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll
2014-10-07 08:41 - 2014-10-10 10:23 - 00161992 _____ () C:\Program Files (x86)\VPN Unlimited\liblzo2-2.dll
2014-10-07 08:41 - 2014-10-10 10:23 - 00112776 _____ () C:\Program Files (x86)\VPN Unlimited\libpkcs11-helper-1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:E802D8402885BAF8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Reader Application Helper"
HKU\S-1-5-21-1863935396-269430365-1514907108-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Screen Clipper and Launcher.lnk"

========================= Accounts: ==========================

Administrator (S-1-5-21-1863935396-269430365-1514907108-500 - Administrator - Disabled)
Guest (S-1-5-21-1863935396-269430365-1514907108-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1863935396-269430365-1514907108-1045 - Limited - Enabled)
Matt (S-1-5-21-1863935396-269430365-1514907108-1001 - Administrator - Enabled) => C:\Users\Matt

==================== Faulty Device Manager Devices =============

Name: FJ Camera
Description: FJ Camera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Chicony
Service: SPUVCbv
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/22/2014 08:01:40 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (11/21/2014 04:23:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Presentation Foundation Font Cache 3.0.0.0 since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/21/2014 07:51:37 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (11/18/2014 09:35:02 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (11/18/2014 09:33:05 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (11/17/2014 10:16:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x0000000000038299
Faulting process ID: 0x598
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report ID: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5

Error: (11/17/2014 08:58:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (11/16/2014 08:02:44 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (11/14/2014 06:45:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 33.1.0.5423 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9a0

Start Time: 01d0003a554c57e8

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 6f196373-6c2e-11e4-befb-00a0c6000003

Faulting package full name:

Faulting package-relative application ID:

Error: (11/14/2014 04:44:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2228

Start Time: 01d00028c0afdc51

Termination Time: 17

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: 6ce6b8ec-6c1d-11e4-befb-00a0c6000003

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (11/22/2014 09:42:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-03-19 11:10:35.410
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-19 11:07:33.079
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-19 09:05:39.013
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-19 08:59:40.824
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-19 08:38:10.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-19 08:38:04.029
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-19 08:36:08.181
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-18 18:33:20.592
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-18 15:13:32.186
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-18 13:44:44.688
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3340M CPU @ 2.70GHz
Percentage of memory in use: 40%
Total physical RAM: 3940.47 MB
Available physical RAM: 2352.72 MB
Total Pagefile: 6238.29 MB
Available Pagefile: 4319.17 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:75 GB) (Free:28.98 GB) NTFS
Drive d: () (Fixed) (Total:373.63 GB) (Free:363.59 GB) NTFS
Drive g: (WA) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 15BCCD23)

Partition: GPT Partition Type.

==================== End Of Log ============================
tentakool
Active Member
 
Posts: 12
Joined: December 2nd, 2013, 7:13 am
Advertisement
Register to Remove

Re: "Could not connect to the Group Policy Client service"

Unread postby tentakool » November 23rd, 2014, 7:42 am

I don't think I will be able to use any help regarding the first logs, but can't edit the post anymore. I think I am going to have to reset my Windows installation.

I just had a problem starting my computer up; kept getting a black screen. When I finally got back on now my tablet stylus is no longer recognised and is throwing up another error regarding that. I really need the stylus, so might even reset before anyone responds to this (Hopefully nothing drastic happens!)

My only question would be, do you think it would be worth going through a full check up after a reset? Thanks.
tentakool
Active Member
 
Posts: 12
Joined: December 2nd, 2013, 7:13 am

Re: "Could not connect to the Group Policy Client service"

Unread postby Cypher » November 23rd, 2014, 8:27 am

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 139 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware