Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01
Ran by Shane (administrator) on CHEZKNEE on 10-10-2014 16:27:12
Running from C:\Users\Shane\InstallImages
Loaded Profiles: Shane &  (Available profiles: Shane)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Orange) C:\Program Files\Orange\MailNotifier\MailNotifier.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Shane\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(OldTimer Tools) C:\Users\Shane\InstallImages\OTL.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-31] (Google)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [296056 2012-05-31] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [stv_fr_10] => [X]
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [217088 2009-02-27] (Alps Electric Co., Ltd.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0ANAAwAD (the data entry has 546 more characters).
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [orangeinside] => C:\Users\Shane\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [MailNotifier] => C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744 2013-08-30] (Orange)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Run: [GoogleChromeAutoLaunch_D543540C5E044F6C6F7A8F3CC51D5B49] => C:\Program Files\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\MountPoints2: {1dc7ff5b-9f90-11e3-ae0c-0026b9b1def1} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\MountPoints2: {473a9619-9079-11e2-933d-0026b9b1def1} - E:\Startme.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000\...\MountPoints2: {664306a4-5acd-11e2-9752-0026b9b1def1} - E:\Startme.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [orangeinside] => C:\Users\Shane\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MailNotifier] => C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744 2013-08-30] (Orange)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_D543540C5E044F6C6F7A8F3CC51D5B49] => C:\Program Files\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1dc7ff5b-9f90-11e3-ae0c-0026b9b1def1} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {473a9619-9079-11e2-933d-0026b9b1def1} - E:\Startme.exe
HKU\S-1-5-21-1926986339-2190527163-89846441-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {664306a4-5acd-11e2-9752-0026b9b1def1} - E:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RIM.lnk
ShortcutTarget: RIM.lnk -> C:\Program Files\Orange\RIM\fscommand\RIM.exe (WebToGo Mobiles Internet GmbH)
Startup: C:\Users\Shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Shane\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
ShortcutTarget: Picture Motion Browser Media Check Tool.lnk -> C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ie
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {D3028143-6145-4318-99D3-3EDCE54A95A9} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-31]
FF HKLM\...\Firefox\Extensions: [500057b036edd@500057b036f17.info] - C:\Users\Shane\AppData\Roaming\Mozilla\Firefox\Profiles\smfjul7v.default\extensions\500057b036edd@500057b036f17.info

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.ie/
CHR StartupUrls: Default -> "hxxp://www.google.ie/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Google Wallet) - C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-10]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-31]
CHR HKLM\...\Chrome\Extension: [lliglohbcgcifpajmdeglggkpaielojg] - C:\ProgramData\ADDICT-THING\lliglohbcgcifpajmdeglggkpaielojg.crx [2012-05-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-31] (Google)
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [729608 2014-09-15] (Orange SA)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-11-24] (Sony Corporation) [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-01-06] (Sony Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [58528 2009-05-22] (O2Micro )
S3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdg.sys [41504 2009-05-07] (O2Micro )
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [182680 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S1 aeobeafj; \??\C:\Windows\system32\drivers\aeobeafj.sys [X]
S1 aeppmcao; \??\C:\Windows\system32\drivers\aeppmcao.sys [X]
S1 alundsxw; \??\C:\Windows\system32\drivers\alundsxw.sys [X]
S1 arsrmixl; \??\C:\Windows\system32\drivers\arsrmixl.sys [X]
S1 avxemicn; \??\C:\Windows\system32\drivers\avxemicn.sys [X]
S1 bgqjilmj; \??\C:\Windows\system32\drivers\bgqjilmj.sys [X]
S1 bkmcpxtb; \??\C:\Windows\system32\drivers\bkmcpxtb.sys [X]
S1 bnoxunta; \??\C:\Windows\system32\drivers\bnoxunta.sys [X]
S1 bprjqfhh; \??\C:\Windows\system32\drivers\bprjqfhh.sys [X]
S1 btglhnyh; \??\C:\Windows\system32\drivers\btglhnyh.sys [X]
S1 bulrwtqq; \??\C:\Windows\system32\drivers\bulrwtqq.sys [X]
S1 bunydzxa; \??\C:\Windows\system32\drivers\bunydzxa.sys [X]
S1 bzdqydoa; \??\C:\Windows\system32\drivers\bzdqydoa.sys [X]
S1 cjmkqprt; \??\C:\Windows\system32\drivers\cjmkqprt.sys [X]
S1 ckumkekb; \??\C:\Windows\system32\drivers\ckumkekb.sys [X]
S1 cpwsiiac; \??\C:\Windows\system32\drivers\cpwsiiac.sys [X]
S1 cwdkhbdq; \??\C:\Windows\system32\drivers\cwdkhbdq.sys [X]
S1 dclldsej; \??\C:\Windows\system32\drivers\dclldsej.sys [X]
S1 detoolee; \??\C:\Windows\system32\drivers\detoolee.sys [X]
S1 dpaetasm; \??\C:\Windows\system32\drivers\dpaetasm.sys [X]
S1 ebjtqgnf; \??\C:\Windows\system32\drivers\ebjtqgnf.sys [X]
S1 eevovonw; \??\C:\Windows\system32\drivers\eevovonw.sys [X]
S1 ehkxevho; \??\C:\Windows\system32\drivers\ehkxevho.sys [X]
S1 endbunal; \??\C:\Windows\system32\drivers\endbunal.sys [X]
S1 eqiaayfd; \??\C:\Windows\system32\drivers\eqiaayfd.sys [X]
S1 eqmbmarj; \??\C:\Windows\system32\drivers\eqmbmarj.sys [X]
S1 eudprjmx; \??\C:\Windows\system32\drivers\eudprjmx.sys [X]
S1 exxisgxw; \??\C:\Windows\system32\drivers\exxisgxw.sys [X]
S1 fcjlogbi; \??\C:\Windows\system32\drivers\fcjlogbi.sys [X]
S1 ffycjpxq; \??\C:\Windows\system32\drivers\ffycjpxq.sys [X]
S1 fjzxmtuu; \??\C:\Windows\system32\drivers\fjzxmtuu.sys [X]
S1 fkkdkcay; \??\C:\Windows\system32\drivers\fkkdkcay.sys [X]
S1 fowqagmp; \??\C:\Windows\system32\drivers\fowqagmp.sys [X]
S1 fpsjtzii; \??\C:\Windows\system32\drivers\fpsjtzii.sys [X]
S1 gfsqcdsr; \??\C:\Windows\system32\drivers\gfsqcdsr.sys [X]
S1 gldlvahk; \??\C:\Windows\system32\drivers\gldlvahk.sys [X]
S1 gtvbavtt; \??\C:\Windows\system32\drivers\gtvbavtt.sys [X]
S1 hbasuste; \??\C:\Windows\system32\drivers\hbasuste.sys [X]
S1 hcyotgob; \??\C:\Windows\system32\drivers\hcyotgob.sys [X]
S1 hmtjtouf; \??\C:\Windows\system32\drivers\hmtjtouf.sys [X]
S1 hvotlose; \??\C:\Windows\system32\drivers\hvotlose.sys [X]
S1 hzgfcfvd; \??\C:\Windows\system32\drivers\hzgfcfvd.sys [X]
S1 icsadghe; \??\C:\Windows\system32\drivers\icsadghe.sys [X]
S1 ieuysqwo; \??\C:\Windows\system32\drivers\ieuysqwo.sys [X]
S1 igrfubmj; \??\C:\Windows\system32\drivers\igrfubmj.sys [X]
S1 igvegmzf; \??\C:\Windows\system32\drivers\igvegmzf.sys [X]
S1 iqyeytqq; \??\C:\Windows\system32\drivers\iqyeytqq.sys [X]
S1 ixplwmip; \??\C:\Windows\system32\drivers\ixplwmip.sys [X]
S1 jhbepokp; \??\C:\Windows\system32\drivers\jhbepokp.sys [X]
S1 jsxtugrq; \??\C:\Windows\system32\drivers\jsxtugrq.sys [X]
S1 kbiowlcp; \??\C:\Windows\system32\drivers\kbiowlcp.sys [X]
S1 kecfozkj; \??\C:\Windows\system32\drivers\kecfozkj.sys [X]
S1 kijafjlt; \??\C:\Windows\system32\drivers\kijafjlt.sys [X]
S1 kklzhoul; \??\C:\Windows\system32\drivers\kklzhoul.sys [X]
S1 klawevlw; \??\C:\Windows\system32\drivers\klawevlw.sys [X]
S1 kvfmuxjg; \??\C:\Windows\system32\drivers\kvfmuxjg.sys [X]
S1 lahnjzwf; \??\C:\Windows\system32\drivers\lahnjzwf.sys [X]
S1 ldzdnhwr; \??\C:\Windows\system32\drivers\ldzdnhwr.sys [X]
S1 leoduuww; \??\C:\Windows\system32\drivers\leoduuww.sys [X]
S1 lfiuknhj; \??\C:\Windows\system32\drivers\lfiuknhj.sys [X]
S1 lgksuext; \??\C:\Windows\system32\drivers\lgksuext.sys [X]
S1 longdzmb; \??\C:\Windows\system32\drivers\longdzmb.sys [X]
S1 mabjffiu; \??\C:\Windows\system32\drivers\mabjffiu.sys [X]
S1 mgdntfqc; \??\C:\Windows\system32\drivers\mgdntfqc.sys [X]
S1 mgrbqvcu; \??\C:\Windows\system32\drivers\mgrbqvcu.sys [X]
S1 mnirgulz; \??\C:\Windows\system32\drivers\mnirgulz.sys [X]
S1 mqqpiegn; \??\C:\Windows\system32\drivers\mqqpiegn.sys [X]
S1 mrunzkvn; \??\C:\Windows\system32\drivers\mrunzkvn.sys [X]
S1 msjvebtg; \??\C:\Windows\system32\drivers\msjvebtg.sys [X]
S1 mwszvlpx; \??\C:\Windows\system32\drivers\mwszvlpx.sys [X]
S1 mxbxotek; \??\C:\Windows\system32\drivers\mxbxotek.sys [X]
S1 mzxhesjm; \??\C:\Windows\system32\drivers\mzxhesjm.sys [X]
S1 najyxzfp; \??\C:\Windows\system32\drivers\najyxzfp.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S1 nlmsjzcz; \??\C:\Windows\system32\drivers\nlmsjzcz.sys [X]
S1 nxhdcrvc; \??\C:\Windows\system32\drivers\nxhdcrvc.sys [X]
S1 oaqybuxc; \??\C:\Windows\system32\drivers\oaqybuxc.sys [X]
S1 obgvfija; \??\C:\Windows\system32\drivers\obgvfija.sys [X]
S1 oofggyqg; \??\C:\Windows\system32\drivers\oofggyqg.sys [X]
S1 pbhdcdmb; \??\C:\Windows\system32\drivers\pbhdcdmb.sys [X]
S1 pcfxqcpe; \??\C:\Windows\system32\drivers\pcfxqcpe.sys [X]
S1 pcypsfog; \??\C:\Windows\system32\drivers\pcypsfog.sys [X]
S1 phhwngep; \??\C:\Windows\system32\drivers\phhwngep.sys [X]
S1 phnblvnu; \??\C:\Windows\system32\drivers\phnblvnu.sys [X]
S1 pkcwaooe; \??\C:\Windows\system32\drivers\pkcwaooe.sys [X]
S1 presgwen; \??\C:\Windows\system32\drivers\presgwen.sys [X]
S1 pvrlegkf; \??\C:\Windows\system32\drivers\pvrlegkf.sys [X]
S1 pwxdqjya; \??\C:\Windows\system32\drivers\pwxdqjya.sys [X]
S1 qfcbnuub; \??\C:\Windows\system32\drivers\qfcbnuub.sys [X]
S1 qhkraxqw; \??\C:\Windows\system32\drivers\qhkraxqw.sys [X]
S1 qimjeipo; \??\C:\Windows\system32\drivers\qimjeipo.sys [X]
S1 qkhngcql; \??\C:\Windows\system32\drivers\qkhngcql.sys [X]
S1 qrqcsxrj; \??\C:\Windows\system32\drivers\qrqcsxrj.sys [X]
S1 rhwaulgf; \??\C:\Windows\system32\drivers\rhwaulgf.sys [X]
S1 rhyulmue; \??\C:\Windows\system32\drivers\rhyulmue.sys [X]
S1 rlomwtih; \??\C:\Windows\system32\drivers\rlomwtih.sys [X]
S1 rqwauodm; \??\C:\Windows\system32\drivers\rqwauodm.sys [X]
S1 rurwhvcz; \??\C:\Windows\system32\drivers\rurwhvcz.sys [X]
S1 rvufqgdg; \??\C:\Windows\system32\drivers\rvufqgdg.sys [X]
S1 secvbwum; \??\C:\Windows\system32\drivers\secvbwum.sys [X]
S1 sevofvlg; \??\C:\Windows\system32\drivers\sevofvlg.sys [X]
S1 sfrcyvty; \??\C:\Windows\system32\drivers\sfrcyvty.sys [X]
S3 STHDA; system32\DRIVERS\stwrt.sys [X]
S1 thyansre; \??\C:\Windows\system32\drivers\thyansre.sys [X]
S1 tiigmcut; \??\C:\Windows\system32\drivers\tiigmcut.sys [X]
S1 tkuaesrn; \??\C:\Windows\system32\drivers\tkuaesrn.sys [X]
S1 toxeidza; \??\C:\Windows\system32\drivers\toxeidza.sys [X]
S1 trpbfvpn; \??\C:\Windows\system32\drivers\trpbfvpn.sys [X]
S1 uizzspnj; \??\C:\Windows\system32\drivers\uizzspnj.sys [X]
S1 urfrjtcm; \??\C:\Windows\system32\drivers\urfrjtcm.sys [X]
S1 uwamaflu; \??\C:\Windows\system32\drivers\uwamaflu.sys [X]
S1 uxmlfnpr; \??\C:\Windows\system32\drivers\uxmlfnpr.sys [X]
S1 uyglfmdx; \??\C:\Windows\system32\drivers\uyglfmdx.sys [X]
S1 vabzwqzw; \??\C:\Windows\system32\drivers\vabzwqzw.sys [X]
S1 vbujuqzk; \??\C:\Windows\system32\drivers\vbujuqzk.sys [X]
S1 vcjjhcwu; \??\C:\Windows\system32\drivers\vcjjhcwu.sys [X]
S1 vflidguu; \??\C:\Windows\system32\drivers\vflidguu.sys [X]
S1 vlkoqdju; \??\C:\Windows\system32\drivers\vlkoqdju.sys [X]
S1 vmripazr; \??\C:\Windows\system32\drivers\vmripazr.sys [X]
S1 wcbvkztd; \??\C:\Windows\system32\drivers\wcbvkztd.sys [X]
S1 wlqvjzqz; \??\C:\Windows\system32\drivers\wlqvjzqz.sys [X]
S1 wtwttlem; \??\C:\Windows\system32\drivers\wtwttlem.sys [X]
S1 wyvqkyqg; \??\C:\Windows\system32\drivers\wyvqkyqg.sys [X]
S1 xaootllz; \??\C:\Windows\system32\drivers\xaootllz.sys [X]
S1 xdiiiaug; \??\C:\Windows\system32\drivers\xdiiiaug.sys [X]
S1 xikopeth; \??\C:\Windows\system32\drivers\xikopeth.sys [X]
S1 xjcgmrco; \??\C:\Windows\system32\drivers\xjcgmrco.sys [X]
S1 xravqyga; \??\C:\Windows\system32\drivers\xravqyga.sys [X]
S1 xzciipgp; \??\C:\Windows\system32\drivers\xzciipgp.sys [X]
S1 xzmyycfa; \??\C:\Windows\system32\drivers\xzmyycfa.sys [X]
S1 ybttjidb; \??\C:\Windows\system32\drivers\ybttjidb.sys [X]
S1 yhtdnycv; \??\C:\Windows\system32\drivers\yhtdnycv.sys [X]
S1 ylhjqkzi; \??\C:\Windows\system32\drivers\ylhjqkzi.sys [X]
S1 yljbzwcs; \??\C:\Windows\system32\drivers\yljbzwcs.sys [X]
S1 ymbiayfa; \??\C:\Windows\system32\drivers\ymbiayfa.sys [X]
S1 zanffvgn; \??\C:\Windows\system32\drivers\zanffvgn.sys [X]
S1 zrdumhbf; \??\C:\Windows\system32\drivers\zrdumhbf.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 16:19 - 2014-10-10 16:19 - 00000625 _____ () C:\Users\Shane\Desktop\JRT.txt
2014-10-10 12:47 - 2014-10-10 16:27 - 00000000 ____D () C:\FRST
2014-10-10 12:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-10-10 12:31 - 2014-10-10 16:15 - 00000000 ____D () C:\AdwCleaner
2014-10-10 12:12 - 2014-10-10 12:12 - 00000000 ____D () C:\Windows\ERUNT
2014-10-10 11:30 - 2014-10-10 11:30 - 00002242 _____ () C:\Users\Shane\Desktop\SpyHunter.lnk
2014-10-10 11:30 - 2014-10-10 11:30 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-10-10 11:30 - 2014-10-10 11:30 - 00000000 ____D () C:\sh4ldr
2014-10-10 11:30 - 2014-10-10 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-10 11:27 - 2014-10-10 11:30 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-10 11:27 - 2014-10-10 11:27 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-10-10 11:26 - 2014-10-10 11:26 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Shane\Downloads\SpyHunter-Installer (1).exe
2014-10-10 11:24 - 2014-10-10 11:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Shane\Downloads\SpyHunter-Installer.exe
2014-10-09 22:55 - 2014-10-09 22:55 - 00000000 __RSH () C:\MSDOS.SYS
2014-10-09 22:55 - 2014-10-09 22:55 - 00000000 __RSH () C:\IO.SYS
2014-10-09 21:10 - 2014-10-09 21:10 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\TeamViewer
2014-10-09 21:10 - 2014-10-09 21:10 - 00000000 ____D () C:\Program Files\TeamViewer
2014-10-07 13:31 - 2014-10-09 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-10-07 13:31 - 2014-10-07 13:31 - 00202583 _____ () C:\ProgramData\1412684881.bdinstall.bin
2014-10-07 13:28 - 2014-10-07 13:31 - 00000000 ____D () C:\Program Files\Bitdefender
2014-10-07 13:28 - 2014-10-07 13:28 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\QuickScan
2014-10-07 12:09 - 2014-10-10 16:22 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-07 12:09 - 2014-10-10 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-07 12:09 - 2014-10-10 12:53 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-07 12:09 - 2014-10-07 12:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 12:09 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-07 12:09 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-07 12:09 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-07 11:58 - 2014-10-09 22:39 - 00000000 ____D () C:\Program Files\Your Uninstaller! 7
2014-10-07 11:58 - 2014-10-07 11:58 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\URSoft
2014-10-07 11:58 - 2014-10-07 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
2014-10-07 11:56 - 2014-10-10 16:27 - 00000000 ____D () C:\Users\Shane\InstallImages
2014-10-06 09:15 - 2014-10-06 09:15 - 00010104 _____ () C:\Users\Shane\Downloads\1239408 000 GREETING CARD 1PCE 793573976321.xlsx
2014-10-06 09:08 - 2014-10-06 09:08 - 00000687 _____ () C:\awh989B.tmp
2014-10-04 11:31 - 2014-10-07 10:07 - 00030720 _____ () C:\Users\Shane\Documents\Cashflow October 2014.xls
2014-10-03 18:27 - 2014-10-03 18:27 - 00000687 _____ () C:\awh3EE.tmp
2014-10-02 15:45 - 2014-10-02 15:45 - 00023040 _____ () C:\Users\Shane\Downloads\SIF_SOURCED IN FRANCE_22-09-2014 (2).xls
2014-10-02 09:56 - 2014-10-02 09:56 - 00023040 _____ () C:\Users\Shane\Downloads\SIF_SOURCED IN FRANCE_29-09-2014.xls
2014-10-02 09:56 - 2014-10-02 09:56 - 00023040 _____ () C:\Users\Shane\Downloads\SIF_SOURCED IN FRANCE_22-09-2014.xls
2014-10-02 09:56 - 2014-10-02 09:56 - 00023040 _____ () C:\Users\Shane\Downloads\SIF_SOURCED IN FRANCE_22-09-2014 (1).xls
2014-10-02 07:45 - 2014-10-02 07:45 - 00000687 _____ () C:\awh1083.tmp
2014-10-01 23:02 - 2014-10-01 23:02 - 00000687 _____ () C:\awh1351.tmp
2014-10-01 22:07 - 2014-10-01 22:07 - 00000687 _____ () C:\awh7F3D.tmp
2014-10-01 22:04 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 08:11 - 2014-10-01 08:11 - 00108544 _____ () C:\Windows\system32\hfnapi.dll
2014-09-30 21:55 - 2014-09-30 21:55 - 00000687 _____ () C:\awh666.tmp
2014-09-30 20:30 - 2014-09-30 20:30 - 00000687 _____ () C:\awh2B44.tmp
2014-09-30 17:23 - 2014-09-30 17:23 - 00000687 _____ () C:\awh8DB4.tmp
2014-09-29 08:32 - 2014-10-09 22:39 - 00000000 ____D () C:\Users\Shane\AppData\Local\3006
2014-09-28 22:24 - 2014-09-28 22:24 - 00000687 _____ () C:\awh57BA.tmp
2014-09-26 11:28 - 2014-09-26 11:28 - 00000687 _____ () C:\awh1E87.tmp
2014-09-24 11:12 - 2014-09-24 11:12 - 00000687 _____ () C:\awh6C3.tmp
2014-09-24 11:10 - 2014-09-24 11:10 - 00000000 ____D () C:\Users\FMDK7412
2014-09-24 09:14 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 18:01 - 2014-09-23 18:01 - 01888768 _____ () C:\Users\Shane\Downloads\art somptueux.pps
2014-09-22 13:29 - 2014-09-22 13:29 - 00000687 _____ () C:\awhAD8.tmp
2014-09-22 13:24 - 2014-10-10 12:36 - 00000152 _____ () C:\Users\Public\Documents\rim_expiry.xml
2014-09-22 13:24 - 2014-09-22 13:24 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-09-22 09:31 - 2014-09-22 09:31 - 00013625 _____ () C:\Users\Shane\Downloads\MAD FOR CARDS SUTTON WK27-37.xls
2014-09-22 09:25 - 2014-09-22 09:25 - 00016256 _____ () C:\Users\Shane\Downloads\Mad For Card Sales From 52 weeks..xls
2014-09-19 08:35 - 2014-09-24 09:35 - 00000000 ____D () C:\Users\Shane\Documents\Car Insurance Info for Ireland
2014-09-17 19:26 - 2014-08-19 18:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 19:26 - 2014-08-18 23:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 19:26 - 2014-08-18 23:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 19:26 - 2014-08-18 22:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-17 19:26 - 2014-08-18 22:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-17 19:26 - 2014-08-18 22:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 19:26 - 2014-08-18 22:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-17 19:26 - 2014-08-18 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 19:26 - 2014-08-18 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-17 19:26 - 2014-08-18 22:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 19:26 - 2014-08-18 22:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 19:26 - 2014-08-18 22:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-17 19:26 - 2014-08-18 22:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-17 19:26 - 2014-08-18 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-17 19:26 - 2014-08-18 22:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-17 19:26 - 2014-08-18 22:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 19:26 - 2014-08-18 22:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-17 19:26 - 2014-08-18 22:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 19:26 - 2014-08-18 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 19:26 - 2014-08-18 22:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-17 19:26 - 2014-08-18 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 19:26 - 2014-08-18 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 19:26 - 2014-08-18 22:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 19:26 - 2014-08-18 22:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 19:26 - 2014-08-18 22:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 19:26 - 2014-08-18 22:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 19:26 - 2014-08-18 22:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-17 19:26 - 2014-08-18 21:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 19:26 - 2014-08-18 21:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 19:26 - 2014-08-18 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 19:25 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-17 11:36 - 2014-07-07 02:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 11:36 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 11:36 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-17 11:35 - 2014-09-05 02:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-17 11:35 - 2014-09-05 02:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-17 11:35 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 16:27 - 2010-08-30 10:53 - 01128515 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 16:06 - 2012-07-13 18:16 - 00000352 ____H () C:\Windows\Tasks\OptimizerProUpdaterRefreshTask.job
2014-10-10 16:03 - 2010-08-31 18:12 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 16:01 - 2012-06-09 12:24 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-10-10 12:43 - 2009-07-14 05:34 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 12:43 - 2009-07-14 05:34 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 12:37 - 2012-02-16 16:31 - 00000000 ___RD () C:\Users\Shane\Dropbox
2014-10-10 12:37 - 2012-02-16 16:28 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\Dropbox
2014-10-10 12:36 - 2012-07-13 18:16 - 00000372 ____H () C:\Windows\Tasks\OptimizerProUpdaterLogonTask.job
2014-10-10 12:36 - 2010-08-31 18:12 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 12:34 - 2014-02-28 22:21 - 00014489 _____ () C:\Windows\setupact.log
2014-10-10 12:34 - 2010-08-30 13:08 - 00998722 _____ () C:\Windows\PFRO.log
2014-10-10 12:34 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-10 12:06 - 2012-10-31 01:40 - 00000000 ____D () C:\Users\Shane\AppData\Local\CrashDumps
2014-10-10 12:02 - 2012-09-10 15:39 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-10 12:01 - 2012-09-10 15:39 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-10 11:59 - 2014-06-14 09:06 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-10 11:56 - 2011-08-08 10:31 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-10 11:56 - 2010-08-30 10:49 - 00786590 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-10 09:31 - 2014-06-26 21:27 - 00000000 ____D () C:\Program Files\88B73655-05CA-442E-8ABF-97FD96D79AC9
2014-10-10 09:31 - 2014-05-26 11:31 - 00000000 ____D () C:\Users\Shane\AppData\Local\8101
2014-10-10 09:31 - 2012-07-13 18:15 - 00000000 ____D () C:\ProgramData\InstallMate
2014-10-09 22:55 - 2010-08-30 19:12 - 00089040 _____ () C:\Users\Shane\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-09 22:54 - 2010-08-30 10:54 - 00000000 ____D () C:\Users\Shane
2014-10-09 22:40 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-09 22:39 - 2014-07-30 22:31 - 00000000 ____D () C:\Program Files\DellTPad
2014-10-09 22:39 - 2014-07-08 00:04 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\IDM2
2014-10-09 22:39 - 2014-05-15 14:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-10-09 22:39 - 2013-10-20 13:43 - 00000000 ____D () C:\Program Files\iTunes
2014-10-09 22:39 - 2013-10-20 13:31 - 00000000 ____D () C:\Program Files\QuickTime
2014-10-09 22:39 - 2012-09-10 15:41 - 00000000 ____D () C:\Program Files\Adobe
2014-10-09 22:39 - 2012-06-09 12:24 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-10-09 22:39 - 2012-06-09 12:24 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-10-09 22:39 - 2011-12-05 09:06 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-10-09 22:39 - 2011-08-02 09:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-09 22:39 - 2010-08-30 19:14 - 00000000 ____D () C:\Program Files\Common Files\SureThing Shared
2014-10-09 22:39 - 2010-08-30 19:14 - 00000000 ____D () C:\Program Files\Common Files\Sonic Shared
2014-10-09 22:39 - 2010-08-30 19:13 - 00000000 ____D () C:\Program Files\Roxio
2014-10-09 22:39 - 2009-07-14 08:49 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-09 22:39 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-09 22:39 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-10-09 22:39 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-09 22:39 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-10-09 22:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\com
2014-10-09 22:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-09 22:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-09 22:38 - 2009-07-14 08:48 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-09 22:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-10-09 22:37 - 2010-09-07 14:29 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\Adobe
2014-10-09 22:37 - 2010-08-31 18:20 - 00000000 ____D () C:\ProgramData\Real
2014-10-09 22:37 - 2010-08-31 18:09 - 00000000 ____D () C:\Users\Shane\AppData\Local\Google
2014-10-09 22:36 - 2010-08-31 18:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-07 13:10 - 2010-09-07 14:29 - 00000000 ____D () C:\Users\Shane\AppData\Local\Adobe
2014-10-07 12:02 - 2011-06-12 14:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-05 11:57 - 2014-01-26 13:27 - 00000000 ____D () C:\Users\Shane\Desktop\Photos Phone
2014-10-04 11:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-01 15:50 - 2013-08-24 23:19 - 00007601 _____ () C:\Users\Shane\AppData\Local\Resmon.ResmonCfg
2014-09-26 12:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-09-25 11:06 - 2013-08-30 09:37 - 00002127 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 11:11 - 2011-06-28 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
2014-09-22 17:31 - 2011-01-04 08:42 - 00000000 ____D () C:\Users\Shane\Documents\Sourced in France
2014-09-22 12:01 - 2014-08-09 11:23 - 00030720 _____ () C:\Users\Shane\Documents\Cashflow August 2014.xls
2014-09-22 07:41 - 2010-08-30 11:16 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-19 10:52 - 2012-02-16 16:31 - 00001017 _____ () C:\Users\Shane\Desktop\Dropbox.lnk
2014-09-19 10:52 - 2012-02-16 16:29 - 00000000 ____D () C:\Users\Shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-19 10:42 - 2014-03-25 19:56 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-09-19 10:42 - 2012-12-16 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-19 10:42 - 2010-08-30 14:35 - 00389664 _____ () C:\Windows\DPINST.LOG
2014-09-19 10:42 - 2010-08-30 14:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-18 10:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 19:26 - 2010-08-30 12:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-17 19:25 - 2013-07-18 08:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 19:18 - 2010-08-30 13:02 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-17 19:17 - 2014-05-08 10:20 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\Shane\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\Shane\AppData\Local\Temp\BackupSetup.exe
C:\Users\Shane\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Shane\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9wdhyx.dll
C:\Users\Shane\AppData\Local\Temp\drvinstal.exe
C:\Users\Shane\AppData\Local\Temp\fp1.exe
C:\Users\Shane\AppData\Local\Temp\freesofttoday.exe
C:\Users\Shane\AppData\Local\Temp\ICReinstall_MediaCodec(4).exe
C:\Users\Shane\AppData\Local\Temp\llynew_webssearches.exe
C:\Users\Shane\AppData\Local\Temp\newvideoplayersetup.exe
C:\Users\Shane\AppData\Local\Temp\nsb1C8B.exe
C:\Users\Shane\AppData\Local\Temp\nsg146F.exe
C:\Users\Shane\AppData\Local\Temp\nsgC93A.exe
C:\Users\Shane\AppData\Local\Temp\nslB1B.exe
C:\Users\Shane\AppData\Local\Temp\nsm95C5.exe
C:\Users\Shane\AppData\Local\Temp\nsm9E5D.exe
C:\Users\Shane\AppData\Local\Temp\nsw8C9F.exe
C:\Users\Shane\AppData\Local\Temp\setup__1729.exe
C:\Users\Shane\AppData\Local\Temp\SHSetup.exe
C:\Users\Shane\AppData\Local\Temp\speedupmypc.exe
C:\Users\Shane\AppData\Local\Temp\spidentifierimpl.exe
C:\Users\Shane\AppData\Local\Temp\SpOrder.dll
C:\Users\Shane\AppData\Local\Temp\SPSetup.exe
C:\Users\Shane\AppData\Local\Temp\tbuD1EE.exe
C:\Users\Shane\AppData\Local\Temp\umbrella.exe
C:\Users\Shane\AppData\Local\Temp\uninst1.exe
C:\Users\Shane\AppData\Local\Temp\utt8F73.tmp.exe
C:\Users\Shane\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Shane\AppData\Local\Temp\vopackage.exe
C:\Users\Shane\AppData\Local\Temp\_is17F2.exe
C:\Users\Shane\AppData\Local\Temp\_is2AE6.exe
C:\Users\Shane\AppData\Local\Temp\_is2F2A.exe
C:\Users\Shane\AppData\Local\Temp\_isD4EA.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 12:06

==================== End Of Log ============================