Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible malware/spyware infection - Trovi/RegCure Pro? [Closed]

malware trovi regcurepro

  • This topic is locked This topic is locked

#1
trubrecht

trubrecht

    Member

  • Member
  • PipPip
  • 23 posts

Hi,

I recently realized that my homepage/search page on my browsers had been taken over by an annoying virus(?) called trovi. I mistakenly downloaded this program RegCure Pro thinking it seemed legitimate but after more research it doesn't seem like it is and now I'm nervous about the security overall on my laptop.

 

Any help appreciated. Thank you!

 

OTL logfile created on: 8/5/2014 7:40:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Bon\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.88 Gb Total Physical Memory | 5.76 Gb Available Physical Memory | 73.07% Memory free
10.63 Gb Paging File | 6.22 Gb Available in Paging File | 58.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 658.94 Gb Total Space | 543.83 Gb Free Space | 82.53% Space Free | Partition Type: NTFS
 
Computer Name: BASHA2 | User Name: Bon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/05 19:39:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bon\Downloads\OTL.exe
PRC - [2014/07/28 13:09:40 | 000,811,384 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2014/07/15 05:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/06/16 16:41:52 | 000,034,952 | ---- | M] (Python Software Foundation) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
PRC - [2014/06/16 16:41:50 | 004,566,664 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
PRC - [2014/06/16 16:41:50 | 001,627,784 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
PRC - [2014/02/22 04:00:27 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2014/02/20 15:34:44 | 000,060,504 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2014/02/12 16:26:32 | 000,043,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2013/11/27 22:52:20 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/10/17 21:29:44 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2013/10/17 18:54:44 | 002,237,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2013/09/25 04:13:20 | 000,815,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2013/07/04 17:07:26 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2013/06/25 10:12:32 | 001,132,920 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2013/06/14 17:45:20 | 000,924,040 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2013/06/14 17:44:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
PRC - [2013/06/14 17:43:52 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2013/06/13 22:00:38 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2013/06/09 20:55:00 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2013/06/05 14:18:06 | 001,039,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
PRC - [2012/08/18 09:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/08/18 09:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012/08/18 04:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2012/07/27 19:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/07/27 19:03:40 | 000,724,576 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/07/23 21:11:21 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/23 21:11:08 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/23 21:10:40 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/23 21:09:00 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/06 15:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2010/10/12 16:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/15 05:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014/07/15 05:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014/07/15 05:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014/07/15 05:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
MOD - [2014/07/15 05:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
MOD - [2014/07/15 05:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014/06/16 16:42:26 | 000,044,680 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
MOD - [2014/06/16 16:42:26 | 000,035,976 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
MOD - [2014/06/16 16:42:24 | 000,192,648 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
MOD - [2014/06/16 16:42:24 | 000,056,456 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
MOD - [2014/06/16 16:42:24 | 000,018,056 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
MOD - [2014/06/16 16:42:22 | 000,836,744 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
MOD - [2014/06/16 16:42:22 | 000,028,808 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
MOD - [2014/06/16 16:42:20 | 000,045,192 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
MOD - [2014/06/16 16:42:20 | 000,019,080 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
MOD - [2014/06/16 16:42:18 | 000,083,080 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
MOD - [2014/06/16 16:42:16 | 000,692,360 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
MOD - [2014/06/16 16:42:16 | 000,111,752 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
MOD - [2014/06/16 16:42:16 | 000,016,520 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
MOD - [2014/06/16 16:42:14 | 000,073,352 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
MOD - [2014/06/16 16:42:14 | 000,073,352 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
MOD - [2014/06/16 16:42:12 | 008,495,240 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
MOD - [2014/06/16 16:42:12 | 000,507,528 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
MOD - [2014/06/16 16:42:12 | 000,352,920 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
MOD - [2014/06/16 16:42:10 | 000,089,224 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
MOD - [2014/06/16 16:42:10 | 000,051,848 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
MOD - [2014/06/16 16:42:06 | 000,840,840 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
MOD - [2014/06/16 16:42:06 | 000,166,024 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
MOD - [2014/06/16 16:42:04 | 000,195,720 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
MOD - [2014/06/16 16:42:02 | 000,062,600 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
MOD - [2014/06/16 16:41:58 | 001,291,400 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
MOD - [2014/06/16 16:41:54 | 001,453,720 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
MOD - [2014/06/16 16:41:54 | 001,038,984 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
MOD - [2014/06/16 16:41:54 | 000,952,968 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
MOD - [2014/06/16 16:41:54 | 000,202,392 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
MOD - [2014/06/16 16:41:52 | 007,605,400 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/10/17 16:45:58 | 032,726,528 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
MOD - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2013/06/05 14:21:18 | 000,071,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/11 11:24:50 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/09 09:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2014/04/06 07:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/02 22:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 02:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/27 22:03:12 | 001,642,544 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/02/20 15:34:44 | 000,060,504 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/19 10:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC)
SRV:64bit: - [2013/11/19 10:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC)
SRV:64bit: - [2013/10/11 13:42:42 | 003,671,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/10/11 13:42:20 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/10/11 13:41:56 | 000,631,024 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/10/11 13:41:28 | 000,154,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/09/29 23:51:09 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/09/29 23:51:09 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/29 04:01:08 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/09/12 18:07:06 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/07/19 22:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/06/09 16:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2014/07/29 03:55:06 | 002,983,896 | ---- | M] (Client Connect LTD) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/07/28 13:09:40 | 000,811,384 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/07/08 21:49:03 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/18 06:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/14 02:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/11/27 22:52:20 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/09/28 05:45:04 | 000,625,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/09/24 08:34:06 | 000,157,128 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel®
SRV - [2013/09/16 09:32:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/07/04 17:07:26 | 001,157,496 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013/06/25 10:12:32 | 001,132,920 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/11/07 18:13:06 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/10/15 18:08:18 | 000,461,024 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012/10/15 18:08:18 | 000,078,560 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012/10/15 18:08:12 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012/08/18 09:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/07/27 19:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/07/23 21:11:21 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/23 21:11:08 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/23 21:10:40 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/07/23 21:09:00 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/05/23 18:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/01 09:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/06 18:18:39 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:64bit: - [2014/04/01 02:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/23 22:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 22:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 22:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/19 01:13:12 | 000,356,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013/12/04 14:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/27 22:52:18 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/11/17 15:30:38 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/10 22:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 07:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/25 21:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/09/30 00:03:22 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 23:51:11 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/09/29 23:51:09 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 23:51:00 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/29 23:50:59 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/09/29 23:50:59 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/09/29 23:50:59 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/09/29 23:50:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/09/26 05:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/09/23 08:31:40 | 003,344,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/09/16 09:32:32 | 004,170,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/22 18:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/29 04:01:36 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013/07/29 04:01:36 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/27 01:27:30 | 001,385,784 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/06/04 20:07:44 | 000,095,152 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2013/04/23 16:50:24 | 000,132,920 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2013/04/23 14:24:26 | 000,069,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/10 23:33:58 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/20 23:12:13 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/08/20 23:09:55 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/20 21:24:44 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/08/09 23:29:52 | 000,188,384 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/07/23 21:09:45 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/07/11 08:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/10 22:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sows.sys -- (SOWS)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...0EE057C58&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{24B45E31-E3B5-417F-B7FA-0FCD6D6EEE11}: "URL" = http://www.bing.com/...E10TR&pc=MASAJS
IE - HKCU\..\SearchScopes\{3ED9CB0C-7257-4657-A8A6-25735415B603}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{C962259C-EF2E-44D2-BD60-134317BD123F}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{CA4F3DA2-AF01-4ACE-AF30-CAC4B9DDC731}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{F314B2B9-56BE-4DB7-9374-25DB45BC2437}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Trovi search"
FF - prefs.js..browser.search.selectedEngine: "Trovi search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.condui...EE057C58&SSPV="
FF - prefs.js..extensions.enabledAddons: pinterest%40robertnyman.com:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: "http://search.yahoo....type=407956&p="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\Bon\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 06:36:14 | 000,010,691 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/08/19 09:38:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bon\AppData\Roaming\mozilla\Extensions
[2014/07/29 21:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bon\AppData\Roaming\mozilla\Firefox\Profiles\488yb04x.default\extensions
[2013/12/25 12:42:09 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Bon\AppData\Roaming\mozilla\firefox\profiles\488yb04x.default\extensions\[email protected]
[2014/08/04 06:18:15 | 000,000,606 | ---- | M] () -- C:\Users\Bon\AppData\Roaming\mozilla\firefox\profiles\488yb04x.default\searchplugins\trovi-search.xml
[2013/12/19 21:43:19 | 000,000,905 | ---- | M] () -- C:\Users\Bon\AppData\Roaming\mozilla\firefox\profiles\488yb04x.default\searchplugins\yahoo_ff.xml
[2014/06/18 06:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/18 06:36:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Plex = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm\2.1.12_0\
CHR - Extension: Pin It Button = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\1.3.3_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\
CHR - Extension: Domain Error Assistant = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\
CHR - Extension: Slick Savings = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\
CHR - Extension: Google Wallet = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Windows 8 App Store = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcofehgfaeaakklkbahafjoifnaagecj\1.1.3_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Yann Arthus-Bertrand = C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE64.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Redirector] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE /EPT "EPLTarget\P0000000000000000" /M "Artisan 837" File not found
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Bon\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm ()
O9 - Extra 'Tools' menuitem : &Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADE578FA-89D2-401B-9499-606E56B5850C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE67CA30-FC28-4501-B3BD-E734934B38E0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Client Connect LTD)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Client Connect LTD)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/30 21:41:39 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\ParetoLogic
[2014/07/30 21:41:39 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\DriverCure
[2014/07/30 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2014/07/30 21:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
[2014/07/30 21:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2014/07/30 21:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParetoLogic
[2014/07/30 21:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2014/07/30 21:08:42 | 000,000,000 | ---D | C] -- C:\Users\Bon\Desktop\desktop docs
[2014/07/30 21:03:55 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2014/07/30 21:03:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014/07/29 21:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/07/29 21:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vtools Toolbar
[2014/07/24 13:09:05 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
[2014/07/24 13:09:00 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/07/24 12:22:26 | 000,000,000 | ---D | C] -- C:\Users\Bon\Desktop\Rugby
[2014/07/24 11:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/07/24 11:48:35 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Local\Plex Media Server
[2014/07/24 11:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2014/07/24 11:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex
[2014/07/24 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\Bon\AppData\Roaming\BitTorrent
[2014/07/15 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\Bon\Desktop\paystubs
[2014/07/12 21:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/07/12 21:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/07/12 20:56:09 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\CompatTel
[7 C:\Users\Bon\Documents\*.tmp files -> C:\Users\Bon\Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/05 19:42:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/08/05 19:38:00 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\Digital Sites.job
[2014/08/05 19:38:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\DSite.job
[2014/08/05 19:35:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/05 07:58:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002UA.job
[2014/08/05 07:52:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/05 06:38:00 | 000,000,066 | ---- | M] () -- C:\Users\Bon\AppData\Roaming\WB.CFG
[2014/08/03 21:52:00 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/03 21:52:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/03 16:58:00 | 000,000,862 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002Core.job
[2014/08/02 09:08:50 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Pro Startup.job
[2014/08/01 06:56:11 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/07/31 21:23:18 | 000,001,206 | ---- | M] () -- C:\Users\Bon\Desktop\RegCure Pro.lnk
[2014/07/30 21:47:27 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/07/30 21:47:27 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/07/30 21:47:27 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/07/30 21:42:37 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/07/30 21:41:05 | 000,000,573 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
[2014/07/30 21:40:55 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/30 21:40:54 | 2475,704,319 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/30 21:23:54 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2014/07/30 21:17:34 | 000,001,146 | ---- | M] () -- C:\Users\Bon\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2014/07/30 21:17:34 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/07/24 13:09:00 | 000,002,319 | ---- | M] () -- C:\Users\Bon\Desktop\Chrome App Launcher.lnk
[2014/07/24 11:31:45 | 000,000,913 | ---- | M] () -- C:\Users\Bon\Desktop\BitTorrent.lnk
[2014/07/24 11:31:45 | 000,000,893 | ---- | M] () -- C:\Users\Bon\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/07/13 14:49:44 | 004,380,939 | ---- | M] () -- C:\Users\Bon\Desktop\cohosh.jpg
[2014/07/12 21:02:45 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/07/12 21:02:45 | 000,001,947 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/07/12 20:58:58 | 005,077,080 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/07/12 12:49:26 | 005,176,693 | ---- | M] () -- C:\Users\Bon\Desktop\tomato cage.jpg
[7 C:\Users\Bon\Documents\*.tmp files -> C:\Users\Bon\Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/30 21:41:57 | 000,000,478 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/07/30 21:23:55 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Pro Startup.job
[2014/07/30 21:23:54 | 000,001,206 | ---- | C] () -- C:\Users\Bon\Desktop\RegCure Pro.lnk
[2014/07/30 21:23:54 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2014/07/30 21:23:53 | 000,000,573 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
[2014/07/30 21:23:53 | 000,000,452 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/07/30 21:17:34 | 000,001,146 | ---- | C] () -- C:\Users\Bon\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2014/07/30 21:17:34 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2014/07/29 23:19:18 | 004,380,939 | ---- | C] () -- C:\Users\Bon\Desktop\cohosh.jpg
[2014/07/29 23:16:39 | 005,176,693 | ---- | C] () -- C:\Users\Bon\Desktop\tomato cage.jpg
[2014/07/24 13:09:00 | 000,002,319 | ---- | C] () -- C:\Users\Bon\Desktop\Chrome App Launcher.lnk
[2014/07/24 11:31:45 | 000,000,913 | ---- | C] () -- C:\Users\Bon\Desktop\BitTorrent.lnk
[2014/07/24 11:31:45 | 000,000,893 | ---- | C] () -- C:\Users\Bon\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2014/05/01 12:12:46 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 19:30:44 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/11/17 14:02:10 | 000,000,884 | RHS- | C] () -- C:\Users\Bon\ntuser.pol
[2013/09/16 09:32:32 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/09/16 09:32:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/09/16 09:32:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/19 12:38:04 | 000,000,066 | ---- | C] () -- C:\Users\Bon\AppData\Roaming\WB.CFG
[2013/08/07 20:32:08 | 000,000,037 | -HS- | C] () -- C:\Users\Bon\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/03/30 21:02:16 | 000,000,129 | ---- | C] () -- C:\WINDOWS\EART837.ini
[2013/02/25 20:32:46 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dll
[2013/02/25 18:32:49 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 12:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 11:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/07/24 12:39:52 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\BitTorrent
[2013/07/06 12:38:11 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\Catalina – Print Savings
[2013/11/21 20:58:36 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\com.adobe.dmp.contentviewer
[2014/02/08 13:38:08 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\DigitalSites
[2014/07/30 21:41:39 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\DriverCure
[2013/08/19 09:38:17 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\DSite
[2013/12/23 11:37:57 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\Epson
[2014/02/09 21:39:33 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\ICAClient
[2014/02/28 22:19:17 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\iolo
[2014/02/02 19:48:56 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\Leadertech
[2014/07/30 21:41:39 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\ParetoLogic
[2013/11/02 14:49:00 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\PDAppFlex
[2013/08/19 09:55:52 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\Systweak
[2013/08/18 22:30:41 | 000,000,000 | ---D | M] -- C:\Users\Bon\AppData\Roaming\Vtools
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 216 bytes -> C:\Users\Bon\SkyDrive:ms-properties
 
< End of report >

Edited by trubrecht, 05 August 2014 - 06:42 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, as you are on windows 8 I would like to use a different analysis programme


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Bon at 2014-08-06 07:00:57
Running from C:\Users\Bon\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.0.248 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Citrix Authentication Manager (x32 Version: 5.0.0.60597 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.0.0.91 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.4.0.45902 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.0.0.45893 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
EPSON Artisan 837 Series Printer Uninstall (HKLM\...\EPSON Artisan 837 Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FileParade Bundle (HKLM-x32\...\FileParade Bundle) (Version: 1.0.0.0 - FileParade Bundle) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.141 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.6.0.0128 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java™ 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Control Panel 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Online Plug-in (x32 Version: 14.0.0.91 - Citrix Systems, Inc.) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.3 - Pinterest)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Plex Media Server (HKLM-x32\...\{320e1eaa-7462-4b47-af2c-1539ff68bfa5}) (Version: 0.9.912 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.912 - Plex, Inc.) Hidden
Reader for PC (HKLM-x32\...\{02F29E25-2B7A-43BA-AF95-D0978593F399}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.8.0 - ParetoLogic, Inc.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
Self-service Plug-in (x32 Version: 4.0.0.40674 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update for Zip Opener (HKCU\...\DSite) (Version:  - ) <==== ATTENTION
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.0.08170 - Sony Corporation)
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vtools Toolbar v9.6 (HKLM-x32\...\{FEEFA27F-F7BE-45A2-B2ED-B9FF61FB9A73}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2473698545-154944616-3367849747-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2473698545-154944616-3367849747-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2473698545-154944616-3367849747-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2473698545-154944616-3367849747-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
19-07-2014 07:33:00 Scheduled Checkpoint
24-07-2014 14:41:11 Windows Update
31-07-2014 01:01:23 Installed Store App Support Utility.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {021720AF-524A-4417-AD08-EB761037D722} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {039BD248-8647-419A-B9A9-1BF0207F6FC9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-20] (Synaptics Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DA9870D-CB0C-40AF-93A8-7E4C131F2449} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002Core => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-22] (Google Inc.)
Task: {0E69F3AD-BC04-4F40-BCAE-C95BBB7E9921} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {18757C3C-3BB4-4964-9D4B-7E0A66EC38FF} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2809CC49-3485-4120-A111-707F48233246} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {326F4C87-E1DF-4C2C-B457-B4423F84E5A6} - System32\Tasks\RegCure Pro Startup => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2014-07-17] (ParetoLogic, Inc.)
Task: {343F24FB-FEF8-47BF-A37F-7802CD77F595} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {355B8156-61F4-4F07-A925-D3599E648710} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {486A9C3D-98F4-41B2-93F1-FF5E0A827C89} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] ()
Task: {4880127F-E251-4722-9A4D-BDFC1669E881} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5662AE57-1883-4A01-B2B0-2FC8952E4EA0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {58D0C77F-FB53-400B-AC7F-458CE9A079F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002UA => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-22] (Google Inc.)
Task: {5C4981B8-BCD1-4CF2-A3C0-9F5E778B205A} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5D2165AC-0A81-40C0-B555-A0434BB5F90B} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-25] (Sony Corporation)
Task: {6072656C-24C9-4F49-B3B6-D6424FA38D40} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {65BA0F54-EE05-4102-BED0-3108722E3E1A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {67EA7B9B-79CC-4242-9794-9905DA887766} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6CFF5BA2-DD92-4263-90C9-F3FF19E3F9A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.)
Task: {6D81D3FD-5E68-42DB-A481-CD284017D6EF} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {712B148E-B082-42F3-A3DD-BB3DCE857228} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92E0561F-CB67-4C28-A319-385081D65702} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {96EB6DA5-B589-4694-A9AA-A388103C7B35} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {982928BE-DFA4-41FA-860B-987A80D8B0F5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {993D9495-68BD-44DE-BA11-D85E66E65D5E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9E20F24E-22BD-418A-A5E7-487CF41DCA4E} - System32\Tasks\Digital Sites => C:\Users\Bon\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A24C9329-3A8A-434A-9A21-6344CA361373} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {A2AB68B1-F8B7-4B12-A108-05EC42678B5A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {A80612F8-A920-4E89-BEF8-1F99C25AAAEB} - System32\Tasks\DSite => C:\Users\Bon\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-08-19] () <==== ATTENTION
Task: {AFC6A748-5246-4308-8AB6-27FFDEBB2B7C} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {B7E638DB-E66E-4FDC-BB59-00ACF8B8BE3C} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe [2014-06-24] ()
Task: {B89B4C94-36C1-468F-A29A-73207F29631F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {BDA92EAD-2788-4AC9-8796-D45F03187AD9} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C266FB55-0644-4CE4-8D7B-3B874A90BE74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-27] (Google Inc.)
Task: {C8D36E92-EE08-4477-AA05-290DDF629716} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {CD2FD5D8-6912-4B99-9A93-9939D8C10C42} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1468E7A-0183-4811-8A75-8C72402FC01F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D14750AC-A0A1-423E-B50A-1FBFB760DAAB} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {D25D01CF-ACC4-46E2-B27B-FF562C21F60F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {D2F29CDD-0965-43AF-8828-55645EBF3162} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F04FABF3-D901-4CF6-ADFC-BDCBBF316BBE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F17DDBF9-EB56-4DEA-BEA0-958B6CB4F829} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {F2FA5AF0-D504-4CFE-BD8B-642B3BC04FBB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {F39FB47E-86C8-4E4A-B84D-4BB52341EFBF} - System32\Tasks\AdobeAAMUpdater-1.0-Basha2-Bon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {F8685563-44DE-4ED6-8157-C9A85A05BAC7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {FA42F9B3-B634-4DA1-90AC-AD182071523D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FB028D02-6E01-4D24-8B36-B9037104CEBA} - System32\Tasks\ParetoLogic Update Version3 => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe [2014-06-24] ()
Task: {FF4ECE11-62D4-4ABF-BE30-EAF61AAF14BF} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {FFFAD4FD-B5C6-4875-B6D0-67FA04D3610D} - System32\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1 => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2014-07-17] (ParetoLogic, Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Bon\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\DSite.job => C:\Users\Bon\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002Core.job => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002UA.job => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\RegCure Pro Startup.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\WINDOWS\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-16 18:01 - 2013-10-16 18:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-05-23 11:05 - 2014-05-23 11:05 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-20 13:59 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-25 18:44 - 2012-07-23 21:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2014-06-16 16:41 - 2014-06-16 16:41 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-10-17 16:45 - 2013-10-17 16:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-02-25 20:10 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-19 03:54 - 2014-07-15 05:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00035976 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-06-16 16:42 - 2014-06-16 16:42 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-06-16 16:42 - 2014-06-16 16:42 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Bon\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1064715593
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-107867164
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1102008313
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1115941700
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1128798306
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1134310829
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1175943476
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1230236026
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1237759955
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1244611208
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1288657780
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1329896434
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1350439208
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1376052894
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-139164984
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1409822754
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1412561377
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1439325801
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1496821472
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1497362479
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1546086194
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1580302080
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1614124449
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1615203351
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1639703492
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1642429248
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1654473657
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1665112807
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1718158561
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1750730047
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1770948248
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1796009455
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1810942534
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1884008532
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1922683182
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1974603005
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-1989877908
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-2004698577
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-201995994
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-2028736819
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-2111476127
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-2124279583
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-2129547368
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-243368741
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-252638824
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-260468512
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-261801749
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-262744351
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-270834553
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-277898340
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-317401055
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-382006007
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-383914634
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-398093957
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-430338853
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-463937911
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-464328965
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-471575918
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-477404754
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-509273664
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-511132090
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-59250122
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-61451018
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-635933840
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-639005078
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-714059437
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-716065314
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-824622398
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-841005862
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32-974402441
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321027591454
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321034013726
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321047909665
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321054014520
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321068986825
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321087091885
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321098773081
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321106041726
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321155515686
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321188876920
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321192037602
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321195629587
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321205249357
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321241124657
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321246283211
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321275570688
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321282225686
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321293953497
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321327066709
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321379633731
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321469667509
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321474132549
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321484442069
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321524800021
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321626430847
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321667356723
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321679567174
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321696158119
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321778364474
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321841331601
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321936490721
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon321937230089
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32194653997
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32198076839
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon322013827140
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon322018045393
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon322102161909
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon322132012596
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32245384380
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32302623306
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32304941354
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32306166553
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32322376190
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32395895534
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32400948053
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32455077328
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32456239598
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32459012781
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon3245944988
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32480218647
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32602988317
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32603562654
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon3261573560
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32628928927
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32629267460
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32634045274
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32693891861
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32699312332
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32701292273
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32703751500
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32725594561
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32737032877
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32780641892
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32851794699
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32872357476
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32874218591
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32875251353
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32898589316
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon3290054070
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32907213169
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon32951422523
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:DESTICON_favicon3299389240
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:TASKICON_0search-1396133099
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:TASKICON_1mostpopular-421768147
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:TASKICON_2video838797819
AlternateDataStreams: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\The New York Times.website:TASKICON_3homepage-156156560
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/06/2014 06:58:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASHA2)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147220995 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/06/2014 06:58:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASHA2)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147220995 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 08:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109
 
Error: (08/05/2014 08:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109
 
 
System errors:
=============
Error: (08/04/2014 06:20:47 AM) (Source: DCOM) (EventID: 10010) (User: BASHA2)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (08/02/2014 09:09:25 AM) (Source: DCOM) (EventID: 10010) (User: BASHA2)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (07/30/2014 09:46:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.
 
Error: (07/30/2014 09:43:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service service terminated with the following error: 
%%268439612
 
Error: (07/30/2014 09:43:22 PM) (Source: DCOM) (EventID: 10010) (User: BASHA2)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (07/30/2014 09:40:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (07/30/2014 09:40:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (07/30/2014 09:09:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service service terminated with the following error: 
%%268439612
 
Error: (07/30/2014 09:08:42 PM) (Source: DCOM) (EventID: 10010) (User: BASHA2)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (07/30/2014 09:06:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
 
Microsoft Office Sessions:
=========================
Error: (08/06/2014 06:58:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASHA2)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147220995
 
Error: (08/06/2014 06:58:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASHA2)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147220995
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094
 
Error: (08/06/2014 05:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141
 
Error: (08/05/2014 10:04:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 08:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109
 
Error: (08/05/2014 08:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-02 20:16:21.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:21.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:21.211
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:21.138
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:21.087
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:21.034
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:20.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:20.134
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:20.032
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-02 20:16:19.933
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 26%
Total physical RAM: 8071.27 MB
Available physical RAM: 5904 MB
Total Pagefile: 10887.27 MB
Available Pagefile: 7104.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:658.94 GB) (Free:543.67 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: C6EE3DD0)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you post the main FRST.tx as well please, it will be in the same location as FRST
  • 0

#5
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Bon (administrator) on BASHA2 on 06-08-2014 07:00:14
Running from C:\Users\Bon\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHOA.EXE
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(OldTimer Tools) C:\Users\Bon\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-02] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-20] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-10-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [283232 2013-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2473698545-154944616-3367849747-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Google Update] => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-22] (Google Inc.)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [283232 2013-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4566664 2014-06-16] (Plex, Inc.)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Google+ Auto Backup] => C:\Users\Bon\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-06-06] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-07-29] (Client Connect LTD)
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-27] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-07-29] (Client Connect LTD)
AppInit_DLLs-x32:  C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...0EE057C58&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKCU - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {24B45E31-E3B5-417F-B7FA-0FCD6D6EEE11} URL = http://www.bing.com/...E10TR&pc=MASAJS
SearchScopes: HKCU - {3ED9CB0C-7257-4657-A8A6-25735415B603} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {C962259C-EF2E-44D2-BD60-134317BD123F} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {CA4F3DA2-AF01-4ACE-AF30-CAC4B9DDC731} URL = http://search.condui...q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Vtools Toolbar -> {5BFEFF94-6411-4B74-A947-4969134B24DE} -> C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default
FF NewTab: hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP2B6FE212-3B04-4216-840D-EC30EE057C58
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2B6FE212-3B04-4216-840D-EC30EE057C58&SSPV=
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407956&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Bon\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Bon\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bon\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\searchplugins\yahoo_ff.xml
FF Extension: Pin It button - C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\Extensions\[email protected] [2013-12-25]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: hxxp://search.yahoo.com/?type=407956&fr=spigot-yhp-ie
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Drive) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-27]
CHR Extension: (YouTube) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]
CHR Extension: (Google Search) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]
CHR Extension: (Plex) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2014-07-24]
CHR Extension: (Pin It Button) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-13]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-06-27]
CHR Extension: (Domain Error Assistant) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2014-06-27]
CHR Extension: (Slick Savings) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-06-27]
CHR Extension: (Google Wallet) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Windows 8 App Store) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcofehgfaeaakklkbahafjoifnaagecj [2014-06-27]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2014-06-27]
CHR Extension: (Gmail) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27]
CHR Extension: (Yann Arthus-Bertrand) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc [2014-07-05]
CHR Extension: (Extutil) - C:\Users\Bon\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-06-30]
CHR Extension: (Managera) - C:\Users\Bon\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-06-30]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-23] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-23] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-05-23] (Sony Corporation) [File not signed]
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344864 2013-09-23] (Intel Corporation)
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-06] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-20] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
R3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-06 07:00 - 2014-08-06 07:00 - 00034392 _____ () C:\Users\Bon\Downloads\FRST.txt
2014-08-06 07:00 - 2014-08-06 07:00 - 00000000 ____D () C:\FRST
2014-08-06 06:59 - 2014-08-06 06:59 - 02094080 _____ (Farbar) C:\Users\Bon\Downloads\FRST64.exe
2014-08-05 20:53 - 2014-08-05 20:53 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-05 20:53 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\Program Files\iTunes
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-05 20:52 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iPod
2014-08-05 19:51 - 2014-08-05 21:25 - 00077854 _____ () C:\Users\Bon\Downloads\Extras.Txt
2014-08-05 19:50 - 2014-08-05 21:23 - 00168690 _____ () C:\Users\Bon\Downloads\OTL.Txt
2014-08-05 19:39 - 2014-08-05 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Bon\Downloads\OTL.exe
2014-07-30 21:41 - 2014-07-30 21:42 - 00003118 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2014-07-30 21:41 - 2014-07-30 21:42 - 00000478 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-07-30 21:41 - 2014-07-30 21:41 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\ParetoLogic
2014-07-30 21:41 - 2014-07-30 21:41 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\DriverCure
2014-07-30 21:38 - 2014-07-30 21:39 - 02953520 _____ (AVAST Software) C:\Users\Bon\Downloads\avast-browser-cleanup.exe
2014-07-30 21:23 - 2014-08-02 09:08 - 00000470 _____ () C:\WINDOWS\Tasks\RegCure Pro Startup.job
2014-07-30 21:23 - 2014-08-01 06:56 - 00000452 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-30 21:23 - 2014-07-31 21:23 - 00001206 _____ () C:\Users\Bon\Desktop\RegCure Pro.lnk
2014-07-30 21:23 - 2014-07-30 21:41 - 00000573 _____ () C:\WINDOWS\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
2014-07-30 21:23 - 2014-07-30 21:25 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup (1).exe
2014-07-30 21:23 - 2014-07-30 21:23 - 00003978 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1
2014-07-30 21:23 - 2014-07-30 21:23 - 00002906 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3_triggeronce
2014-07-30 21:23 - 2014-07-30 21:23 - 00002600 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro Startup
2014-07-30 21:23 - 2014-07-30 21:23 - 00002592 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2014-07-30 21:23 - 2014-07-30 21:23 - 00000404 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\Program Files (x86)\ParetoLogic
2014-07-30 21:20 - 2014-07-30 21:23 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup.exe
2014-07-30 21:17 - 2014-07-30 21:17 - 00001122 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-07-30 21:17 - 2014-07-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-30 21:16 - 2014-07-30 21:16 - 17312072 _____ (Google Inc.) C:\Users\Bon\Downloads\picasa39-setup.exe
2014-07-30 21:08 - 2014-07-30 21:09 - 00000000 ____D () C:\Users\Bon\Desktop\desktop docs
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-30 21:02 - 2014-07-30 21:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Vtools Toolbar
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-07-24 13:09 - 2014-07-24 13:09 - 00002319 _____ () C:\Users\Bon\Desktop\Chrome App Launcher.lnk
2014-07-24 13:09 - 2014-07-24 13:09 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-24 12:33 - 2014-07-24 12:33 - 61180456 _____ (Plex, Inc.) C:\Users\Bon\Downloads\Plex-Media-Server-0.9.912.504-3e7f93c-en-US.exe
2014-07-24 12:22 - 2014-07-24 12:25 - 00000000 ____D () C:\Users\Bon\Desktop\Rugby
2014-07-24 11:48 - 2014-07-30 21:41 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-24 11:48 - 2014-07-24 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-07-24 11:48 - 2014-07-24 12:26 - 00000000 ____D () C:\Users\Bon\AppData\Local\Plex Media Server
2014-07-24 11:47 - 2014-07-24 11:47 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-07-24 11:31 - 2014-07-24 11:31 - 00000913 _____ () C:\Users\Bon\Desktop\BitTorrent.lnk
2014-07-24 11:31 - 2014-07-24 11:31 - 00000893 _____ () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-24 11:30 - 2014-07-24 12:39 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\BitTorrent
2014-07-15 16:05 - 2014-07-15 16:14 - 00000000 ____D () C:\Users\Bon\Desktop\paystubs
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-07-12 20:56 - 2014-07-12 20:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 21:00 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 21:00 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 21:00 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 21:00 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 20:59 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 20:59 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 20:59 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 20:59 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 20:59 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 20:59 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 20:59 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 20:59 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 20:59 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 20:59 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 20:59 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 20:59 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 20:59 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 20:59 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 20:59 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 20:59 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 20:59 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 20:59 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 20:59 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 20:59 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 20:59 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 20:59 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 20:59 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 20:37 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 20:33 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 20:32 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 20:32 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 20:32 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 20:27 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 20:27 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 20:27 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 20:27 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 20:27 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 20:27 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 20:17 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 20:17 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 20:17 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 20:17 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 20:17 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 20:15 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 20:15 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 20:15 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 20:15 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 20:15 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 20:15 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 20:15 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 20:15 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 20:15 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 20:15 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 20:15 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 20:15 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 20:15 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 20:15 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 20:15 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:54 - 2014-07-09 19:54 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-06 07:00 - 2014-08-06 07:00 - 00034392 _____ () C:\Users\Bon\Downloads\FRST.txt
2014-08-06 07:00 - 2014-08-06 07:00 - 00000000 ____D () C:\FRST
2014-08-06 07:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-06 06:59 - 2014-08-06 06:59 - 02094080 _____ (Farbar) C:\Users\Bon\Downloads\FRST64.exe
2014-08-06 06:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-08-06 06:58 - 2013-11-17 14:06 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C4012DE9-76EF-4190-9002-E20888E37887}
2014-08-06 06:58 - 2013-06-20 20:26 - 00000000 ____D () C:\Users\Bon\AppData\Local\Adobe
2014-08-06 05:42 - 2013-11-22 23:16 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-05 22:04 - 2013-03-29 23:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2473698545-154944616-3367849747-1002
2014-08-05 21:58 - 2013-09-22 08:21 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002UA.job
2014-08-05 21:52 - 2014-06-27 21:47 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 21:52 - 2014-06-27 21:47 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 21:52 - 2014-06-27 21:47 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 21:38 - 2014-02-08 13:38 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-08-05 21:38 - 2013-08-19 09:38 - 00000292 _____ () C:\WINDOWS\Tasks\DSite.job
2014-08-05 21:25 - 2014-08-05 19:51 - 00077854 _____ () C:\Users\Bon\Downloads\Extras.Txt
2014-08-05 21:23 - 2014-08-05 19:50 - 00168690 _____ () C:\Users\Bon\Downloads\OTL.Txt
2014-08-05 20:53 - 2014-08-05 20:53 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-05 20:53 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iTunes
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-05 20:52 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iPod
2014-08-05 19:39 - 2014-08-05 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Bon\Downloads\OTL.exe
2014-08-05 19:38 - 2013-11-17 12:58 - 01321767 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-05 06:38 - 2013-08-19 12:38 - 00000066 _____ () C:\Users\Bon\AppData\Roaming\WB.CFG
2014-08-04 06:18 - 2014-01-12 20:03 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-03 16:58 - 2013-09-22 08:21 - 00000862 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002Core.job
2014-08-03 06:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-02 09:10 - 2013-11-17 14:05 - 00000000 __RDO () C:\Users\Bon\SkyDrive
2014-08-02 09:08 - 2014-07-30 21:23 - 00000470 _____ () C:\WINDOWS\Tasks\RegCure Pro Startup.job
2014-08-01 06:56 - 2014-07-30 21:23 - 00000452 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-31 21:23 - 2014-07-30 21:23 - 00001206 _____ () C:\Users\Bon\Desktop\RegCure Pro.lnk
2014-07-30 21:47 - 2013-09-30 00:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-30 21:42 - 2014-07-30 21:41 - 00003118 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2014-07-30 21:42 - 2014-07-30 21:41 - 00000478 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-07-30 21:41 - 2014-07-30 21:41 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\ParetoLogic
2014-07-30 21:41 - 2014-07-30 21:41 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\DriverCure
2014-07-30 21:41 - 2014-07-30 21:23 - 00000573 _____ () C:\WINDOWS\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
2014-07-30 21:41 - 2014-07-24 11:48 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-07-30 21:41 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-30 21:40 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-30 21:39 - 2014-07-30 21:38 - 02953520 _____ (AVAST Software) C:\Users\Bon\Downloads\avast-browser-cleanup.exe
2014-07-30 21:25 - 2014-07-30 21:23 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup (1).exe
2014-07-30 21:23 - 2014-07-30 21:23 - 00003978 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1
2014-07-30 21:23 - 2014-07-30 21:23 - 00002906 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3_triggeronce
2014-07-30 21:23 - 2014-07-30 21:23 - 00002600 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro Startup
2014-07-30 21:23 - 2014-07-30 21:23 - 00002592 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2014-07-30 21:23 - 2014-07-30 21:23 - 00000404 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-30 21:23 - 2014-07-30 21:23 - 00000000 ____D () C:\Program Files (x86)\ParetoLogic
2014-07-30 21:23 - 2014-07-30 21:20 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup.exe
2014-07-30 21:17 - 2014-07-30 21:17 - 00001122 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-07-30 21:17 - 2014-07-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-30 21:17 - 2013-05-26 21:24 - 00000000 ____D () C:\Users\Bon\AppData\Local\Google
2014-07-30 21:16 - 2014-07-30 21:16 - 17312072 _____ (Google Inc.) C:\Users\Bon\Downloads\picasa39-setup.exe
2014-07-30 21:16 - 2013-05-26 21:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-30 21:09 - 2014-07-30 21:08 - 00000000 ____D () C:\Users\Bon\Desktop\desktop docs
2014-07-30 21:08 - 2013-10-30 21:02 - 00000000 ____D () C:\Update
2014-07-30 21:05 - 2013-11-22 22:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-30 21:05 - 2013-02-25 19:04 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-30 21:05 - 2013-02-25 18:44 - 00000000 ____D () C:\Program Files\Intel
2014-07-30 21:05 - 2013-02-25 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\Guest
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\Administrator
2014-07-30 21:04 - 2013-02-25 18:40 - 00000000 ____D () C:\ProgramData\Intel
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-30 21:03 - 2013-11-17 12:57 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-07-30 21:03 - 2013-02-25 18:40 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-07-30 21:02 - 2014-07-30 21:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-30 21:02 - 2013-02-25 18:31 - 00040146 _____ () C:\WINDOWS\DPINST.LOG
2014-07-30 21:01 - 2013-02-25 19:04 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2014-07-30 21:01 - 2013-02-25 18:25 - 00000000 ____D () C:\Program Files\Sony
2014-07-29 23:19 - 2013-10-26 23:26 - 00219648 ___SH () C:\Users\Bon\Desktop\Thumbs.db
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Vtools Toolbar
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-07-24 13:09 - 2014-07-24 13:09 - 00002319 _____ () C:\Users\Bon\Desktop\Chrome App Launcher.lnk
2014-07-24 13:09 - 2014-07-24 13:09 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-24 12:39 - 2014-07-24 11:30 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\BitTorrent
2014-07-24 12:35 - 2014-07-24 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-07-24 12:33 - 2014-07-24 12:33 - 61180456 _____ (Plex, Inc.) C:\Users\Bon\Downloads\Plex-Media-Server-0.9.912.504-3e7f93c-en-US.exe
2014-07-24 12:26 - 2014-07-24 11:48 - 00000000 ____D () C:\Users\Bon\AppData\Local\Plex Media Server
2014-07-24 12:26 - 2014-02-18 22:11 - 00043520 ___SH () C:\Users\Bon\Downloads\Thumbs.db
2014-07-24 12:25 - 2014-07-24 12:22 - 00000000 ____D () C:\Users\Bon\Desktop\Rugby
2014-07-24 11:48 - 2013-08-18 21:50 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Apple Computer
2014-07-24 11:48 - 2013-08-18 21:50 - 00000000 ____D () C:\Users\Bon\AppData\Local\Apple Computer
2014-07-24 11:47 - 2014-07-24 11:47 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-07-24 11:35 - 2014-02-18 21:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 11:35 - 2014-02-18 21:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 11:35 - 2013-09-29 23:55 - 00018240 _____ () C:\WINDOWS\PFRO.log
2014-07-24 11:31 - 2014-07-24 11:31 - 00000913 _____ () C:\Users\Bon\Desktop\BitTorrent.lnk
2014-07-24 11:31 - 2014-07-24 11:31 - 00000893 _____ () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-24 11:15 - 2013-08-22 10:46 - 00356207 _____ () C:\WINDOWS\setupact.log
2014-07-24 10:44 - 2014-02-18 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 09:45 - 2013-11-17 13:06 - 00000000 ____D () C:\Users\Bon
2014-07-15 16:14 - 2014-07-15 16:05 - 00000000 ____D () C:\Users\Bon\Desktop\paystubs
2014-07-13 21:20 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-07-12 21:02 - 2014-07-05 08:39 - 00001947 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-07-12 21:02 - 2014-07-05 08:39 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-07-12 20:58 - 2013-08-22 10:44 - 05077080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 20:56 - 2014-07-12 20:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 21:50 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 21:02 - 2013-08-19 00:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 21:02 - 2013-04-17 20:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 21:00 - 2013-03-31 20:00 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 20:33 - 2013-09-29 23:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:54 - 2014-07-09 19:54 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 21:49 - 2013-11-22 23:16 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
 
Some content of TEMP:
====================
C:\Users\Bon\AppData\Local\Temp\4A8D_bittorrent.exe
C:\Users\Bon\AppData\Local\Temp\air4A8C.exe
C:\Users\Bon\AppData\Local\Temp\air526E.exe
C:\Users\Bon\AppData\Local\Temp\exthelper.exe
C:\Users\Bon\AppData\Local\Temp\GLF2487.EXE
C:\Users\Bon\AppData\Local\Temp\GLF2757.EXE
C:\Users\Bon\AppData\Local\Temp\GLF4159.EXE
C:\Users\Bon\AppData\Local\Temp\GLF43CB.EXE
C:\Users\Bon\AppData\Local\Temp\GLF50E6.EXE
C:\Users\Bon\AppData\Local\Temp\GLF5730.EXE
C:\Users\Bon\AppData\Local\Temp\GLF7BB6.EXE
C:\Users\Bon\AppData\Local\Temp\GLF8126.EXE
C:\Users\Bon\AppData\Local\Temp\GLF943A.EXE
C:\Users\Bon\AppData\Local\Temp\GLF9A66.EXE
C:\Users\Bon\AppData\Local\Temp\GLF9DF3.EXE
C:\Users\Bon\AppData\Local\Temp\GLFA8D2.EXE
C:\Users\Bon\AppData\Local\Temp\GLFAE12.EXE
C:\Users\Bon\AppData\Local\Temp\GLFB179.EXE
C:\Users\Bon\AppData\Local\Temp\GLFB69F.EXE
C:\Users\Bon\AppData\Local\Temp\GLFBB02.EXE
C:\Users\Bon\AppData\Local\Temp\GLFBCD4.EXE
C:\Users\Bon\AppData\Local\Temp\GLFC053.EXE
C:\Users\Bon\AppData\Local\Temp\GLFD829.EXE
C:\Users\Bon\AppData\Local\Temp\GLFDA8B.EXE
C:\Users\Bon\AppData\Local\Temp\GLFF1D2.EXE
C:\Users\Bon\AppData\Local\Temp\GLFF405.EXE
C:\Users\Bon\AppData\Local\Temp\nsa6770.exe
C:\Users\Bon\AppData\Local\Temp\nsb361E.exe
C:\Users\Bon\AppData\Local\Temp\nsgC1FA.exe
C:\Users\Bon\AppData\Local\Temp\nsn60B9.exe
C:\Users\Bon\AppData\Local\Temp\nsn6BF6.exe
C:\Users\Bon\AppData\Local\Temp\nsoC79A.exe
C:\Users\Bon\AppData\Local\Temp\nsp32D1.exe
C:\Users\Bon\AppData\Local\Temp\nssC4AB.exe
C:\Users\Bon\AppData\Local\Temp\nsy6EF4.exe
C:\Users\Bon\AppData\Local\Temp\nsz6406.exe
C:\Users\Bon\AppData\Local\Temp\SPSetup.exe
C:\Users\Bon\AppData\Local\Temp\_is9AA1.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-01 05:26
 
==================== End Of Log ============================

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of this could you let me know how the system is behaving

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-07-29] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-07-29] (Client Connect LTD)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...0EE057C58&SSPV=
URLSearchHook: HKCU - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {CA4F3DA2-AF01-4ACE-AF30-CAC4B9DDC731} URL = http://search.condui...q={searchTerms}
BHO-x32: Vtools Toolbar -> {5BFEFF94-6411-4B74-A947-4969134B24DE} -> C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
BHO-x32: No Name -> {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} -> No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Vtools Toolbar - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files (x86)\Vtools Toolbar\IE\9.6\vtoolsToolbarIE.dll (Spigot, Inc.)
FF NewTab: hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP2B6FE212-3B04-4216-840D-EC30EE057C58
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2B6FE212-3B04-4216-840D-EC30EE057C58&SSPV=
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Bon\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-06-27]
CHR Extension: (Domain Error Assistant) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2014-06-27]
CHR Extension: (Slick Savings) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-06-27]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2014-06-27]
CHR Extension: (Extutil) - C:\Users\Bon\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-06-30]
CHR Extension: (Managera) - C:\Users\Bon\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-06-30]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Vtools Toolbar
2014-07-29 21:19 - 2014-07-29 21:19 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-07-24 11:48 - 2014-07-30 21:41 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-05 21:38 - 2014-02-08 13:38 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-08-05 21:38 - 2013-08-19 09:38 - 00000292 _____ () C:\WINDOWS\Tasks\DSite.job
2014-08-04 06:18 - 2014-01-12 20:03 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Bon\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\DSite.job => C:\Users\Bon\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\Bon\AppData\Roaming\DIGITA~1
C:\Users\Bon\AppData\Roaming\DSite
C:\Program Files (x86)\Common Files\Spigot
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#7
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

There's some kind of problem - it freezes the browser everything I try to paste the text from the fixlog, and when I run the Adwcleaner, it doesn't reboot -- it posts some kind of error msg and then says that the program has to close and shuts it down. What should I do?


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Could you attach the fixlog, I will look at that and then decide where to go from there


  • 0

#9
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

It won't let me post the fixlist -- it doesn't even see it. When I open Frst.exe it says it can't see fixlist.txt -- that it isn't in the same directory as the tool, but they are - they are both in my download folder on my desktop. I don't have a way to run the fixlist through frst.exe -- is there another way? Could the virus/malware be this sophisticated?


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you run AdwCleaner and then produce a fresh FRST scan log for me please
  • 0

Advertisements


#11
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Adwcleaner log 

 

# AdwCleaner v3.304 - Report created 09/08/2014 at 16:05:56
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Bon - BASHA2
# Running from : C:\Users\Bon\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v31.0 (x86 en-US)
 
[ File : C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Homepage] : hxxp://search.yahoo.com/?type=407956&fr=spigot-yhp-ie
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [5320 octets] - [06/08/2014 20:58:55]
AdwCleaner[R1].txt - [5380 octets] - [06/08/2014 21:04:13]
AdwCleaner[R2].txt - [1485 octets] - [06/08/2014 21:08:29]
AdwCleaner[R3].txt - [1446 octets] - [09/08/2014 16:04:23]
AdwCleaner[S0].txt - [4670 octets] - [06/08/2014 21:05:44]
AdwCleaner[S1].txt - [1147 octets] - [06/08/2014 21:10:06]
AdwCleaner[S2].txt - [1375 octets] - [09/08/2014 16:05:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1435 octets] ##########

  • 0

#12
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014 01
Ran by Bon (administrator) on BASHA2 on 09-08-2014 16:12:21
Running from C:\Users\Bon\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHOA.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-02] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-20] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-10-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [283232 2013-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2473698545-154944616-3367849747-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Google Update] => C:\Users\Bon\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-22] (Google Inc.)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [283232 2013-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4566664 2014-06-16] (Plex, Inc.)
HKU\S-1-5-21-2473698545-154944616-3367849747-1002\...\Run: [Google+ Auto Backup] => C:\Users\Bon\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-06-06] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-27] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {24B45E31-E3B5-417F-B7FA-0FCD6D6EEE11} URL = http://www.bing.com/...E10TR&pc=MASAJS
SearchScopes: HKCU - {3ED9CB0C-7257-4657-A8A6-25735415B603} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {C962259C-EF2E-44D2-BD60-134317BD123F} URL = http://search.yahoo....p={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407956&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Bon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Bon\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Bon\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bon\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\searchplugins\yahoo_ff.xml
FF Extension: Pin It button - C:\Users\Bon\AppData\Roaming\Mozilla\Firefox\Profiles\488yb04x.default\Extensions\[email protected] [2013-12-25]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: hxxp://search.yahoo.com/?type=407956&fr=spigot-yhp-ie
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Drive) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-27]
CHR Extension: (YouTube) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]
CHR Extension: (Google Search) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]
CHR Extension: (Plex) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2014-07-24]
CHR Extension: (Pin It Button) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-07-13]
CHR Extension: (Google Wallet) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Windows 8 App Store) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcofehgfaeaakklkbahafjoifnaagecj [2014-06-27]
CHR Extension: (Gmail) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27]
CHR Extension: (Yann Arthus-Bertrand) - C:\Users\Bon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc [2014-07-05]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-23] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-23] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-05-23] (Sony Corporation) [File not signed]
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344864 2013-09-23] (Intel Corporation)
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-06] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-20] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
S3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-09 16:12 - 2014-08-09 16:12 - 00000000 ____D () C:\Users\Bon\Downloads\FRST-OlderVersion
2014-08-09 16:04 - 2014-08-09 16:04 - 01366203 _____ () C:\Users\Bon\Downloads\AdwCleaner.exe
2014-08-09 16:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-09 15:48 - 2014-08-09 15:48 - 03552760 _____ (tuneuppro.com ) C:\Users\Bon\Downloads\tall_090807484139486136.exe
2014-08-07 15:54 - 2014-08-07 15:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-06 20:58 - 2014-08-09 16:06 - 00000000 ____D () C:\AdwCleaner
2014-08-06 20:52 - 2014-08-09 16:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-06 20:45 - 2014-08-06 20:46 - 00000896 _____ () C:\Users\Bon\Desktop\Downloads.lnk
2014-08-06 15:55 - 2014-08-06 15:55 - 00013301 _____ () C:\Users\Bon\Downloads\Lions.Tour.2009.Test-2.RSA.v.British.Lions.HDTV.720p.x264.torrent
2014-08-06 15:53 - 2014-08-06 15:53 - 00011322 _____ () C:\Users\Bon\Downloads\2000_3N1`AUS-NZL.mp4.torrent
2014-08-06 15:22 - 2014-08-06 15:22 - 00018797 _____ () C:\Users\Bon\Downloads\2001.Bledisloe.Game.2.Sydney.torrent
2014-08-06 15:19 - 2014-08-06 15:19 - 00213206 _____ () C:\Users\Bon\Downloads\2008 3N.torrent
2014-08-06 15:17 - 2014-08-06 15:17 - 00021058 _____ () C:\Users\Bon\Downloads\Tri-Nations 2007.torrent
2014-08-06 15:14 - 2014-08-06 15:14 - 00054864 _____ () C:\Users\Bon\Downloads\2006 Tri Nations.torrent
2014-08-06 15:13 - 2014-08-06 15:13 - 00030054 _____ () C:\Users\Bon\Downloads\2005 Tri Nations.torrent
2014-08-06 15:09 - 2014-08-06 15:09 - 00014426 _____ () C:\Users\Bon\Downloads\3N.2005.08.20.R4.Australia.v.South.Africa.avi.torrent
2014-08-06 15:06 - 2014-08-06 15:06 - 00014393 _____ () C:\Users\Bon\Downloads\3N.2005.07.30.Round.1.South.Africa.vs.Australia.avi.torrent
2014-08-06 15:04 - 2014-08-06 15:04 - 00010993 _____ () C:\Users\Bon\Downloads\3N.1999.R4.SA.v.NZ.Pretoria.mkv.torrent
2014-08-06 14:58 - 2014-08-06 14:58 - 00016042 _____ () C:\Users\Bon\Downloads\RU.2014.TOP14.Final.Toulon.v.Castres.x264.mp4.torrent
2014-08-06 14:56 - 2014-08-06 14:56 - 00014213 _____ () C:\Users\Bon\Downloads\RU.2013-14.Heineken.Cup.Final.Toulon.v.Saracens.x264.mp4.torrent
2014-08-06 08:42 - 2014-08-06 08:42 - 00014752 _____ () C:\Users\Bon\Downloads\RU.2014.Super.Rugby.Final.x264-VB.torrent
2014-08-06 07:00 - 2014-08-09 16:12 - 00028795 _____ () C:\Users\Bon\Downloads\FRST.txt
2014-08-06 07:00 - 2014-08-09 16:12 - 00000000 ____D () C:\FRST
2014-08-06 07:00 - 2014-08-06 07:01 - 00075105 _____ () C:\Users\Bon\Downloads\Addition.txt
2014-08-06 06:59 - 2014-08-09 16:12 - 02093568 _____ (Farbar) C:\Users\Bon\Downloads\FRST64.exe
2014-08-05 20:53 - 2014-08-05 20:53 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-05 20:53 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\Program Files\iTunes
2014-08-05 20:52 - 2014-08-05 20:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-05 20:52 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iPod
2014-08-05 19:51 - 2014-08-05 21:25 - 00077854 _____ () C:\Users\Bon\Downloads\Extras.Txt
2014-08-05 19:50 - 2014-08-05 21:23 - 00168690 _____ () C:\Users\Bon\Downloads\OTL.Txt
2014-08-05 19:39 - 2014-08-05 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Bon\Downloads\OTL.exe
2014-07-30 21:38 - 2014-07-30 21:39 - 02953520 _____ (AVAST Software) C:\Users\Bon\Downloads\avast-browser-cleanup.exe
2014-07-30 21:23 - 2014-08-09 16:08 - 00000470 _____ () C:\WINDOWS\Tasks\RegCure Pro Startup.job
2014-07-30 21:23 - 2014-08-01 06:56 - 00000452 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-30 21:23 - 2014-07-31 21:23 - 00001206 _____ () C:\Users\Bon\Desktop\RegCure Pro.lnk
2014-07-30 21:23 - 2014-07-30 21:41 - 00000573 _____ () C:\WINDOWS\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
2014-07-30 21:23 - 2014-07-30 21:25 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup (1).exe
2014-07-30 21:23 - 2014-07-30 21:23 - 00003978 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1
2014-07-30 21:23 - 2014-07-30 21:23 - 00002906 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3_triggeronce
2014-07-30 21:23 - 2014-07-30 21:23 - 00002600 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro Startup
2014-07-30 21:20 - 2014-07-30 21:23 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup.exe
2014-07-30 21:17 - 2014-07-30 21:17 - 00001122 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-07-30 21:17 - 2014-07-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-30 21:16 - 2014-07-30 21:16 - 17312072 _____ (Google Inc.) C:\Users\Bon\Downloads\picasa39-setup.exe
2014-07-30 21:08 - 2014-07-30 21:09 - 00000000 ____D () C:\Users\Bon\Desktop\desktop docs
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-30 21:02 - 2014-07-30 21:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-24 13:09 - 2014-07-24 13:09 - 00002319 _____ () C:\Users\Bon\Desktop\Chrome App Launcher.lnk
2014-07-24 13:09 - 2014-07-24 13:09 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-24 12:33 - 2014-07-24 12:33 - 61180456 _____ (Plex, Inc.) C:\Users\Bon\Downloads\Plex-Media-Server-0.9.912.504-3e7f93c-en-US.exe
2014-07-24 12:22 - 2014-08-07 12:41 - 00000000 ____D () C:\Users\Bon\Desktop\Rugby
2014-07-24 11:48 - 2014-08-07 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-07-24 11:48 - 2014-07-24 12:26 - 00000000 ____D () C:\Users\Bon\AppData\Local\Plex Media Server
2014-07-24 11:47 - 2014-07-24 11:47 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-07-24 11:31 - 2014-07-24 11:31 - 00000913 _____ () C:\Users\Bon\Desktop\BitTorrent.lnk
2014-07-24 11:31 - 2014-07-24 11:31 - 00000893 _____ () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-24 11:30 - 2014-08-07 22:16 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\BitTorrent
2014-07-15 16:05 - 2014-07-15 16:14 - 00000000 ____D () C:\Users\Bon\Desktop\paystubs
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-07-12 20:56 - 2014-07-12 20:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-09 16:12 - 2014-08-09 16:12 - 00000000 ____D () C:\Users\Bon\Downloads\FRST-OlderVersion
2014-08-09 16:12 - 2014-08-06 07:00 - 00028795 _____ () C:\Users\Bon\Downloads\FRST.txt
2014-08-09 16:12 - 2014-08-06 07:00 - 00000000 ____D () C:\FRST
2014-08-09 16:12 - 2014-08-06 06:59 - 02093568 _____ (Farbar) C:\Users\Bon\Downloads\FRST64.exe
2014-08-09 16:11 - 2013-11-17 14:06 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C4012DE9-76EF-4190-9002-E20888E37887}
2014-08-09 16:10 - 2014-06-27 21:47 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-09 16:10 - 2014-06-27 21:47 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 16:10 - 2013-11-17 14:05 - 00000000 __RDO () C:\Users\Bon\SkyDrive
2014-08-09 16:09 - 2014-08-06 20:52 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-09 16:08 - 2014-07-30 21:23 - 00000470 _____ () C:\WINDOWS\Tasks\RegCure Pro Startup.job
2014-08-09 16:07 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-09 16:06 - 2014-08-06 20:58 - 00000000 ____D () C:\AdwCleaner
2014-08-09 16:06 - 2013-11-17 12:58 - 01706615 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-09 16:06 - 2013-09-29 23:55 - 00018546 _____ () C:\WINDOWS\PFRO.log
2014-08-09 16:06 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-09 16:05 - 2013-06-20 20:26 - 00000000 ____D () C:\Users\Bon\AppData\Local\Adobe
2014-08-09 16:04 - 2014-08-09 16:04 - 01366203 _____ () C:\Users\Bon\Downloads\AdwCleaner.exe
2014-08-09 16:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-09 15:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-09 15:58 - 2013-11-22 23:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-09 15:52 - 2014-06-27 21:47 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-09 15:48 - 2014-08-09 15:48 - 03552760 _____ (tuneuppro.com ) C:\Users\Bon\Downloads\tall_090807484139486136.exe
2014-08-09 15:42 - 2013-11-22 23:16 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-09 14:58 - 2013-09-22 08:21 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002UA.job
2014-08-08 22:42 - 2013-03-29 23:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2473698545-154944616-3367849747-1002
2014-08-08 21:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-08-08 09:44 - 2013-11-17 13:06 - 00000000 ____D () C:\Users\Bon
2014-08-07 22:16 - 2014-07-24 11:30 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\BitTorrent
2014-08-07 16:58 - 2013-09-22 08:21 - 00000862 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2473698545-154944616-3367849747-1002Core.job
2014-08-07 15:55 - 2014-08-07 15:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 12:41 - 2014-07-24 12:22 - 00000000 ____D () C:\Users\Bon\Desktop\Rugby
2014-08-07 12:07 - 2014-07-24 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-08-06 21:03 - 2014-02-18 22:11 - 00074240 ___SH () C:\Users\Bon\Downloads\Thumbs.db
2014-08-06 20:56 - 2013-09-30 00:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-06 20:48 - 2013-07-06 12:38 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Catalina – Print Savings
2014-08-06 20:46 - 2014-08-06 20:45 - 00000896 _____ () C:\Users\Bon\Desktop\Downloads.lnk
2014-08-06 15:55 - 2014-08-06 15:55 - 00013301 _____ () C:\Users\Bon\Downloads\Lions.Tour.2009.Test-2.RSA.v.British.Lions.HDTV.720p.x264.torrent
2014-08-06 15:53 - 2014-08-06 15:53 - 00011322 _____ () C:\Users\Bon\Downloads\2000_3N1`AUS-NZL.mp4.torrent
2014-08-06 15:22 - 2014-08-06 15:22 - 00018797 _____ () C:\Users\Bon\Downloads\2001.Bledisloe.Game.2.Sydney.torrent
2014-08-06 15:19 - 2014-08-06 15:19 - 00213206 _____ () C:\Users\Bon\Downloads\2008 3N.torrent
2014-08-06 15:17 - 2014-08-06 15:17 - 00021058 _____ () C:\Users\Bon\Downloads\Tri-Nations 2007.torrent
2014-08-06 15:14 - 2014-08-06 15:14 - 00054864 _____ () C:\Users\Bon\Downloads\2006 Tri Nations.torrent
2014-08-06 15:13 - 2014-08-06 15:13 - 00030054 _____ () C:\Users\Bon\Downloads\2005 Tri Nations.torrent
2014-08-06 15:09 - 2014-08-06 15:09 - 00014426 _____ () C:\Users\Bon\Downloads\3N.2005.08.20.R4.Australia.v.South.Africa.avi.torrent
2014-08-06 15:06 - 2014-08-06 15:06 - 00014393 _____ () C:\Users\Bon\Downloads\3N.2005.07.30.Round.1.South.Africa.vs.Australia.avi.torrent
2014-08-06 15:04 - 2014-08-06 15:04 - 00010993 _____ () C:\Users\Bon\Downloads\3N.1999.R4.SA.v.NZ.Pretoria.mkv.torrent
2014-08-06 14:58 - 2014-08-06 14:58 - 00016042 _____ () C:\Users\Bon\Downloads\RU.2014.TOP14.Final.Toulon.v.Castres.x264.mp4.torrent
2014-08-06 14:56 - 2014-08-06 14:56 - 00014213 _____ () C:\Users\Bon\Downloads\RU.2013-14.Heineken.Cup.Final.Toulon.v.Saracens.x264.mp4.torrent
2014-08-06 14:44 - 2013-10-26 23:26 - 00219648 ___SH () C:\Users\Bon\Desktop\Thumbs.db
2014-08-06 08:42 - 2014-08-06 08:42 - 00014752 _____ () C:\Users\Bon\Downloads\RU.2014.Super.Rugby.Final.x264-VB.torrent
2014-08-06 07:38 - 2013-08-19 12:38 - 00000067 _____ () C:\Users\Bon\AppData\Roaming\WB.CFG
2014-08-06 07:01 - 2014-08-06 07:00 - 00075105 _____ () C:\Users\Bon\Downloads\Addition.txt
2014-08-05 21:25 - 2014-08-05 19:51 - 00077854 _____ () C:\Users\Bon\Downloads\Extras.Txt
2014-08-05 21:23 - 2014-08-05 19:50 - 00168690 _____ () C:\Users\Bon\Downloads\OTL.Txt
2014-08-05 20:53 - 2014-08-05 20:53 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-05 20:53 - 2014-08-05 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iTunes
2014-08-05 20:53 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-05 20:52 - 2014-08-05 20:52 - 00000000 ____D () C:\Program Files\iPod
2014-08-05 19:39 - 2014-08-05 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Bon\Downloads\OTL.exe
2014-08-01 06:56 - 2014-07-30 21:23 - 00000452 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-31 21:23 - 2014-07-30 21:23 - 00001206 _____ () C:\Users\Bon\Desktop\RegCure Pro.lnk
2014-07-30 21:41 - 2014-07-30 21:23 - 00000573 _____ () C:\WINDOWS\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1.job
2014-07-30 21:39 - 2014-07-30 21:38 - 02953520 _____ (AVAST Software) C:\Users\Bon\Downloads\avast-browser-cleanup.exe
2014-07-30 21:25 - 2014-07-30 21:23 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup (1).exe
2014-07-30 21:23 - 2014-07-30 21:23 - 00003978 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro_sch_54AD55D6-1851-11E4-BEBB-C8F733AF98B1
2014-07-30 21:23 - 2014-07-30 21:23 - 00002906 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3_triggeronce
2014-07-30 21:23 - 2014-07-30 21:23 - 00002600 _____ () C:\WINDOWS\System32\Tasks\RegCure Pro Startup
2014-07-30 21:23 - 2014-07-30 21:20 - 06762112 _____ (ParetoLogic, Inc.) C:\Users\Bon\Downloads\RegCureProSetup.exe
2014-07-30 21:17 - 2014-07-30 21:17 - 00001122 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-07-30 21:17 - 2014-07-30 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-30 21:17 - 2013-05-26 21:24 - 00000000 ____D () C:\Users\Bon\AppData\Local\Google
2014-07-30 21:16 - 2014-07-30 21:16 - 17312072 _____ (Google Inc.) C:\Users\Bon\Downloads\picasa39-setup.exe
2014-07-30 21:16 - 2013-05-26 21:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-30 21:09 - 2014-07-30 21:08 - 00000000 ____D () C:\Users\Bon\Desktop\desktop docs
2014-07-30 21:08 - 2013-10-30 21:02 - 00000000 ____D () C:\Update
2014-07-30 21:05 - 2013-11-22 22:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-30 21:05 - 2013-02-25 19:04 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-30 21:05 - 2013-02-25 18:44 - 00000000 ____D () C:\Program Files\Intel
2014-07-30 21:05 - 2013-02-25 18:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\Guest
2014-07-30 21:04 - 2014-04-06 18:20 - 00000000 ____D () C:\Users\Administrator
2014-07-30 21:04 - 2013-02-25 18:40 - 00000000 ____D () C:\ProgramData\Intel
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-07-30 21:03 - 2014-07-30 21:03 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-30 21:03 - 2013-11-17 12:57 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-07-30 21:03 - 2013-02-25 18:40 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-07-30 21:02 - 2014-07-30 21:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-30 21:02 - 2013-02-25 18:31 - 00040146 _____ () C:\WINDOWS\DPINST.LOG
2014-07-30 21:01 - 2013-02-25 19:04 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2014-07-30 21:01 - 2013-02-25 18:25 - 00000000 ____D () C:\Program Files\Sony
2014-07-24 13:09 - 2014-07-24 13:09 - 00002319 _____ () C:\Users\Bon\Desktop\Chrome App Launcher.lnk
2014-07-24 13:09 - 2014-07-24 13:09 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-24 12:33 - 2014-07-24 12:33 - 61180456 _____ (Plex, Inc.) C:\Users\Bon\Downloads\Plex-Media-Server-0.9.912.504-3e7f93c-en-US.exe
2014-07-24 12:26 - 2014-07-24 11:48 - 00000000 ____D () C:\Users\Bon\AppData\Local\Plex Media Server
2014-07-24 11:48 - 2013-08-18 21:50 - 00000000 ____D () C:\Users\Bon\AppData\Roaming\Apple Computer
2014-07-24 11:48 - 2013-08-18 21:50 - 00000000 ____D () C:\Users\Bon\AppData\Local\Apple Computer
2014-07-24 11:47 - 2014-07-24 11:47 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-07-24 11:35 - 2014-02-18 21:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 11:35 - 2014-02-18 21:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 11:31 - 2014-07-24 11:31 - 00000913 _____ () C:\Users\Bon\Desktop\BitTorrent.lnk
2014-07-24 11:31 - 2014-07-24 11:31 - 00000893 _____ () C:\Users\Bon\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-24 11:15 - 2013-08-22 10:46 - 00356207 _____ () C:\WINDOWS\setupact.log
2014-07-24 10:44 - 2014-02-18 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-15 16:14 - 2014-07-15 16:05 - 00000000 ____D () C:\Users\Bon\Desktop\paystubs
2014-07-13 21:20 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-07-12 21:02 - 2014-07-12 21:02 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-07-12 21:02 - 2014-07-05 08:39 - 00001947 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-07-12 21:02 - 2014-07-05 08:39 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-07-12 20:58 - 2013-08-22 10:44 - 05077080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 20:56 - 2014-07-12 20:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 20:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
 
Some content of TEMP:
====================
C:\Users\Bon\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-08 09:54
 
==================== End Of Log ============================

  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets try FRST once more. How is the computer at the moment ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

2014-08-06 20:52 - 2014-08-09 16:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#14
trubrecht

trubrecht

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

The computer seems to be running a little better overall--here's the fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-08-2014 01
Ran by Bon at 2014-08-09 19:51:05 Run:2
Running from C:\Users\Bon\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
2014-08-06 20:52 - 2014-08-09 16:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:
*****************
 
 
"C:\ProgramData\boost_interprocess" directory move:
 
C:\ProgramData\boost_interprocess\20140809160646.491787\plex_frame_mutex => Moved successfully.
Could not move "C:\ProgramData\boost_interprocess" directory. => Scheduled to move on reboot.
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  DEL %TEMP%\*.* /F /S /Q =========
 
C:\Users\Bon\AppData\Local\Temp\ACC.log
The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\AdobeARM.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Bon\AppData\Local\Temp\AdwCleaner.jpg
Deleted file - C:\Users\Bon\AppData\Local\Temp\ArmUI.ini
Deleted file - C:\Users\Bon\AppData\Local\Temp\Avast-Browser-Cleanup.log
Deleted file - C:\Users\Bon\AppData\Local\Temp\Cleaning.ico
Deleted file - C:\Users\Bon\AppData\Local\Temp\Donate.ico
Deleted file - C:\Users\Bon\AppData\Local\Temp\EULA.txt
Deleted file - C:\Users\Bon\AppData\Local\Temp\FXSAPIDebugLogFile.txt
Deleted file - C:\Users\Bon\AppData\Local\Temp\FXSTIFFDebugLogFile.txt
Deleted file - C:\Users\Bon\AppData\Local\Temp\MpCmdRun.log
C:\Users\Bon\AppData\Local\Temp\NELog.log
The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\oobelib.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Bon\AppData\Local\Temp\PDApp 8-8-2014 09-45-00.log
C:\Users\Bon\AppData\Local\Temp\PDApp.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Bon\AppData\Local\Temp\Plex Media Server_20140807120545.log
Deleted file - C:\Users\Bon\AppData\Local\Temp\Plex Media Server_20140807120545_0_pms.log
Deleted file - C:\Users\Bon\AppData\Local\Temp\Quarantine.exe
Deleted file - C:\Users\Bon\AppData\Local\Temp\Report.ico
Deleted file - C:\Users\Bon\AppData\Local\Temp\RU.2013-14.Heineken.Cup.QF.Munster.v.Toulouse.x264.mp4.torrent
Deleted file - C:\Users\Bon\AppData\Local\Temp\RU.2013.Currie.Cup.R01.Western.Province.vs.Blue.Bulls.x264.mp4.torrent
Deleted file - C:\Users\Bon\AppData\Local\Temp\RU.2013.Currie.Cup.R02.Blue.Bulls.vs.Griquas.x264.mp4.torrent
Deleted file - C:\Users\Bon\AppData\Local\Temp\RU.2013.ITM.Cup.R01.Counties.Manukau.v.Wellington.x264.mp4.torrent
Deleted file - C:\Users\Bon\AppData\Local\Temp\Scan.ico
Deleted file - C:\Users\Bon\AppData\Local\Temp\TWAIN.LOG
Deleted file - C:\Users\Bon\AppData\Local\Temp\Twain001.Mtx
Deleted file - C:\Users\Bon\AppData\Local\Temp\Twunk001.MTX
Deleted file - C:\Users\Bon\AppData\Local\Temp\Twunk002.MTX
Deleted file - C:\Users\Bon\AppData\Local\Temp\Uninstall.ico
Deleted file - C:\Users\Bon\AppData\Local\Temp\winstore.log
Deleted file - C:\Users\Bon\AppData\Local\Temp\{15D7976C-6D79-4ACB-8D3E-617ECB7E244D}.aamdownload
Deleted file - C:\Users\Bon\AppData\Local\Temp\{4777A98A-6FA2-4B95-AC4B-AF9D4EE79442}.aamdownload
Deleted file - C:\Users\Bon\AppData\Local\Temp\{665DA33E-BD06-4447-873A-6B4BE0432BF8}
Deleted file - C:\Users\Bon\AppData\Local\Temp\{6810A80E-6B9C-48AA-8064-D784B979608C}
Deleted file - C:\Users\Bon\AppData\Local\Temp\{81CFA30C-6127-4C8B-A63D-AE532B7B9758}
Deleted file - C:\Users\Bon\AppData\Local\Temp\{BDEBD090-BCD5-4C22-8032-A1182F1B3B5B}
Deleted file - C:\Users\Bon\AppData\Local\Temp\{D552109E-66EC-44AC-B214-7EECC3C26C38}
Deleted file - C:\Users\Bon\AppData\Local\Temp\~DF016C83B16E61A5AE.TMP
Deleted file - C:\Users\Bon\AppData\Local\Temp\~DF5D9A15AF492F7852.TMP
Deleted file - C:\Users\Bon\AppData\Local\Temp\AdobeDownload\DLM.log
Deleted file - C:\Users\Bon\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data
Deleted file - C:\Users\Bon\AppData\Local\Temp\avastBCLTMP\firefox\{e4f94d1e-2f53-401e-8885-681602c0ddd8}\icon.png
Deleted file - C:\Users\Bon\AppData\Local\Temp\MicroImageDir\DSC_4223.JPG
Deleted file - C:\Users\Bon\AppData\Local\Temp\OICE_BFBB5F06-8283-4DFF-B410-D9038607D641.0\B9CF4AC5.doc
Deleted file - C:\Users\Bon\AppData\Local\Temp\OICE_BFBB5F06-8283-4DFF-B410-D9038607D641.0\~WRS{0C1B52A9-604F-4578-85D9-9AE370839D4A}.tmp
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\Cookies
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\Cookies-journal
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\data_0
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\data_1
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\data_2
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\data_3
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir3236_22866\index
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\Cookies
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\Cookies-journal
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\data_0
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\data_1
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\data_2
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\data_3
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5504_11404\index
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\Cookies
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\Cookies-journal
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\data_0
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\data_1
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\data_2
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\data_3
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5724_14119\index
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\Cookies
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\Cookies-journal
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\data_0
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\data_1
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\data_2
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\data_3
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir5932_18952\index
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\Cookies
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\Cookies-journal
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\data_0
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\data_1
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\data_2
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\data_3
Deleted file - C:\Users\Bon\AppData\Local\Temp\scoped_dir6080_27337\index
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\Cookies
The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\Cookies-journal
The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\data_0
Access is denied.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\data_1
Access is denied.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\data_2
Access is denied.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\data_3
Access is denied.
C:\Users\Bon\AppData\Local\Temp\scoped_dir760_15905\index
Access is denied.
Deleted file - C:\Users\Bon\AppData\Local\Temp\Temp1_1tmp00.zip\resources\mcafeesecurityscanplus\lib\main.js
 
========= End of CMD: =========
 
 
=========  RD /S /Q %TEMP% =========
 
C:\Users\Bon\AppData\Local\Temp\ACC.log - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\AdobeARM.log - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\etilqs_d2o0nRYhpadWs6s - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\etilqs_dEQFas28WtSyg7A - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\etilqs_MuDjV6BafBOO2nZ - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\NELog.log - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\oobelib.log - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\PDApp.log - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\Cookies - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\Cookies-journal - The process cannot access the file because it is being used by another process.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\data_0 - Access is denied.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\data_1 - Access is denied.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\data_2 - Access is denied.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\data_3 - Access is denied.
C:\Users\Bon\AppData\Local\Temp\SC0FF3~1\index - Access is denied.
 
========= End of CMD: =========
 
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-09 19:52:09)<=
 
C:\ProgramData\boost_interprocess => Is moved successfully.
 
==== End of Fixlog ====
 
It posted! Awesome!

  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it just running slow at the moment or is it sluggish ?

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log
  • 0






Similar Topics


Also tagged with one or more of these keywords: malware, trovi, regcurepro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP