Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Freezing pages, cannot run OTL, rogue killer shows ntoskml.exe


  • This topic is locked This topic is locked

#1
Vintage Charms

Vintage Charms

    Member

  • Member
  • PipPip
  • 75 posts

that cannot be deleted.  Roguekiller states they are legit.  I saved OTL to my desktop but it freezes the computer so I have to reboot.  I have run Adwcleaner, Superantispyware and I use Avast.  I am using WIndows 7 Firefox on a HP.  What else can I try?  TYIA  Also I bought a copy of Malwarebytes' Anti-Malware and it freezes also. 

 

I have been reading other posts and ran Farbar and have those logs if they would be useful.  Hope that was OK.


Edited by Vintage Charms, 09 August 2014 - 06:09 PM.

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Post the 2 farber scan reports
  • 0

#3
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

THank you so much.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014 01
Ran by Hewlett (administrator) on HEWLETT-PC on 09-08-2014 20:29:10
Running from C:\Users\Hewlett\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(SUPERAntiSpyware.com) C:\Program Files (x86)\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(SUPERAntiSpyware) C:\Program Files (x86)\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [NETGEAR USB Control Center] => C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe [4139008 2012-09-20] ()
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)
HKU\.DEFAULT\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [385024 2010-03-10] ()
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-10] (AMD)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware.exe [6564120 2014-06-04] (SUPERAntiSpyware)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-03] (Siber Systems)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\MountPoints2: M - M:\DTLplus_Launcher.exe
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\MountPoints2: {fbda576a-91ab-11e0-8861-e0cb4e042c07} - H:\DTLplus_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Hewlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Updates.lnk
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x74146EA8A3D5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://slickdeals.net/forums/index.php
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Secure Online Account Numbers Helper -> {435EAA86-D32B-484F-869C-53745FCB1642} -> C:\Program Files (x86)\Discover\SOAN\DiscoverSOANHelper.dll No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Secure Online Account Numbers - {A8C7C2CA-6DFD-4E16-8458-592361564D38} - C:\Program Files (x86)\Discover\SOAN\DiscoverSOANToolbar.dll No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.store...eUpload1_10.CAB
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB
DPF: HKLM-x32 {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.c...eUploader57.cab
DPF: HKLM-x32 {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab
DPF: HKLM-x32 {50647AB5-18FD-4142-82B0-5852478DD0D5} http://webeffective....torLauncher.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homedecorator...X_WEB_Win32.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} http://rms2.invokeso...1452/MILive.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967
FF Homepage: hxxp://my.ebay.com/ws/eBayISAPI.dll?MyEbay&gbh=1|hxxp://slickdeals.net/|hxxp://slickdeals.net/pricetracker/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\searchplugins\justsnipe.xml
FF SearchPlugin: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\searchplugins\kickassto.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\Extensions\[email protected] [2014-05-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-05-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2010-05-20]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx [2014-07-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files (x86)\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-01-24] (Autodata Limited) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2009-12-11] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-12-11] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
S4 HPBtnSrv; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512 2008-09-30] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-10-31] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-12] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2012-03-04] (Digiarty Software, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [32768 2009-07-14] (Hauppauge Computer Works, Inc.)
R1 hugoio64; C:\Program Files (x86)\i-Menu\hugoio64.sys [13856 2008-04-29] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NetgearUDSMBus; C:\Windows\System32\drivers\NetgearUDSMBus.sys [107296 2012-08-13] (Windows ® Codename Longhorn DDK provider)
R3 NetgearUDSMBus; C:\Windows\SysWOW64\drivers\NetgearUDSMBus.sys [92160 2012-06-15] (Windows ® Codename Longhorn DDK provider) [File not signed]
S3 NetgearUDSTcpBus; C:\Windows\System32\drivers\NetgearUDSTcpBus.sys [183584 2012-08-13] (Windows ® Codename Longhorn DDK provider)
S3 NetgearUDSTcpBus; C:\Windows\SysWOW64\drivers\NetgearUDSTcpBus.sys [153600 2012-06-15] (Windows ® Codename Longhorn DDK provider) [File not signed]
R1 SASDIFSV; C:\Program Files (x86)\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files (x86)\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2010-01-21] () [File not signed]
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-07-12] ()
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29160 2014-08-09] ()
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-10-20] (CyberLink Corp.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\Afc.sys 6CCD1135320109D6B219F1A6E04AD9F6
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ahcix64s.sys 4941B92C7EA609D21ABB6D57F1C54D24
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 21D749E3C8140B16C40A8273FD747899
C:\Windows\System32\DRIVERS\atikmpag.sys 1AA6F50A8E7F8413377C979CEF5218A5
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsata.sys 12A5062C06E03FF70DB47800F91C7A13
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys 8A7F289B45CEACAC761E14D5FAC59EB9
C:\Windows\System32\Drivers\ssadadb.sys 4DE0D5D747A73797C95A97DCCE5018B5
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys D95E64416A4A3ED6986E0F474DA934BD
C:\Windows\system32\drivers\aswMonFlt.sys FF1E537A3632CBB9A0BF72B9FD0878D5
C:\Windows\system32\drivers\aswRdr2.sys A5757DE5F9C83AB40667A53D5126EA40
C:\Windows\System32\Drivers\aswRvrt.sys 645D97385F3F284FB5604F9B970F4D24
C:\Windows\system32\drivers\aswSnx.sys B8FDEDE963B82CFD23B3A53A3084666D
C:\Windows\system32\drivers\aswSP.sys 0DEDC041DF594AEC2C3BD00417CFAF60
C:\Windows\system32\drivers\aswStm.sys 48DED912CDE54FC0923B9858512366E1
C:\Windows\System32\DRIVERS\aswTap.sys F87990FDBDD4DC037343A80BD7E67538
C:\Windows\System32\Drivers\aswVmm.sys 471A311745848B80339436688A8286E6
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys B4421D8CDADC441F76BA39532A3E3414
C:\Windows\System32\drivers\AtihdW76.sys B0790FF0E25B7A2674296052F2162C1A
C:\Windows\System32\drivers\AtiHdmi.sys 77C149E6D702737B2E372DEE166FAEF8
C:\Windows\System32\DRIVERS\atikmdag.sys 21D749E3C8140B16C40A8273FD747899
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\bcbtums.sys 70433F7A216BD0B5EC7DA1202EE53E65
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrSerId.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\drivers\btusbflt.sys 2641A3FE3D7B0646308F33B67F3B5300
C:\Windows\System32\DRIVERS\btwampfl.sys BC279FCEE9FC8CBF991D5DE539771AA9
C:\Windows\System32\drivers\btwaudio.sys 6BCFDC2B5B7F66D484486D4BD4B39A6B
C:\Windows\System32\DRIVERS\btwavdt.sys 82DC8B7C626E526681C1BEBED2BC3FF9
C:\Windows\System32\DRIVERS\btwl2cap.sys 6149301DC3F81D6F9667A3FBAC410975
C:\Windows\System32\DRIVERS\btwrchid.sys 28E105AD3B79F440BF94780F507BF66A
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\CT20XUT.SYS 148C9C111291C41D6B2ABFB6FBB43856
C:\Windows\System32\drivers\CT20XUT.SYS 148C9C111291C41D6B2ABFB6FBB43856
C:\Windows\System32\drivers\ctac32k.sys 397FBD4454E5B2FB77E55D1013DF548C
C:\Windows\System32\drivers\ctaud2k.sys 50A8CD4DF066FE57D0C473A2645988CC
C:\Windows\System32\drivers\CTEXFIFX.SYS 6F9C3C6C78F5296F4BC7102FB0F7CB65
C:\Windows\System32\drivers\CTEXFIFX.SYS 6F9C3C6C78F5296F4BC7102FB0F7CB65
C:\Windows\System32\drivers\CTHWIUT.SYS AE78CA7EE865A28AC841211DB655ACF3
C:\Windows\System32\drivers\CTHWIUT.SYS AE78CA7EE865A28AC841211DB655ACF3
C:\Windows\System32\drivers\ctprxy2k.sys 757776E207CA5E71E4A16BD1260AE1F2
C:\Windows\System32\drivers\ctsfm2k.sys 9B111EE2F488A8D9C21A13ED4C777795
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys 79B9D7643C9E3AD10B89DF8EF0A9D2FE
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\system32\drivers\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\System32\DRIVERS\e1y62x64.sys 761B9EDD97A021AA1922501B7A056635
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\emupia2k.sys 683DCAF0D4EFC3F95A32E8924849202D
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\ha20x22k.sys 076F366B87575ADC7D152C7A34ACB3DC
C:\Windows\System32\drivers\ha20x2k.sys 4A7533EB52DC9D1847E7F78DEE1CE322
C:\Windows\System32\drivers\HCW85BDA.sys 6FC3C9F668BCCC3DD2018988F9A78C39
C:\Windows\system32\drivers\hcw85cir3.sys A31B6C4DE6C01F2013CDB9AF59A18005
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Program Files (x86)\i-Menu\hugoio64.sys 129128E192F9470EB92DB28B6730B06B
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\System32\DRIVERS\jraid.sys 79A55E8907F34AB569029505418C35EF
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys A03B765FF67E58BA75333C7C8C0D7706
C:\Windows\System32\DRIVERS\LHidEqd.Sys 389588725D419476F365370BED4FFE5A
C:\Windows\System32\DRIVERS\LHidFilt.Sys 1470EF17E02E82E4F43346DF9E9F11E1
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys 12814AE119E959437BEA3110F81BD188
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60
C:\Windows\system32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647
C:\Windows\system32\drivers\mwac.sys 15E8ABC06843672955CE26A009533BAD
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\drivers\NetgearUDSMBus.sys 756F30F70A546A1ED74651CFBEA99744
C:\Windows\SysWOW64\drivers\NetgearUDSMBus.sys A999123810480CD52869766B1E5080F9
C:\Windows\System32\drivers\NetgearUDSTcpBus.sys F98D371931CC42AD2D4833A080E63806
C:\Windows\SysWOW64\drivers\NetgearUDSTcpBus.sys E3B5A3027E78F46D9C56E23438BD61C7
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\DRIVERS\nvstor64.sys 7C7EEF51979658CE15BBC04F96A77D56
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\drivers\ctoss2k.sys A29A80A1CF63D0DC27EEFCAF27D34664
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\Drivers\pcouffin.sys AF7CE12C4F3DC8CB2B07685C916BBCFE
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Program Files (x86)\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files (x86)\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\System32\DRIVERS\ssadmdfl.sys 58221EFCB74167B73667F0024C661CE0
C:\Windows\System32\DRIVERS\ssadmdm.sys 4DA7C71BFAC5AD71255B7E4CAB980163
C:\Windows\System32\DRIVERS\ssadserd.sys D33D1BD3EC0E766211A234F56A12726D
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss6.sys 188907721847C6EC4E36E82D5D2F12D6
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\TrueSight.sys 6D95A713F03A9AE56E99D00E809F2F90
C:\Windows\SysWOW64\drivers\TrueSight.sys BD45CEB3EBB6832AE7997FA29468ACE1
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl 74983ADDCA2D9618512C088D856D6615

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 20:23 - 2014-08-09 20:25 - 00158249 _____ () C:\Users\Hewlett\Desktop\Shortcut.txt
2014-08-09 20:11 - 2014-08-09 20:25 - 00061873 _____ () C:\Users\Hewlett\Desktop\Addition.txt
2014-08-09 20:09 - 2014-08-09 20:29 - 00050831 _____ () C:\Users\Hewlett\Desktop\FRST.txt
2014-08-09 20:03 - 2014-08-09 20:29 - 00000000 ____D () C:\FRST
2014-08-09 20:03 - 2014-08-09 20:03 - 02093568 _____ (Farbar) C:\Users\Hewlett\Desktop\FRST64.exe
2014-08-09 19:45 - 2014-08-09 19:45 - 00000002 _____ () C:\runcheck.txt
2014-08-09 19:28 - 2014-08-09 20:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 19:27 - 2014-08-09 19:27 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-09 19:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-09 19:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-09 19:09 - 2014-08-09 19:20 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99.job
2014-08-09 19:09 - 2014-08-09 19:20 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627.job
2014-08-09 19:09 - 2014-08-09 19:09 - 00003554 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627
2014-08-09 19:09 - 2014-08-09 19:09 - 00003478 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99
2014-08-09 16:58 - 2014-08-09 16:58 - 00001055 _____ () C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
2014-08-09 16:15 - 2014-08-09 19:59 - 00001186 _____ () C:\Windows\setupact.log
2014-08-09 16:15 - 2014-08-09 19:59 - 00000944 _____ () C:\Windows\PFRO.log
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-09 16:12 - 2014-08-09 16:12 - 01366203 _____ () C:\Users\Hewlett\Desktop\AdwCleaner.exe
2014-08-06 14:29 - 2014-08-06 14:29 - 00000218 _____ () C:\Users\Hewlett\AppData\Local\recently-used.xbel
2014-08-04 20:52 - 2014-08-04 20:52 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-04 17:59 - 2014-08-04 17:59 - 00001060 _____ () C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
2014-08-04 17:57 - 2014-08-09 20:08 - 00000000 ____D () C:\!Personal Oct 2013
2014-08-03 20:27 - 2014-04-06 02:36 - 01016261 _____ (Thisisu) C:\Users\Hewlett\Desktop\JRT_NEW.exe
2014-07-24 14:32 - 2014-07-24 14:32 - 00016384 _____ () C:\Program Files (x86)\Uninstall.dat
2014-07-24 14:31 - 2014-07-24 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-24 14:31 - 2014-07-24 14:31 - 00001756 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Plugins
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Language
2014-07-24 14:30 - 2014-07-24 14:30 - 20260208 _____ (SUPERAntiSpyware) C:\Users\Hewlett\Downloads\SUPERAntiSpyware.exe
2014-07-21 22:59 - 2014-08-09 19:22 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-07-21 22:42 - 2014-07-21 22:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Oracle
2014-07-17 18:57 - 2014-07-17 18:57 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-15 09:10 - 2014-07-15 09:10 - 00001320 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-07-12 19:08 - 2014-07-12 19:08 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 07:15 - 2014-07-12 07:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 20:29 - 2014-08-09 20:09 - 00050831 _____ () C:\Users\Hewlett\Desktop\FRST.txt
2014-08-09 20:29 - 2014-08-09 20:03 - 00000000 ____D () C:\FRST
2014-08-09 20:29 - 2012-10-09 16:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-09 20:26 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-09 20:25 - 2014-08-09 20:23 - 00158249 _____ () C:\Users\Hewlett\Desktop\Shortcut.txt
2014-08-09 20:25 - 2014-08-09 20:11 - 00061873 _____ () C:\Users\Hewlett\Desktop\Addition.txt
2014-08-09 20:10 - 2009-12-17 18:34 - 00000000 ____D () C:\!Personal May 2014
2014-08-09 20:08 - 2014-08-04 17:57 - 00000000 ____D () C:\!Personal Oct 2013
2014-08-09 20:07 - 2009-07-14 00:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-09 20:07 - 2009-07-14 00:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-09 20:06 - 2009-07-14 01:13 - 00850986 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-09 20:03 - 2014-08-09 20:03 - 02093568 _____ (Farbar) C:\Users\Hewlett\Desktop\FRST64.exe
2014-08-09 20:03 - 2012-08-16 15:09 - 01219702 _____ () C:\Windows\WindowsUpdate.log
2014-08-09 20:00 - 2014-08-09 19:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 19:59 - 2014-08-09 16:15 - 00001186 _____ () C:\Windows\setupact.log
2014-08-09 19:59 - 2014-08-09 16:15 - 00000944 _____ () C:\Windows\PFRO.log
2014-08-09 19:59 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-09 19:45 - 2014-08-09 19:45 - 00000002 _____ () C:\runcheck.txt
2014-08-09 19:27 - 2014-08-09 19:27 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2013-11-09 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-09 19:22 - 2014-07-21 22:59 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-08-09 19:20 - 2014-08-09 19:09 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99.job
2014-08-09 19:20 - 2014-08-09 19:09 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627.job
2014-08-09 19:09 - 2014-08-09 19:09 - 00003554 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627
2014-08-09 19:09 - 2014-08-09 19:09 - 00003478 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99
2014-08-09 19:07 - 2013-11-29 05:06 - 00000000 ____D () C:\AdwCleaner
2014-08-09 16:58 - 2014-08-09 16:58 - 00001055 _____ () C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-09 16:12 - 2014-08-09 16:12 - 01366203 _____ () C:\Users\Hewlett\Desktop\AdwCleaner.exe
2014-08-09 02:01 - 2009-12-16 19:33 - 00000426 _____ () C:\Windows\BRWMARK.INI
2014-08-09 01:09 - 2013-01-31 03:33 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett
2014-08-09 01:09 - 2013-01-31 03:33 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett.job
2014-08-08 20:32 - 2013-11-04 17:15 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\CrashDumps
2014-08-08 19:43 - 2013-11-23 18:30 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\vlc
2014-08-08 19:12 - 2013-04-19 21:53 - 00000000 ____D () C:\Carole
2014-08-08 17:14 - 2012-03-01 05:19 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\QuickPar
2014-08-07 20:08 - 2010-02-01 17:46 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\CutePDF Writer
2014-08-07 15:28 - 2014-07-08 00:50 - 00000000 ____D () C:\!ebay
2014-08-07 01:49 - 2011-11-02 04:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-07 01:49 - 2009-12-17 20:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-06 14:29 - 2014-08-06 14:29 - 00000218 _____ () C:\Users\Hewlett\AppData\Local\recently-used.xbel
2014-08-05 22:48 - 2014-04-02 20:44 - 00000000 ____D () C:\Users\Hewlett\Documents\BitLord
2014-08-04 20:53 - 2013-10-20 21:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-04 20:52 - 2014-08-04 20:52 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-04 17:59 - 2014-08-04 17:59 - 00001060 _____ () C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
2014-08-03 19:07 - 2014-06-18 20:47 - 00004148 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-08-03 19:07 - 2010-04-04 19:04 - 00003500 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-08-03 19:05 - 2013-05-26 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-08-03 17:21 - 2014-04-04 19:01 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\BitLord
2014-08-03 16:30 - 2014-04-03 17:38 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-02 15:31 - 2013-11-10 13:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-01 17:03 - 2013-04-14 00:07 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-01 17:03 - 2011-10-07 12:00 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-01 07:58 - 2009-12-16 19:28 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-07-31 12:23 - 2013-08-19 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 12:45 - 2012-05-12 22:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 12:45 - 2012-05-12 22:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 14:32 - 2014-07-24 14:32 - 00016384 _____ () C:\Program Files (x86)\Uninstall.dat
2014-07-24 14:32 - 2014-07-24 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-24 14:31 - 2014-07-24 14:31 - 00001756 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Plugins
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Language
2014-07-24 14:30 - 2014-07-24 14:30 - 20260208 _____ (SUPERAntiSpyware) C:\Users\Hewlett\Downloads\SUPERAntiSpyware.exe
2014-07-24 14:30 - 2011-08-16 13:20 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-24 11:37 - 2012-05-12 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-22 11:38 - 2010-01-20 14:29 - 00000000 ____D () C:\Windows\Minidump
2014-07-21 22:45 - 2010-01-31 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\Deployment
2014-07-21 22:42 - 2014-07-21 22:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-20 16:50 - 2013-05-04 11:37 - 00000000 ____D () C:\Cloud Drive
2014-07-17 19:12 - 2012-11-17 17:25 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-17 19:10 - 2013-12-21 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-07-17 19:09 - 2011-09-02 18:21 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Canon
2014-07-17 19:08 - 2010-12-03 22:58 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Oracle
2014-07-17 18:57 - 2014-07-17 18:57 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 18:57 - 2011-02-21 17:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-15 09:10 - 2014-07-15 09:10 - 00001320 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-07-15 07:45 - 2012-10-09 16:57 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-15 07:45 - 2011-11-01 18:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-15 07:45 - 2011-05-23 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-14 06:10 - 2013-02-10 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-12 19:08 - 2014-07-12 19:08 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 07:16 - 2013-11-10 13:00 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-12 07:16 - 2013-10-31 20:57 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-12 07:15 - 2014-07-12 07:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 07:15 - 2014-04-20 08:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-12 07:15 - 2013-12-24 11:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-12 07:15 - 2011-02-27 19:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

Some content of TEMP:
====================
C:\Users\Hewlett\AppData\Local\Temp\7za.exe
C:\Users\Hewlett\AppData\Local\Temp\hijackthis.exe
C:\Users\Hewlett\AppData\Local\Temp\NirCmd.exe
C:\Users\Hewlett\AppData\Local\Temp\PEVZ.EXE
C:\Users\Hewlett\AppData\Local\Temp\Quarantine.exe
C:\Users\Hewlett\AppData\Local\Temp\remove.exe
C:\Users\Hewlett\AppData\Local\Temp\sed.exe
C:\Users\Hewlett\AppData\Local\Temp\shortcut.exe
C:\Users\Hewlett\AppData\Local\Temp\swreg.exe
C:\Users\Hewlett\AppData\Local\Temp\swxcacls.exe
C:\Users\Hewlett\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {3dec7ac1-e62f-11de-8fda-e0cb4e042c07}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
customactions           0x1000085000001
                        0x5400000f
custom:5400000f         {3dec7ac5-e62f-11de-8fda-e0cb4e042c07}

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {3dec7ac5-e62f-11de-8fda-e0cb4e042c07}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {3dec7ac1-e62f-11de-8fda-e0cb4e042c07}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {3dec7ac5-e62f-11de-8fda-e0cb4e042c07}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{3dec7ac6-e62f-11de-8fda-e0cb4e042c07}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{3dec7ac6-e62f-11de-8fda-e0cb4e042c07}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {3dec7ac1-e62f-11de-8fda-e0cb4e042c07}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {3dec7ac6-e62f-11de-8fda-e0cb4e042c07}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi



LastRegBack: 2014-08-07 02:59
 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014 01
Ran by Hewlett at 2014-08-09 20:29:29
Running from C:\Users\Hewlett\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,251,0 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Amazon Cloud Drive (HKCU\...\23ab716f18849b6f) (Version: 2.0.2013.841 - Amazon)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
ArcSoft MediaImpression 2 (HKLM-x32\...\{014CB645-5DD8-41BB-9211-FE98F6BF90A8}) (Version: 2.0.45.541 - ArcSoft)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}) (Version: 4.5.0.112 - ArcSoft)
ArcSoft PhotoStudio Darkroom 2 (HKLM-x32\...\{40DA94AF-34B7-4BA7-A37F-26F899C031FF}) (Version: 2.0.0.174 - ArcSoft)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{363188E4-1A27-4DE6-BA48-823D2E205385}) (Version: 1.1.0.17 - ArcSoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Big City Adventure: London Classic (HKLM-x32\...\BFG-Big City Adventure - London Classic) (Version:  - )
Big City Adventure: New York City (HKLM-x32\...\BFG-Big City Adventure - New York City) (Version:  - )
Big City Adventure: Paris (HKLM-x32\...\BFG-Big City Adventure - Paris) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bluetooth by hp (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Brother Driver Deployment Wizard (HKLM-x32\...\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}) (Version: 1.09.000 - Brother)
Brother MFL-Pro Suite MFC-7220 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J430W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
BTGuard 2.6 (HKCU\...\BTGuard 2.6) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
C4700 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center HydraVision Full (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0520.1631.27815 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-core-static (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
ccc-utility64 (Version: 2010.0310.1824.32984 - ATI) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Christmas Wonderland (HKLM-x32\...\BFG-Christmas Wonderland) (Version:  - )
Christmas Wonderland 4 (HKLM-x32\...\BFG-Christmas Wonderland 4) (Version:  - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.1.5 - Dell)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Creator (HKLM-x32\...\Foxit Creator) (Version: 3,0,2,0506 - Foxit Corporation)
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hidden in Time: Looking-glass Lane (HKLM-x32\...\BFG-Hidden in Time - Looking glass Lane) (Version:  - )
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Easy Backup (HKLM-x32\...\{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1) (Version: 1.0.8.0 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3420 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3601 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Remote Solution (x32 Version: 1.1.9.0 - TopSeed) Hidden
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.162.0 - ATI Technologies Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
i-Menu 2.2 (HKLM-x32\...\i-Menu_is1) (Version:  - AOC)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Keynote Connector (HKLM-x32\...\KeynoteConnector) (Version:  - )
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Logitech Onscreen Keyboard 1.0 (HKLM\...\Onscreen_Keyboard) (Version: 1.00.55 - Logitech)
Logitech SetPoint 6.52 (HKLM\...\SP6) (Version: 6.52.74 - Logitech)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7230) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (x32 Version: 3.0.560.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{26E76762-7F20-4694-AD06-CC3A9B547A71}) (Version: 8.0.6362.187 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.127.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery Case Files &reg;: 13th Skull ™ (HKLM-x32\...\BFG-Mystery Case Files - 13th Skull) (Version:  - )
Mystery Case Files &reg;: Dire Grove ™ (HKLM-x32\...\BFG-Mystery Case Files - Dire Grove) (Version:  - )
Mystery Case Files: Huntsville ™ (HKLM-x32\...\BFG-Mystery Case Files - Huntsville) (Version:  - )
Mystery Case Files: Madame Fate &reg; (HKLM-x32\...\BFG-Mystery Case Files - Madame Fate) (Version:  - )
Mystery Case Files: Prime Suspects ™ (HKLM-x32\...\BFG-Mystery Case Files - Prime Suspects) (Version:  - )
Mystery Case Files: Ravenhearst &reg; (HKLM-x32\...\BFG-Mystery Case Files - Ravenhearst) (Version:  - )
Mystery P.I.: Stolen in San Francisco (HKLM-x32\...\BFG-Mystery P.I. - Stolen in San Francisco) (Version:  - )
Mystery P.I.: The Curious Case of Counterfeit Cove (HKLM-x32\...\BFG-Mystery P.I. - The Curious Case of Counterfeit Cove) (Version:  - )
Mystery P.I.: The New York Fortune (HKLM-x32\...\BFG-Mystery PI - The New York Fortune) (Version:  - )
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.28.24.exe  - NETGEAR Inc.)
NETGEAR USB Control Center   (HKLM-x32\...\{4528B812-FF2C-4E3A-A9EA-1ECB483BF03A}) (Version: 1.32 - NETGEAR)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFZilla V1.2.9 (HKLM-x32\...\PDFZilla_is1) (Version:  - PDFZilla, Inc.)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1931 - CyberLink Corp.) Hidden
PS_AIO_06_C4700_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RoboForm 7-9-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
Screen+ 1.0 (HKLM-x32\...\Screen+_is1) (Version:  - AOC)
Secure Online Account Numbers (x32 Version: 2.0.2.0 - Discover) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4001588775-3003906427-958657270-1004_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {18647615-9468-D082-43E6-15E985889A47} No File
CustomCLSID: HKU\S-1-5-21-4001588775-3003906427-958657270-1004_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {47146D2E-9468-D082-78FD-65B685889A47} No File
CustomCLSID: HKU\S-1-5-21-4001588775-3003906427-958657270-1004_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {47167D75-9468-D082-23ED-67B685889A47} No File
CustomCLSID: HKU\S-1-5-21-4001588775-3003906427-958657270-1004_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {4302CF21-9468-D082-775F-73B285889A47} No File

==================== Restore Points  =========================

04-08-2014 23:11:17 Scheduled Checkpoint
05-08-2014 00:51:44 Installed Java 7 Update 67
05-08-2014 09:14:08 Windows Update
08-08-2014 06:00:26 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-04 18:09 - 00000720 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CF83AEA-E9F0-44DD-9631-4F027D205F7A} - System32\Tasks\HPCeeScheduleForHewlett => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {1E0650E0-BE14-4E16-AD58-A7DE1B75F280} - System32\Tasks\{3F9C97BA-7670-4146-9AD2-960DCD8A2026} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1E954C74-0CF8-44EA-B078-B468147D6FF4} - System32\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99 => C:\Program Files (x86)\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {266D5758-758C-4AF5-A0DA-4CFD98F7871E} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: {4BCEDAFE-F679-497E-8507-CEDF3A981EBB} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe [2014-08-03] (Siber Systems)
Task: {4D707DDC-58F4-4C44-AEA7-953ACFBED17C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {5F3CAC9C-9E4A-420A-8795-0A9137709EA8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-12] (AVAST Software)
Task: {642804E7-70C4-4167-89E8-35DAD05CEFC1} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-08-03] (Siber Systems)
Task: {64808E63-1748-402D-9693-7DE0BC31B3D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {6C35D65A-F338-4A9B-89F2-16A7777A15C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {77D6DB50-73B6-44AA-ABF3-2F3BD2CE9D16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {78703363-01A6-4CA3-8C3B-0C915C56565B} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....GJKJMIBNKJHIKJ"
Task: {A191ACA0-B500-463B-A494-15685BFCBAAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {B49320C1-E433-4146-9A16-0AB032C8CA7F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627 => C:\Program Files (x86)\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B6DB0899-0230-4154-BBA0-03D631F46C83} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {C7FDE96F-4D1D-4983-B4B0-CD777E273332} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NICMJNDJCMKJBJ"
Task: {DCE559D3-11B6-454D-8172-4639FBCEAF46} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-10-20] (CyberLink Corp.)
Task: {F1CB4C2D-460F-4F34-82BB-BFA617A59064} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F2BC8DCE-27AB-4B3C-BD99-96DAECFF8C14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHewlett.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627.job => C:\Program Files (x86)\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99.job => C:\Program Files (x86)\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2010-03-21 18:49 - 2012-03-11 15:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2013-04-24 22:17 - 2005-04-22 00:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2009-07-08 18:35 - 2009-07-08 18:35 - 00610360 ____H () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2010-03-10 18:15 - 2010-03-10 18:15 - 00385024 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
2014-07-12 07:15 - 2014-07-12 07:15 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-09 15:10 - 2014-08-09 15:10 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14080901\algo.dll
2010-07-07 12:33 - 2010-07-07 12:33 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL
2014-07-12 07:15 - 2014-07-12 07:15 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-12-01 20:49 - 2009-12-01 20:49 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2009-12-11 04:42 - 2009-07-10 13:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-08-19 21:53 - 2014-07-31 12:23 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:134FBDE2
AlternateDataStreams: C:\ProgramData\Temp:17C48B08
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:391535F9
AlternateDataStreams: C:\ProgramData\Temp:4673E9EA
AlternateDataStreams: C:\ProgramData\Temp:55F44B88
AlternateDataStreams: C:\ProgramData\Temp:61F0C8FB
AlternateDataStreams: C:\ProgramData\Temp:623E564B
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:78E0DF72
AlternateDataStreams: C:\ProgramData\Temp:9BAC4211
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:BC8E9899
AlternateDataStreams: C:\ProgramData\Temp:C039C6AC
AlternateDataStreams: C:\ProgramData\Temp:C07A6A6B
AlternateDataStreams: C:\ProgramData\Temp:D31BE97C
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:EBCF5924
AlternateDataStreams: C:\ProgramData\Temp:F52DB269
AlternateDataStreams: C:\Users\Hewlett\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
AlternateDataStreams: C:\Users\Hewlett\AppData\Roaming\Tab Separated Values (Windows).EML:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Amazon Download Agent => 3
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CouponPrinterService => 2
MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: Fax => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPBtnSrv => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: NETGEARGenieDaemon => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Image Transfer Utility.lnk => C:\Windows\pss\Image Transfer Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Onscreen Keyboard.lnk => C:\Windows\pss\Onscreen Keyboard.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hewlett^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Cloud Drive.lnk => C:\Windows\pss\Amazon Cloud Drive.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Hewlett^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DVDFab Passkey => "C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Hewlett\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: KasperskyPasswordManager => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
MSCONFIG\startupreg: Logitech Vid => "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NETGEARGenie => "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Secure Online Account Numbers => C:\PROGRA~2\Discover\SOAN\DISCOV~1.EXE /dontopenmycards
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: VolPanel => "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

==================== Faulty Device Manager Devices =============

Name: Hotspot Shield Routing Driver 6
Description: Hotspot Shield Routing Driver 6
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HssDRV6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2014 07:27:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x158c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (08/09/2014 04:15:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3568) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Hewlett\AppData\Local\Microsoft\Windows\WebCache\V0100198.log.

Error: (08/08/2014 02:10:11 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

Error: (08/05/2014 04:41:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FOXIT READER.EXE, version: 6.2.1.618, time stamp: 0x539e94ad
Faulting module name: FOXIT READER.EXE, version: 6.2.1.618, time stamp: 0x539e94ad
Exception code: 0xc0000005
Fault offset: 0x002dbe50
Faulting process id: 0x1670
Faulting application start time: 0xFOXIT READER.EXE0
Faulting application path: FOXIT READER.EXE1
Faulting module path: FOXIT READER.EXE2
Report Id: FOXIT READER.EXE3

Error: (08/04/2014 05:51:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6691.5000, time stamp: 0x52e8c57c
Faulting module name: OGL.DLL_unloaded, version: 0.0.0.0, time stamp: 0x5375d138
Exception code: 0xc0000005
Fault offset: 0x5d28aae4
Faulting process id: 0xabc
Faulting application start time: 0xOUTLOOK.EXE0
Faulting application path: OUTLOOK.EXE1
Faulting module path: OUTLOOK.EXE2
Report Id: OUTLOOK.EXE3


System errors:
=============
Error: (08/09/2014 08:00:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
HssDRV6

Error: (08/09/2014 07:59:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:57:38 PM on ‎8/‎9/‎2014 was unexpected.

Error: (08/09/2014 07:41:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
HssDRV6

Error: (08/09/2014 07:40:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847

Error: (08/09/2014 07:40:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:38:34 PM on ‎8/‎9/‎2014 was unexpected.

Error: (08/09/2014 07:28:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/09/2014 07:21:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
HssDRV6

Error: (08/09/2014 07:20:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:18:25 PM on ‎8/‎9/‎2014 was unexpected.

Error: (08/09/2014 07:08:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
HssDRV6

Error: (08/09/2014 07:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The UMVPFSrv service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (08/04/2014 05:51:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 102 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (10/20/2013 00:51:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62036 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (07/01/2013 04:03:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1449 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (09/17/2012 00:14:03 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21208 seconds with 1860 seconds of active time.  This session ended with a crash.

Error: (06/23/2012 07:06:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40505 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (06/21/2012 10:13:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8681 seconds with 600 seconds of active time.  This session ended with a crash.

Error: (06/05/2012 08:45:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 73254 seconds with 1200 seconds of active time.  This session ended with a crash.

Error: (05/31/2012 09:23:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90202 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (02/16/2012 06:40:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 73339 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (10/10/2011 00:34:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2011-09-26 02:51:42.790
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-26 02:51:42.758
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-26 02:45:23.075
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-26 02:45:23.044
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgfwd6a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 12279.09 MB
Available physical RAM: 9428.6 MB
Total Pagefile: 24556.37 MB
Available Pagefile: 21415.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:918.03 GB) (Free:424.24 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.39 GB) (Free:2.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP2) (Fixed) (Total:931.51 GB) (Free:856.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7A36D280)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

You have run quite a few tools. Were you getting help ?

What's going on with the computer? Is it freezing as you indicated all the time, or just when you try and run things like malwarbytes or OTL..

When did it all start going bad...
  • 0

#5
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

It is freezing when I try to run the Malwares and other times when I am just doing work or playing on the computer.  I can send you a picture I took of the screen from the Rogue Killer scan.  It is showing things like ntoskml.exe and others that are marked as legit and they have NEVER shown up before.  I can't delete them and that seems suspicious.  Google shows people having problem with these exe also.  OTL will not complete.  umm that is all I can think of.  I am constantly shutting the machine on and off.  Something is afoot.


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
See if this scan will run, it's an online scan and it will take a while to run,


ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)

  • 0

#7
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d9fffbdc5e68e045895c9c8f2d22eb54
# engine=19590
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-11 01:24:46
# local_time=2014-08-10 09:24:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 0 23531304 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 159263736 0 0
# scanned=240501
# found=15
# cleaned=0
# scan_time=7305
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitLord 2\StubInstaller.exe.vir"
sh=6A6306759D43398B2503CDC5AA416E285906B6FF ft=1 fh=bf2584f58f554c8f vn="Win32/ExpressDownloader.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\Downloader.exe.vir"
sh=CE18433FBCFCAC9F97513F52974FC0DF978CF595 ft=1 fh=7d7de8396f5d1f9e vn="a variant of Win32/ExpressDownloader.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\uninstall.exe.vir"
sh=946C6D775385138168AC1E9A7CD0D92E68292313 ft=1 fh=6d1c50d5739df3f8 vn="Win32/ExpressDownloader.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader\YourFile.exe.vir"
sh=CE18433FBCFCAC9F97513F52974FC0DF978CF595 ft=1 fh=7d7de8396f5d1f9e vn="a variant of Win32/ExpressDownloader.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader Updater\uninstall.exe.vir"
sh=E52A4762CFD4C84AFD6F911889F55206A112D344 ft=1 fh=71e17c1609972e73 vn="a variant of Win32/YourFileDownloader.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe.vir"
sh=6D8605D8396DCC48830096D9702E0BA863E605EB ft=1 fh=1d483efb37ef9c4d vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Program Files\Defraggler\dfsetup214.exe"
sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Program Files (x86)\ccsetup412.exe"
sh=81B3EF5DF403D71A8F654BFEE61C9E4711B28D36 ft=1 fh=dd34d6796e8bf4af vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Program Files (x86)\CuteWriter.exe"
sh=03215C48CB00536971E88817819081965062F03E ft=1 fh=71226b2d678a6418 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Program Files (x86)\dfsetup218.exe"
sh=91EC186153FB33A4562204E4BE5631168C2BA206 ft=1 fh=eb969c333e6297d9 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Program Files (x86)\Acro Software\CuteWriter.exe"
sh=1F805C9B3C0DD76E6A1EA917196A5E0462DFF5E2 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.CrossRider.C potentially unwanted application" ac=I fn="E:\HEWLETT-PC\Backup Set 2013-02-08 020012\Backup Files 2013-02-08 020012\Backup files 2.zip"
sh=E4F690E45FEF16624D63E31FB7BE60D4711A595E ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.CrossRider.C potentially unwanted application" ac=I fn="E:\HEWLETT-PC\Backup Set 2013-02-08 020012\Backup Files 2013-03-08 020012\Backup files 2.zip"
sh=575079624F0D3301B99B12BD89289F87797E33AE ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.YYR trojan" ac=I fn="O:\AI_Roboform_Enterprise_v7_7_8_8_TE\AI.Roboform.Enterprise.v7.7.8.8-TE.rar"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="O:\BitLord 2\StubInstaller.exe"
 


Edited by Vintage Charms, 10 August 2014 - 07:21 PM.

  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hello,

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe (No File)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
S4 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx [2014-07-12]
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:134FBDE2
AlternateDataStreams: C:\ProgramData\Temp:17C48B08
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:391535F9
AlternateDataStreams: C:\ProgramData\Temp:4673E9EA
AlternateDataStreams: C:\ProgramData\Temp:55F44B88
AlternateDataStreams: C:\ProgramData\Temp:61F0C8FB
AlternateDataStreams: C:\ProgramData\Temp:623E564B
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:78E0DF72
AlternateDataStreams: C:\ProgramData\Temp:9BAC4211
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:BC8E9899
AlternateDataStreams: C:\ProgramData\Temp:C039C6AC
AlternateDataStreams: C:\ProgramData\Temp:C07A6A6B
AlternateDataStreams: C:\ProgramData\Temp:D31BE97C
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:EBCF5924
AlternateDataStreams: C:\ProgramData\Temp:F52DB269
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

In your next reply post:

1- (Fixlog.txt)

Thanks
Joe :)

Post any other log reports that you may have.
  • 0

#9
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

Was I supposed to run the scan.  I did and then hit Fix and it states "no fixlist.txt found."  Am I supposed to paste that fistlist you gave me in the search box?  I'll try that whilst I am waiting.

 

 

I don't know where to enter the fixlist.txt you gave me.  Here is the latest FRST/FRST64:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Hewlett (administrator) on HEWLETT-PC on 11-08-2014 00:49:01
Running from C:\Users\Hewlett\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(SUPERAntiSpyware.com) C:\Program Files (x86)\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(SUPERAntiSpyware) C:\Program Files (x86)\SUPERAntiSpyware.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [NETGEAR USB Control Center] => C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe [4139008 2012-09-20] ()
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)
HKU\.DEFAULT\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [385024 2010-03-10] ()
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-10] (AMD)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware.exe [6564120 2014-06-04] (SUPERAntiSpyware)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-03] (Siber Systems)
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\MountPoints2: M - M:\DTLplus_Launcher.exe
HKU\S-1-5-21-4001588775-3003906427-958657270-1004\...\MountPoints2: {fbda576a-91ab-11e0-8861-e0cb4e042c07} - H:\DTLplus_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Hewlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Updates.lnk
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x74146EA8A3D5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://slickdeals.net/forums/index.php
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Secure Online Account Numbers Helper -> {435EAA86-D32B-484F-869C-53745FCB1642} -> C:\Program Files (x86)\Discover\SOAN\DiscoverSOANHelper.dll No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Secure Online Account Numbers - {A8C7C2CA-6DFD-4E16-8458-592361564D38} - C:\Program Files (x86)\Discover\SOAN\DiscoverSOANToolbar.dll No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.store...eUpload1_10.CAB
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB
DPF: HKLM-x32 {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.c...eUploader57.cab
DPF: HKLM-x32 {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab
DPF: HKLM-x32 {50647AB5-18FD-4142-82B0-5852478DD0D5} http://webeffective....torLauncher.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab
DPF: HKLM-x32 {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homedecorator...X_WEB_Win32.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} http://rms2.invokeso...1452/MILive.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967
FF Homepage: hxxp://my.ebay.com/ws/eBayISAPI.dll?MyEbay&gbh=1|hxxp://slickdeals.net/|hxxp://slickdeals.net/pricetracker/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\searchplugins\justsnipe.xml
FF SearchPlugin: C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\searchplugins\kickassto.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Hewlett\AppData\Roaming\Mozilla\Firefox\Profiles\smj03a5y.default-1379960535967\Extensions\[email protected] [2014-05-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-05-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2010-05-20]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx [2014-07-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files (x86)\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-01-24] (Autodata Limited) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2009-12-11] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-12-11] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
S4 HPBtnSrv; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512 2008-09-30] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-10-31] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-12] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2012-03-04] (Digiarty Software, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [32768 2009-07-14] (Hauppauge Computer Works, Inc.)
R1 hugoio64; C:\Program Files (x86)\i-Menu\hugoio64.sys [13856 2008-04-29] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NetgearUDSMBus; C:\Windows\System32\drivers\NetgearUDSMBus.sys [107296 2012-08-13] (Windows ® Codename Longhorn DDK provider)
R3 NetgearUDSMBus; C:\Windows\SysWOW64\drivers\NetgearUDSMBus.sys [92160 2012-06-15] (Windows ® Codename Longhorn DDK provider) [File not signed]
S3 NetgearUDSTcpBus; C:\Windows\System32\drivers\NetgearUDSTcpBus.sys [183584 2012-08-13] (Windows ® Codename Longhorn DDK provider)
S3 NetgearUDSTcpBus; C:\Windows\SysWOW64\drivers\NetgearUDSTcpBus.sys [153600 2012-06-15] (Windows ® Codename Longhorn DDK provider) [File not signed]
R1 SASDIFSV; C:\Program Files (x86)\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files (x86)\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2010-01-21] () [File not signed]
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-10-20] (CyberLink Corp.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 00:49 - 2014-08-11 00:49 - 00030374 _____ () C:\Users\Hewlett\Desktop\FRST.txt
2014-08-11 00:43 - 2014-08-11 00:43 - 00000000 ____D () C:\Users\Hewlett\Desktop\FRST-OlderVersion
2014-08-11 00:42 - 2014-08-11 00:42 - 00002325 _____ () C:\Users\Hewlett\Desktop\Fisxlist.txt
2014-08-10 22:55 - 2014-08-10 22:55 - 00000000 ____D () C:\Pat nose
2014-08-10 21:28 - 2014-08-10 21:28 - 00000000 ____D () C:\CRASHPLAN
2014-08-10 19:20 - 2014-08-10 19:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-10 17:18 - 2014-08-10 17:18 - 00000000 ___HD () C:\Windows\AxInstSV
2014-08-09 20:03 - 2014-08-11 00:49 - 00000000 ____D () C:\FRST
2014-08-09 20:03 - 2014-08-11 00:43 - 02099712 _____ (Farbar) C:\Users\Hewlett\Desktop\FRST64.exe
2014-08-09 19:45 - 2014-08-09 19:45 - 00000002 _____ () C:\runcheck.txt
2014-08-09 19:28 - 2014-08-10 21:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 19:27 - 2014-08-09 19:27 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-09 19:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-09 19:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-09 19:09 - 2014-08-10 22:32 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99.job
2014-08-09 19:09 - 2014-08-10 02:00 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627.job
2014-08-09 19:09 - 2014-08-09 19:09 - 00003554 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627
2014-08-09 19:09 - 2014-08-09 19:09 - 00003478 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99
2014-08-09 16:58 - 2014-08-09 16:58 - 00001055 _____ () C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
2014-08-09 16:15 - 2014-08-10 17:18 - 00001298 _____ () C:\Windows\setupact.log
2014-08-09 16:15 - 2014-08-09 20:54 - 00001520 _____ () C:\Windows\PFRO.log
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-09 16:12 - 2014-08-09 16:12 - 01366203 _____ () C:\Users\Hewlett\Desktop\AdwCleaner.exe
2014-08-06 14:29 - 2014-08-06 14:29 - 00000218 _____ () C:\Users\Hewlett\AppData\Local\recently-used.xbel
2014-08-04 20:52 - 2014-08-04 20:52 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-04 17:59 - 2014-08-04 17:59 - 00001060 _____ () C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
2014-08-04 17:57 - 2014-08-10 22:55 - 00000000 ____D () C:\!Personal Oct 2013
2014-08-03 20:27 - 2014-04-06 02:36 - 01016261 _____ (Thisisu) C:\Users\Hewlett\Desktop\JRT_NEW.exe
2014-07-24 14:32 - 2014-07-24 14:32 - 00016384 _____ () C:\Program Files (x86)\Uninstall.dat
2014-07-24 14:31 - 2014-07-24 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-24 14:31 - 2014-07-24 14:31 - 00001756 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Plugins
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Language
2014-07-24 14:30 - 2014-07-24 14:30 - 20260208 _____ (SUPERAntiSpyware) C:\Users\Hewlett\Downloads\SUPERAntiSpyware.exe
2014-07-21 22:59 - 2014-08-10 18:39 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-07-21 22:42 - 2014-07-21 22:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Oracle
2014-07-17 18:57 - 2014-07-17 18:57 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-15 09:10 - 2014-07-15 09:10 - 00001320 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-07-12 19:08 - 2014-07-12 19:08 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 07:15 - 2014-07-12 07:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 00:49 - 2014-08-11 00:49 - 00030374 _____ () C:\Users\Hewlett\Desktop\FRST.txt
2014-08-11 00:49 - 2014-08-09 20:03 - 00000000 ____D () C:\FRST
2014-08-11 00:43 - 2014-08-11 00:43 - 00000000 ____D () C:\Users\Hewlett\Desktop\FRST-OlderVersion
2014-08-11 00:43 - 2014-08-09 20:03 - 02099712 _____ (Farbar) C:\Users\Hewlett\Desktop\FRST64.exe
2014-08-11 00:42 - 2014-08-11 00:42 - 00002325 _____ () C:\Users\Hewlett\Desktop\Fisxlist.txt
2014-08-11 00:29 - 2012-10-09 16:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-10 23:59 - 2012-08-16 15:09 - 01242690 _____ () C:\Windows\WindowsUpdate.log
2014-08-10 22:57 - 2009-12-17 18:34 - 00000000 ____D () C:\!Personal May 2014
2014-08-10 22:55 - 2014-08-10 22:55 - 00000000 ____D () C:\Pat nose
2014-08-10 22:55 - 2014-08-04 17:57 - 00000000 ____D () C:\!Personal Oct 2013
2014-08-10 22:32 - 2014-08-09 19:09 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99.job
2014-08-10 22:30 - 2013-11-23 18:30 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\vlc
2014-08-10 22:28 - 2013-11-04 17:15 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\CrashDumps
2014-08-10 22:21 - 2009-12-16 19:33 - 00000426 _____ () C:\Windows\BRWMARK.INI
2014-08-10 21:28 - 2014-08-10 21:28 - 00000000 ____D () C:\CRASHPLAN
2014-08-10 21:27 - 2014-08-09 19:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 19:20 - 2014-08-10 19:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-10 19:13 - 2009-07-14 01:13 - 00850986 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-10 18:39 - 2014-07-21 22:59 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-08-10 17:26 - 2009-07-14 00:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-10 17:26 - 2009-07-14 00:45 - 00015984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-10 17:18 - 2014-08-10 17:18 - 00000000 ___HD () C:\Windows\AxInstSV
2014-08-10 17:18 - 2014-08-09 16:15 - 00001298 _____ () C:\Windows\setupact.log
2014-08-10 17:18 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-10 02:00 - 2014-08-09 19:09 - 00000470 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627.job
2014-08-09 20:54 - 2014-08-09 16:15 - 00001520 _____ () C:\Windows\PFRO.log
2014-08-09 20:26 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-09 19:45 - 2014-08-09 19:45 - 00000002 _____ () C:\runcheck.txt
2014-08-09 19:27 - 2014-08-09 19:27 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2014-08-09 19:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-09 19:27 - 2013-11-09 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-09 19:09 - 2014-08-09 19:09 - 00003554 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 05e36683-adeb-496e-a919-e7a3be3fe627
2014-08-09 19:09 - 2014-08-09 19:09 - 00003478 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task ab71d77e-4190-47bb-8ab8-85cdd7baba99
2014-08-09 19:07 - 2013-11-29 05:06 - 00000000 ____D () C:\AdwCleaner
2014-08-09 16:58 - 2014-08-09 16:58 - 00001055 _____ () C:\Users\Hewlett\Desktop\tdsskiller.exe - Shortcut.lnk
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-09 16:12 - 2014-08-09 16:12 - 01366203 _____ () C:\Users\Hewlett\Desktop\AdwCleaner.exe
2014-08-09 01:09 - 2013-01-31 03:33 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett
2014-08-09 01:09 - 2013-01-31 03:33 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett.job
2014-08-08 19:12 - 2013-04-19 21:53 - 00000000 ____D () C:\Carole
2014-08-08 17:14 - 2012-03-01 05:19 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\QuickPar
2014-08-07 20:08 - 2010-02-01 17:46 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\CutePDF Writer
2014-08-07 15:28 - 2014-07-08 00:50 - 00000000 ____D () C:\!ebay
2014-08-07 01:49 - 2011-11-02 04:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-07 01:49 - 2009-12-17 20:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-06 14:29 - 2014-08-06 14:29 - 00000218 _____ () C:\Users\Hewlett\AppData\Local\recently-used.xbel
2014-08-05 22:48 - 2014-04-02 20:44 - 00000000 ____D () C:\Users\Hewlett\Documents\BitLord
2014-08-04 20:53 - 2013-10-20 21:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-04 20:52 - 2014-08-04 20:52 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-04 20:52 - 2014-08-04 20:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-04 17:59 - 2014-08-04 17:59 - 00001060 _____ () C:\Users\Hewlett\Desktop\RogueKiller.exe - Shortcut.lnk
2014-08-03 19:07 - 2014-06-18 20:47 - 00004148 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-08-03 19:07 - 2010-04-04 19:04 - 00003500 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-08-03 19:05 - 2013-05-26 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-08-03 17:21 - 2014-04-04 19:01 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\BitLord
2014-08-03 16:30 - 2014-04-03 17:38 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-02 15:31 - 2013-11-10 13:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-01 17:03 - 2013-04-14 00:07 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-01 17:03 - 2011-10-07 12:00 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-01 07:58 - 2009-12-16 19:28 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-07-31 12:23 - 2013-08-19 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 12:45 - 2012-05-12 22:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 12:45 - 2012-05-12 22:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 14:32 - 2014-07-24 14:32 - 00016384 _____ () C:\Program Files (x86)\Uninstall.dat
2014-07-24 14:32 - 2014-07-24 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-24 14:31 - 2014-07-24 14:31 - 00001756 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Plugins
2014-07-24 14:31 - 2014-07-24 14:31 - 00000000 ____D () C:\Program Files (x86)\Language
2014-07-24 14:30 - 2014-07-24 14:30 - 20260208 _____ (SUPERAntiSpyware) C:\Users\Hewlett\Downloads\SUPERAntiSpyware.exe
2014-07-24 14:30 - 2011-08-16 13:20 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-24 11:37 - 2012-05-12 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-22 11:38 - 2010-01-20 14:29 - 00000000 ____D () C:\Windows\Minidump
2014-07-21 22:45 - 2010-01-31 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Local\Deployment
2014-07-21 22:42 - 2014-07-21 22:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-20 16:50 - 2013-05-04 11:37 - 00000000 ____D () C:\Cloud Drive
2014-07-17 19:12 - 2012-11-17 17:25 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-17 19:10 - 2013-12-21 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-07-17 19:09 - 2011-09-02 18:21 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Canon
2014-07-17 19:08 - 2010-12-03 22:58 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\Users\Hewlett\AppData\Roaming\Oracle
2014-07-17 18:57 - 2014-07-17 18:57 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 18:57 - 2011-02-21 17:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-15 09:10 - 2014-07-15 09:10 - 00001320 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-15 09:10 - 2014-07-15 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-07-15 07:45 - 2012-10-09 16:57 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-15 07:45 - 2011-11-01 18:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-15 07:45 - 2011-05-23 21:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-14 06:10 - 2013-02-10 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-12 19:08 - 2014-07-12 19:08 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 07:16 - 2013-11-10 13:00 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-12 07:16 - 2013-10-31 20:57 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-12 07:15 - 2014-07-12 07:15 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-12 07:15 - 2014-04-20 08:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-12 07:15 - 2013-12-24 11:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-12 07:15 - 2013-10-31 20:56 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-12 07:15 - 2011-02-27 19:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

Some content of TEMP:
====================
C:\Users\Hewlett\AppData\Local\Temp\7za.exe
C:\Users\Hewlett\AppData\Local\Temp\hijackthis.exe
C:\Users\Hewlett\AppData\Local\Temp\NirCmd.exe
C:\Users\Hewlett\AppData\Local\Temp\PEVZ.EXE
C:\Users\Hewlett\AppData\Local\Temp\Quarantine.exe
C:\Users\Hewlett\AppData\Local\Temp\remove.exe
C:\Users\Hewlett\AppData\Local\Temp\sed.exe
C:\Users\Hewlett\AppData\Local\Temp\shortcut.exe
C:\Users\Hewlett\AppData\Local\Temp\swreg.exe
C:\Users\Hewlett\AppData\Local\Temp\swxcacls.exe
C:\Users\Hewlett\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-07 02:59

==================== End Of Log ============================


Edited by Vintage Charms, 10 August 2014 - 10:46 PM.

  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
You copy what's in the code box above, then paste it to notepad and save it as a Fixlist.txt

Take your time an review it again

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box into Notepad.

That's how you do it
  • 0

Advertisements


#11
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OK, that is what I did.  Then I saved it to the desktop.  So that is the most recent FRST scan I listed above...Thanks.


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
OK,

If you saved the Fixlist.txt to the desktop

then

Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
  • 0

#13
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OK, I did.  FRST says there is no Fixlist.txt.  And it did update the software.   No fixlist.txt found.  The fixlist.txt should be in the same folder/directory the tool is located. 


Edited by Vintage Charms, 10 August 2014 - 11:06 PM.

  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts

FRST says there is no Fixlist.txt.


Do you see Fixlist.txt on your desktop, that's where you should have saved it.
  • 0

#15
Vintage Charms

Vintage Charms

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts

OK, get out the Tylenol.  I had a typo in the title.  Here is the Fixlog:  Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-08-2014 01
Ran by Hewlett at 2014-08-11 01:40:31 Run:1
Running from C:\Users\Hewlett\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
reboot:
host:
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\[email protected]
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe (No File)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
S4 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx [2014-07-12]
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:134FBDE2
AlternateDataStreams: C:\ProgramData\Temp:17C48B08
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:391535F9
AlternateDataStreams: C:\ProgramData\Temp:4673E9EA
AlternateDataStreams: C:\ProgramData\Temp:55F44B88
AlternateDataStreams: C:\ProgramData\Temp:61F0C8FB
AlternateDataStreams: C:\ProgramData\Temp:623E564B
AlternateDataStreams: C:\ProgramData\Temp:737160C1
AlternateDataStreams: C:\ProgramData\Temp:78E0DF72
AlternateDataStreams: C:\ProgramData\Temp:9BAC4211
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57
AlternateDataStreams: C:\ProgramData\Temp:AE34D87E
AlternateDataStreams: C:\ProgramData\Temp:BC8E9899
AlternateDataStreams: C:\ProgramData\Temp:C039C6AC
AlternateDataStreams: C:\ProgramData\Temp:C07A6A6B
AlternateDataStreams: C:\ProgramData\Temp:D31BE97C
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:EBCF5924
AlternateDataStreams: C:\ProgramData\Temp:F52DB269
end
*****************

host: => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin" => Key deleted successfully.
C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value deleted successfully.
C:\BTGUARD\settings.exe not found.
"HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator" => Key deleted successfully.
C:\Users\Hewlett\AppData\Roaming\CATALI~2\NPBCSK~1.DLL => Moved successfully.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) => Error: No automatic fix found for this entry.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
CouponPrinterService => Service deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmolcgpienlcieaajfkkdamlngancncm" => Key deleted successfully.
"C:\Users\Hewlett\AppData\Local\Temp\Rar$EX70.016\Internet Download Manager 6.12 Build 21 Full Crack\IDMGCExt.crx" => File/Directory not found.
C:\ProgramData\Temp => ":02DD996C" ADS removed successfully.
C:\ProgramData\Temp => ":134FBDE2" ADS removed successfully.
C:\ProgramData\Temp => ":17C48B08" ADS removed successfully.
C:\ProgramData\Temp => ":206470A5" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":31106FCB" ADS removed successfully.
C:\ProgramData\Temp => ":391535F9" ADS removed successfully.
C:\ProgramData\Temp => ":4673E9EA" ADS removed successfully.
C:\ProgramData\Temp => ":55F44B88" ADS removed successfully.
C:\ProgramData\Temp => ":61F0C8FB" ADS removed successfully.
C:\ProgramData\Temp => ":623E564B" ADS removed successfully.
C:\ProgramData\Temp => ":737160C1" ADS removed successfully.
C:\ProgramData\Temp => ":78E0DF72" ADS removed successfully.
C:\ProgramData\Temp => ":9BAC4211" ADS removed successfully.
C:\ProgramData\Temp => ":9C3AAD57" ADS removed successfully.
C:\ProgramData\Temp => ":AE34D87E" ADS removed successfully.
C:\ProgramData\Temp => ":BC8E9899" ADS removed successfully.
C:\ProgramData\Temp => ":C039C6AC" ADS removed successfully.
C:\ProgramData\Temp => ":C07A6A6B" ADS removed successfully.
C:\ProgramData\Temp => ":D31BE97C" ADS removed successfully.
C:\ProgramData\Temp => ":E21987F7" ADS removed successfully.
C:\ProgramData\Temp => ":EBCF5924" ADS removed successfully.
C:\ProgramData\Temp => ":F52DB269" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog ====

 

Thanks for the patience.


Edited by Vintage Charms, 10 August 2014 - 11:52 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP