Hi Joe,
The computer is showing no sign of serious slow down it used to. I think your instructions are working! Was the computer infected? What was causing it to slow down dramatically?
I have placed Farbar onto the Desktop and ran it from here. Farbar did not run smoothly both this time and last. I managed to snipped a picture of the error message:
I selected "Yes" and then proceed with "Scan". We still managed to get new log files:
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by YaoTheHong (ATTENTION: The logged in user is not administrator) on BOMBOMCHA on 05-12-2014 00:15:16
Running from C:\Users\YaoTheHong\Desktop
Loaded Profile: YaoTheHong (Available profiles: admin & YaoTheHong & Ajnim & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Flux Software LLC) C:\Users\YaoTheHong\AppData\Local\FluxSoftware\Flux\flux.exe
(Safer-Networking Ltd.) C:\Users\YaoTheHong\Documents\Appendical Programs\Spybot SD 1.6.2\Spybot - Search & Destroy\TeaTimer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [93832 2010-11-02] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FAStartup] => [X]
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Run: [F.lux] => C:\Users\YaoTheHong\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Run: [Google Update] => C:\Users\YaoTheHong\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Run: [SpybotSD TeaTimer] => C:\Users\YaoTheHong\Documents\Appendical Programs\Spybot SD 1.6.2\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Policies\Explorer: []
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\YaoTheHong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\YaoTheHong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.my/
URLSearchHook: HKU\S-1-5-21-3057907370-1423405045-2432694329-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3057907370-1423405045-2432694329-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SSOIEAddonBHO Class -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SSOIEAddonBHO Class -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-3057907370-1423405045-2432694329-1001 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78A71A00-BC74-4F42-904C-6612B42C1F19}: [NameServer] 208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default
FF DefaultSearchEngine: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://malaysia.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "124.168.86.122"
FF NetworkProxy: "http", "124.168.86.122"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "124.168.86.122"
FF NetworkProxy: "ssl", "124.168.86.122"
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\YaoTheHong\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: @talk.google.com/O1DPlugin -> C:\Users\YaoTheHong\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: @tools.google.com/Google Update;version=3 -> C:\Users\YaoTheHong\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: @tools.google.com/Google Update;version=9 -> C:\Users\YaoTheHong\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: tdameritrade.com/thinkorswim -> C:\Users\YaoTheHong\AppData\Local\thinkorswim\npthinkorswim.dll (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3057907370-1423405045-2432694329-1001: tdameritrade.com/tossc -> C:\Users\YaoTheHong\AppData\Local\thinkorswim\nptossc.dll (TD Ameritrade)
FF Plugin ProgramFiles/Appdata: C:\Users\YaoTheHong\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\YaoTheHong\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Bitdefender QuickScan - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-07-24]
FF Extension: Tab Scope - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\
[email protected] [2011-03-27]
FF Extension: MacOSX Theme (Firefox 4+) - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\{03A4A97B-1A44-4a3b-8A41-D982F0B6E73F}.xpi [2011-04-06]
FF Extension: ImTranslator - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-03-27]
FF Extension: Adblock Plus - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Tab Mix Plus - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\Firefox\Profiles\ko14j2o2.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-05-13]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2011-01-18]
FF Extension: No Name - C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\addons\OneClickYouTubeDownloader [Not Found]
FF Extension: No Name - C:\Users\YaoTheHong\Documents\Appendical Programs\FreeMake Video Converter v2.1.3.0\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [Not Found]
FF Extension: No Name - C:\Users\YaoTheHong\Documents\Appendical Programs\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.my/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Orbit Downloader) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\YaoTheHong\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\YaoTheHong\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-21]
CHR Extension: (TrafficLight) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2013-06-02]
CHR Extension: (Google Search) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-21]
CHR Extension: (PicMonkey Extension) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl [2013-01-16]
CHR Extension: (Morpheon Dark - Aero) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpnbbonpgadmkipdlclghcekaklebdpi [2012-08-19]
CHR Extension: (AdBlock) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-12-01]
CHR Extension: (Smooth Gestures) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2011-12-01]
CHR Extension: (Google Wallet) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\YaoTheHong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2428552 2010-11-02] (Sensible Vision ) [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-11-14] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-11-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2013-04-08] (DT Soft Ltd)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2011-06-24] (Arainia Solutions LLC)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158976 2010-02-26] (Intel Corporation) [File not signed]
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-03] ()
S3 nmwcdx64; system32\drivers\nmwcdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-05 00:15 - 2014-12-05 00:15 - 00024859 _____ () C:\Users\YaoTheHong\Desktop\FRST.txt
2014-12-05 00:04 - 2014-12-05 00:04 - 00000000 ____D () C:\Users\YaoTheHong\Desktop\FRST-OlderVersion
2014-12-03 22:46 - 2014-12-03 22:52 - 00021477 _____ () C:\Users\YaoTheHong\Downloads\Addition.txt
2014-12-03 22:44 - 2014-12-03 22:46 - 00044765 _____ () C:\Users\YaoTheHong\Downloads\FRST.txt
2014-12-03 22:43 - 2014-12-05 00:15 - 00000000 ____D () C:\FRST
2014-12-03 22:42 - 2014-12-05 00:04 - 02117632 _____ (Farbar) C:\Users\YaoTheHong\Desktop\FRST64.exe
2014-12-02 23:22 - 2014-12-02 23:22 - 00000000 ____D () C:\Windows\ERUNT
2014-12-02 23:11 - 2014-12-02 23:16 - 00000000 ____D () C:\AdwCleaner
2014-12-02 22:51 - 2014-12-02 22:51 - 00000000 ____D () C:\_OTL
2014-12-02 03:02 - 2014-12-02 03:02 - 02154496 _____ () C:\Users\YaoTheHong\Downloads\adwcleaner_4.103.exe
2014-12-02 03:02 - 2014-12-02 03:02 - 01707646 _____ (Thisisu) C:\Users\YaoTheHong\Downloads\JRT.exe
2014-12-01 03:34 - 2014-12-01 03:34 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-29 01:48 - 2014-11-29 01:48 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-26 12:40 - 2014-12-01 01:14 - 00096062 _____ () C:\Users\YaoTheHong\Downloads\Extras.Txt
2014-11-26 01:38 - 2014-12-01 01:10 - 00158658 _____ () C:\Users\YaoTheHong\Downloads\OTL.Txt
2014-11-26 01:18 - 2014-11-26 01:18 - 00013634 _____ () C:\Windows\DPINST.LOG
2014-11-26 01:17 - 2014-11-26 01:17 - 00000000 ____D () C:\Program Files\Western Digital
2014-11-26 01:11 - 2014-11-26 01:11 - 00602112 _____ (OldTimer Tools) C:\Users\YaoTheHong\Downloads\OTL.com
2014-11-22 23:19 - 2014-12-05 00:04 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-11-22 23:18 - 2014-12-02 23:17 - 00250500 _____ () C:\Windows\PFRO.log
2014-11-22 02:11 - 2014-12-05 00:02 - 00232576 _____ () C:\Windows\setupact.log
2014-11-22 02:11 - 2014-11-22 02:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-20 01:24 - 2014-11-11 11:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-20 01:24 - 2014-11-11 11:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-20 01:24 - 2014-11-11 10:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 01:24 - 2014-11-11 10:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 00:12 - 2014-11-08 03:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 00:12 - 2014-11-08 03:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 00:12 - 2014-11-06 12:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 00:12 - 2014-11-06 12:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-15 00:12 - 2014-11-06 11:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-15 00:12 - 2014-11-06 11:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 00:12 - 2014-11-06 11:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-15 00:12 - 2014-11-06 11:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 00:12 - 2014-11-06 11:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-15 00:12 - 2014-11-06 11:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 00:12 - 2014-11-06 11:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-15 00:12 - 2014-11-06 11:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 00:12 - 2014-11-06 11:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 00:12 - 2014-11-06 11:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 00:12 - 2014-11-06 11:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 00:12 - 2014-11-06 11:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 00:12 - 2014-11-06 11:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 00:12 - 2014-11-06 10:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 00:12 - 2014-11-06 10:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-15 00:12 - 2014-11-06 10:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 00:12 - 2014-11-06 10:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 00:12 - 2014-11-06 10:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-15 00:12 - 2014-11-06 10:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 00:12 - 2014-11-06 10:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 00:12 - 2014-11-06 10:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 00:12 - 2014-11-06 10:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 00:12 - 2014-11-06 10:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 00:12 - 2014-11-06 10:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 00:12 - 2014-11-06 10:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 00:12 - 2014-11-06 10:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 00:12 - 2014-11-06 09:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 00:12 - 2014-11-06 09:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 00:11 - 2014-11-06 12:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 00:11 - 2014-11-06 11:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 00:11 - 2014-11-06 11:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 00:11 - 2014-11-06 11:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-15 00:11 - 2014-11-06 11:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 00:11 - 2014-11-06 11:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 00:11 - 2014-11-06 11:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 00:11 - 2014-11-06 11:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 00:11 - 2014-11-06 11:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-15 00:11 - 2014-11-06 11:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 00:11 - 2014-11-06 11:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 00:11 - 2014-11-06 11:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 00:11 - 2014-11-06 11:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-15 00:11 - 2014-11-06 11:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 00:11 - 2014-11-06 11:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 00:11 - 2014-11-06 10:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-15 00:11 - 2014-11-06 10:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 00:11 - 2014-11-06 10:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 00:11 - 2014-11-06 10:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 00:11 - 2014-11-06 10:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 00:11 - 2014-11-06 10:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-15 00:11 - 2014-11-06 10:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 00:11 - 2014-11-06 09:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 00:11 - 2014-11-06 09:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 00:06 - 2014-11-06 01:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 00:06 - 2014-11-06 01:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 00:06 - 2014-11-06 01:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-15 00:06 - 2014-10-14 10:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-15 00:06 - 2014-10-14 10:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-15 00:06 - 2014-10-14 10:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-15 00:06 - 2014-10-14 10:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-15 00:06 - 2014-10-14 10:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-15 00:06 - 2014-10-14 09:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-15 00:06 - 2014-10-14 09:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-15 00:06 - 2014-10-14 09:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-15 00:06 - 2014-10-14 09:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-15 00:01 - 2014-10-03 10:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-15 00:01 - 2014-10-03 10:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-15 00:01 - 2014-10-03 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-15 00:01 - 2014-10-03 10:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-15 00:01 - 2014-10-03 10:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-15 00:01 - 2014-10-03 09:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-15 00:01 - 2014-10-03 09:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-15 00:01 - 2014-10-03 09:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-15 00:01 - 2014-09-19 17:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-15 00:01 - 2014-09-19 17:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-15 00:01 - 2014-09-19 17:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-15 00:01 - 2014-09-19 17:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-15 00:01 - 2014-08-21 14:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-15 00:01 - 2014-08-21 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-15 00:01 - 2014-08-21 14:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-15 00:01 - 2014-08-21 14:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-15 00:01 - 2014-08-12 10:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-15 00:01 - 2014-08-12 09:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-15 00:00 - 2014-10-25 09:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-15 00:00 - 2014-10-25 09:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-15 00:00 - 2014-10-14 10:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-15 00:00 - 2014-10-14 09:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-15 00:00 - 2014-10-10 08:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-15 00:00 - 2014-09-19 17:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-15 00:00 - 2014-09-19 17:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-15 00:00 - 2014-09-19 17:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-15 00:00 - 2014-09-19 17:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-15 00:00 - 2014-09-19 17:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-15 00:00 - 2014-09-19 17:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-15 00:00 - 2014-09-19 17:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-15 00:00 - 2014-09-19 17:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-14 23:59 - 2014-10-18 10:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 23:59 - 2014-10-18 09:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-07 01:20 - 2014-11-07 01:20 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2014-11-05 00:59 - 2014-11-05 00:59 - 00205286 _____ () C:\ProgramData\1415120111.bdinstall.bin
2014-11-05 00:59 - 2014-11-05 00:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-11-05 00:56 - 2014-11-05 00:59 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-05 00:56 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-05 00:56 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-05 00:55 - 2014-11-05 00:55 - 00000000 ____D () C:\Users\admin\AppData\Roaming\QuickScan
2014-11-05 00:55 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-05 00:55 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-05 00:08 - 2009-07-14 12:45 - 00026784 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 00:08 - 2009-07-14 12:45 - 00026784 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 00:07 - 2014-08-18 12:42 - 01373251 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 00:07 - 2009-07-14 13:13 - 00782720 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-05 00:02 - 2013-04-02 13:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-05 00:02 - 2013-01-30 22:40 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 00:02 - 2011-01-18 03:49 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-05 00:02 - 2009-07-14 13:08 - 00032598 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-05 00:02 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-04 01:39 - 2011-02-10 18:54 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001UA.job
2014-12-04 01:37 - 2013-01-30 22:40 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 01:34 - 2012-04-02 09:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 23:34 - 2013-04-02 14:27 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-02 23:34 - 2013-04-02 14:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-02 23:16 - 2013-04-02 13:10 - 00000000 ____D () C:\Users\admin
2014-12-02 23:06 - 2011-01-18 04:03 - 00000000 ____D () C:\ProgramData\Sonic
2014-12-02 22:47 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-02 02:49 - 2009-07-14 12:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-12-01 03:34 - 2012-04-02 09:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-01 03:34 - 2011-05-17 19:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-01 01:37 - 2011-01-24 03:31 - 00000000 ____D () C:\Users\YaoTheHong\AppData\Roaming\vlc
2014-12-01 00:56 - 2013-04-04 03:16 - 00127296 _____ () C:\Users\YaoTheHong\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 00:54 - 2013-04-03 14:50 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-12-01 00:54 - 2012-04-22 02:28 - 00000000 ____D () C:\ProgramData\Panda Security
2014-12-01 00:54 - 2009-07-14 12:45 - 00464632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 00:52 - 2013-11-09 17:05 - 00000000 ____D () C:\Users\Ajnim\AppData\Roaming\Panda Security
2014-12-01 00:52 - 2012-04-22 13:12 - 00000000 ____D () C:\Users\YaoTheHong\AppData\Roaming\Panda Security
2014-12-01 00:52 - 2012-04-22 02:30 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Panda Security
2014-11-26 01:19 - 2014-08-15 00:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-26 01:17 - 2014-08-13 01:14 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-11-26 01:17 - 2014-08-13 01:13 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-11-26 01:17 - 2014-08-13 01:11 - 00000000 ____D () C:\ProgramData\Western Digital
2014-11-26 00:38 - 2011-02-10 18:54 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001Core.job
2014-11-24 13:03 - 2011-11-29 15:37 - 00000000 ____D () C:\Users\YaoTheHong\AppData\Roaming\DAEMON Tools Lite
2014-11-22 23:16 - 2012-05-15 02:48 - 00000000 ____D () C:\Windows\ShellNew
2014-11-16 03:16 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-11-15 22:30 - 2014-05-07 02:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-15 02:20 - 2011-05-01 00:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-15 02:11 - 2013-10-24 17:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-15 02:00 - 2012-05-10 20:05 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-15 00:34 - 2011-01-22 16:18 - 00000000 ____D () C:\Users\YaoTheHong\AppData\Roaming\Mozilla
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
==================== End Of Log ============================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by YaoTheHong at 2014-12-05 00:16:12
Running from C:\Users\YaoTheHong\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
COMSOL 4.1 (HKLM-x32\...\COMSOL41) (Version: COMSOL Multiphysics 4.1 - COMSOL)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
f.lux (HKU\S-1-5-21-3057907370-1423405045-2432694329-1001\...\Flux) (Version: - )
Face Recognition (HKLM\...\{2C5BEF49-4219-4751-9106-39604462939D}) (Version: 3.0.85.1 - Sensible Vision)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MATLAB R2009a (HKLM\...\MatlabR2009a) (Version: 7.8 - The MathWorks, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5939 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
thinkorswim (HKLM-x32\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
thinkorswim from TD AMERITRADE (HKLM-x32\...\thinkorswim from TD AMERITRADE) (Version: - TD AMERITRADE, Inc.)
Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version: - )
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{2A3862B1-F0C6-49F3-AB9A-C53D7C4EEBEA}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{5A6ABA38-E8D6-4B52-B0BF-44081833E1D2}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{e502616c-37a2-498e-a9ee-cd1234ccc820}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-06-22 02:53 - 2014-12-02 22:56 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001Core.job => C:\Users\YaoTheHong\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001UA.job => C:\Users\YaoTheHong\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-11-05 00:59 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2014-10-19 03:03 - 2014-10-19 03:03 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\fccbf4d4987de0de0981bc81b08ee26c\VistaBridgeLibrary.ni.dll
2010-11-02 12:40 - 2010-11-02 12:40 - 00092808 _____ () C:\Windows\system32\FAIEExtension.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:BDU
AlternateDataStreams: C:\Users\YaoTheHong\Downloads\adwcleaner_4.103.exe:BDU
AlternateDataStreams: C:\Users\YaoTheHong\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\YaoTheHong\Downloads\OTL.com:BDU
AlternateDataStreams: C:\Users\YaoTheHong\AppData\Roaming\default.rss:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: M4-Service => 2
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Users\YaoTheHong\Documents\Appendical Programs\Spybot SD 1.6.2\Spybot - Search & Destroy\TeaTimer.exe
========================= Accounts: ==========================
admin (S-1-5-21-3057907370-1423405045-2432694329-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3057907370-1423405045-2432694329-500 - Administrator - Disabled)
Ajnim (S-1-5-21-3057907370-1423405045-2432694329-1005 - Limited - Enabled) => C:\Users\Ajnim
Guest (S-1-5-21-3057907370-1423405045-2432694329-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3057907370-1423405045-2432694329-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3057907370-1423405045-2432694329-1008 - Limited - Enabled)
YaoTheHong (S-1-5-21-3057907370-1423405045-2432694329-1001 - Limited - Enabled) => C:\Users\YaoTheHong
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/05/2014 00:03:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sftservice.EXE, version: 1.0.82.72, time stamp: 0x4e45499a
Faulting module name: sftservice.EXE, version: 1.0.82.72, time stamp: 0x4e45499a
Exception code: 0xc0000005
Fault offset: 0x0006996b
Faulting process id: 0x92c
Faulting application start time: 0xsftservice.EXE0
Faulting application path: sftservice.EXE1
Faulting module path: sftservice.EXE2
Report Id: sftservice.EXE3
System errors:
=============
Error: (12/05/2014 00:03:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/05/2014 00:03:29 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (12/05/2014 00:03:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (12/03/2014 10:40:35 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (12/02/2014 11:38:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (12/02/2014 11:37:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (12/02/2014 11:34:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
Error: (12/02/2014 11:33:50 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Microsoft Office Sessions:
=========================
Error: (12/05/2014 00:03:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sftservice.EXE1.0.82.724e45499asftservice.EXE1.0.82.724e45499ac00000050006996b92c01d00fdbc3f5dcefC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE10405afe-7bcf-11e4-8dd2-f04da265b4d2
CodeIntegrity Errors:
===================================
Date: 2014-08-01 02:40:32.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\admin\AppData\Local\Temp\RarSFX0\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-08-01 02:40:31.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\admin\AppData\Local\Temp\RarSFX0\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-08-01 02:40:31.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\admin\AppData\Local\Temp\RarSFX0\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.369
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.307
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.245
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.182
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
Date: 2014-01-12 14:24:23.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 37%
Total physical RAM: 4028.38 MB
Available physical RAM: 2505.73 MB
Total Pagefile: 8054.94 MB
Available Pagefile: 5928.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:335.58 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================