I'm still getting Threat Detected Warnings. Even when I'm not using the web browser, it's open, but I'm working in Quickbooks, I still get warnings.
It wouldn't let me uninstall pdffordge Toolbar v9.3. Windows Installer opens and says I need the CD-ROM or other removable disk or finding pdfforge Toolbar.msi in a folder, which I didn't find through search.
I uninstalled Shopping InContext and Smilebox and restarted my computer.
Here's the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by Nakamoto (administrator) on NAKAMOTO-PC on 16-12-2014 07:00:28
Running from C:\Users\Nakamoto\Desktop
Loaded Profile: Nakamoto (Available profiles: Nakamoto)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
(Dropbox, Inc.) C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3761464 2013-09-30] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-12-08] (Simply Super Software)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650536 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Nakamoto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [a_MiMediaFiles_MonitoredFolder] -> {C00213B1-77A8-4F0E-B740-0B36FBF7FAE7} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions-x64.dll (MiMedia)
ShellIconOverlayIdentifiers: [a_MiMediaFiles_SynchronizationPending] -> {FAD5EA38-2D1D-485D-9B07-D35EB72B922E} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions-x64.dll (MiMedia)
ShellIconOverlayIdentifiers: [a_MiMediaFiles_Synchronized] -> {69DE75F6-60E6-4E55-B416-171941A5C73E} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions-x64.dll (MiMedia)
ShellIconOverlayIdentifiers-x32: [_MiMediaFiles_MonitoredFolder] -> {C00213B1-77A8-4F0E-B740-0B36FBF7FAE7} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [_MiMediaFiles_SynchronizationPending] -> {FAD5EA38-2D1D-485D-9B07-D35EB72B922E} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [_MiMediaFiles_Synchronized] -> {69DE75F6-60E6-4E55-B416-171941A5C73E} => C:\Program Files\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (TODO: <Company name>)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 24.25.227.55 209.18.47.61 24.25.227.53
FireFox:
========
FF ProfilePath: C:\Users\Nakamoto\AppData\Roaming\Mozilla\Firefox\Profiles\5g2iigem.default-1416507301759
FF DefaultSearchEngine: Google (avast)
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3728143812-4245075021-3154152335-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.10.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Nakamoto\AppData\Roaming\Mozilla\Firefox\Profiles\5g2iigem.default-1416507301759\searchplugins\google-avast.xml
FF Extension: Bitdefender QuickScan - C:\Users\Nakamoto\AppData\Roaming\Mozilla\Firefox\Profiles\5g2iigem.default-1416507301759\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-11-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-25]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-07]
Chrome:
=======
CHR HomePage: Default ->
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Nakamoto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.10.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Profile: C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-26]
CHR Extension: (YouTube) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-29]
CHR Extension: (Google Search) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-29]
CHR Extension: (Chromebleed) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-07-23]
CHR Extension: (Google Wallet) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Nakamoto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2013-07-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-11-12] (SurfRight B.V.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-10] (Enigma Software Group USA, LLC.)
S2 SearchProtectionService; "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-11-12] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-05-25] (EldoS Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-11-12] (Emsisoft GmbH)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-10] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2008-01-15] (PixArt Imaging Inc.)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1041000 2012-01-31] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-09] ()
R3 xMrMini64; C:\Windows\System32\DRIVERS\xMrMini64.sys [282752 2010-01-25] (Magic Control Technology Corp.)
R3 xVGAMINI64; C:\Windows\System32\DRIVERS\xVgaMini64.sys [286336 2010-01-25] (Magic Control Technology Corp.)
S3 xVGAUSB64; C:\Windows\System32\drivers\xvgausb64.sys [52224 2010-01-25] (Magic Control Technology Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 15:20 - 2014-12-14 15:20 - 02166272 _____ () C:\Users\Nakamoto\Desktop\AdwCleaner.exe
2014-12-13 11:40 - 2014-12-13 11:40 - 00000000 ____D () C:\Users\Nakamoto\Desktop\FRST-OlderVersion
2014-12-11 18:54 - 2014-12-16 07:00 - 00028259 _____ () C:\Users\Nakamoto\Desktop\FRST.txt
2014-12-11 18:53 - 2014-12-16 07:00 - 00000000 ____D () C:\FRST
2014-12-11 18:45 - 2014-12-13 11:40 - 02119168 _____ (Farbar) C:\Users\Nakamoto\Desktop\FRST64.exe
2014-12-11 09:52 - 2014-12-11 09:52 - 00088096 _____ () C:\Users\Nakamoto\Desktop\Extras.Txt
2014-12-11 09:51 - 2014-12-11 09:51 - 00163700 _____ () C:\Users\Nakamoto\Desktop\OTL.Txt
2014-12-11 08:33 - 2014-12-11 08:38 - 00602112 _____ (OldTimer Tools) C:\Users\Nakamoto\Desktop\OTL.exe
2014-12-11 07:51 - 2014-12-11 08:00 - 00000000 ___DC () C:\Users\Nakamoto\AppData\Local\MigWiz
2014-12-10 13:30 - 2014-12-10 13:47 - 00000000 ____D () C:\Users\Nakamoto\Desktop\TrendMicro AntiThreat Toolkit
2014-12-10 10:21 - 2014-12-10 10:24 - 00000000 ___SD () C:\ComboFix
2014-12-10 04:12 - 2014-12-10 04:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:26 - 2014-10-17 16:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:26 - 2014-10-17 15:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 03:26 - 2014-07-06 16:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 03:26 - 2014-07-06 16:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 03:26 - 2014-07-06 16:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 03:26 - 2014-07-06 16:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 03:26 - 2014-07-06 15:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 03:26 - 2014-07-06 15:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 03:26 - 2014-07-06 15:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 03:26 - 2014-07-06 15:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 17:43 - 2014-12-03 16:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 17:43 - 2014-12-03 16:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 17:43 - 2014-12-01 13:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 17:42 - 2014-11-26 15:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 17:42 - 2014-11-21 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 17:42 - 2014-11-21 16:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 17:42 - 2014-11-21 16:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 17:42 - 2014-11-21 16:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 17:42 - 2014-11-21 16:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 17:42 - 2014-11-21 15:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 17:42 - 2014-11-21 15:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 17:42 - 2014-11-21 15:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 17:42 - 2014-11-21 15:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 17:42 - 2014-11-21 14:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 17:42 - 2014-11-10 17:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 17:42 - 2014-11-10 16:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 17:42 - 2014-11-10 15:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 17:41 - 2014-11-26 15:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 17:41 - 2014-11-21 17:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 17:41 - 2014-11-21 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 17:41 - 2014-11-21 16:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 17:41 - 2014-11-21 16:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 17:41 - 2014-11-21 16:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 17:41 - 2014-11-21 16:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 17:41 - 2014-11-21 16:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 17:41 - 2014-11-21 16:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 17:41 - 2014-11-21 16:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-09 17:41 - 2014-11-21 16:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 17:41 - 2014-11-21 16:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 17:41 - 2014-11-21 16:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 17:41 - 2014-11-21 16:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 17:41 - 2014-11-21 16:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 17:41 - 2014-11-21 16:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 17:41 - 2014-11-21 16:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 17:41 - 2014-11-21 16:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 17:41 - 2014-11-21 16:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 17:41 - 2014-11-21 16:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 17:41 - 2014-11-21 16:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 17:41 - 2014-11-21 16:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 17:41 - 2014-11-21 16:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 17:41 - 2014-11-21 16:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 17:41 - 2014-11-21 15:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 17:41 - 2014-11-21 15:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 17:41 - 2014-11-21 15:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-09 17:41 - 2014-11-21 15:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 17:41 - 2014-11-21 15:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 17:41 - 2014-11-21 15:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 17:41 - 2014-11-21 15:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 17:41 - 2014-11-21 15:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 17:41 - 2014-11-21 15:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 17:41 - 2014-11-21 15:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 17:41 - 2014-11-21 15:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 17:41 - 2014-11-21 15:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 17:41 - 2014-11-21 15:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 17:41 - 2014-11-21 15:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 17:41 - 2014-11-21 15:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 17:41 - 2014-11-21 15:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 17:41 - 2014-11-21 15:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 17:41 - 2014-11-21 15:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 17:41 - 2014-11-21 15:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 17:41 - 2014-11-21 15:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 17:41 - 2014-11-21 14:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 17:39 - 2014-11-07 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 17:39 - 2014-11-07 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 17:39 - 2014-10-29 16:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 17:39 - 2014-10-29 15:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 17:39 - 2014-10-02 16:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 17:39 - 2014-10-02 16:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 17:39 - 2014-10-02 16:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 17:39 - 2014-10-02 16:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 17:39 - 2014-10-02 16:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 17:39 - 2014-10-02 15:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 17:39 - 2014-10-02 15:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 17:39 - 2014-10-02 15:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 17:39 - 2014-10-02 15:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 17:39 - 2014-10-02 15:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 18:22 - 2014-12-08 18:22 - 00000000 ____D () C:\Quarantine
2014-12-08 18:18 - 2014-12-08 18:18 - 00000000 ____D () C:\Program Files\McAfee
2014-12-08 18:16 - 2014-12-08 20:56 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-12-08 17:02 - 2014-12-08 17:02 - 00125488 _____ () C:\Users\Nakamoto\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-08 16:50 - 2014-12-08 16:57 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\Wise Registry Cleaner
2014-12-08 16:50 - 2014-12-08 16:50 - 00001233 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-12-08 16:50 - 2014-12-08 16:50 - 00000000 ____D () C:\Users\Nakamoto\Documents\Simply Super Software
2014-12-08 16:50 - 2014-12-08 16:50 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\Simply Super Software
2014-12-08 16:50 - 2014-12-08 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2014-12-08 16:50 - 2014-12-08 16:50 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-12-08 16:48 - 2014-12-08 16:48 - 00001115 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-12-08 16:48 - 2014-12-08 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-12-08 16:47 - 2014-12-08 16:51 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-12-08 16:47 - 2014-12-08 16:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-12-08 12:38 - 2014-12-08 12:38 - 00001878 _____ () C:\Users\Nakamoto\Desktop\aswMBR.txt
2014-12-08 12:38 - 2014-12-08 12:38 - 00000512 _____ () C:\Users\Nakamoto\Desktop\MBR.dat
2014-12-08 08:57 - 2014-12-08 08:59 - 00003488 _____ () C:\Windows\RegBootClean.CFG
2014-12-08 06:25 - 2014-12-08 06:25 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\AVAST Software
2014-12-07 23:37 - 2014-12-07 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-07 23:36 - 2014-12-16 06:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-07 23:34 - 2014-12-07 23:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-07 23:34 - 2014-12-07 23:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-07 23:34 - 2014-12-07 23:33 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-07 23:34 - 2014-12-07 23:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-07 23:34 - 2014-12-07 23:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-07 23:34 - 2014-12-07 23:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-07 23:33 - 2014-12-07 23:36 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-07 23:33 - 2014-12-07 23:33 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-07 23:33 - 2014-12-07 23:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-07 23:32 - 2014-12-07 23:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-07 23:19 - 2014-12-07 23:19 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-07 22:15 - 2014-12-08 16:56 - 00001859 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-12-07 15:28 - 2014-12-16 06:47 - 00000896 _____ () C:\Windows\setupact.log
2014-12-07 15:28 - 2014-12-15 07:10 - 00440626 _____ () C:\Windows\PFRO.log
2014-12-07 15:28 - 2014-12-07 15:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 15:49 - 2014-12-06 21:50 - 00000000 ____D () C:\Users\Nakamoto\AppData\Local\CUSTPDF Writer
2014-12-06 07:16 - 2014-12-07 23:09 - 00000550 _____ () C:\AdwCleanerDebug.txt
2014-12-05 15:32 - 2014-12-05 15:32 - 673054875 _____ () C:\Windows\MEMORY.DMP
2014-12-05 12:12 - 2014-12-10 08:31 - 00004554 _____ () C:\Users\Nakamoto\Desktop\Rkill.txt
2014-12-04 07:58 - 2014-12-04 07:58 - 00116016 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\08263055.sys
2014-12-03 10:47 - 2014-12-03 10:47 - 00007602 _____ () C:\Users\Nakamoto\AppData\Local\Resmon.ResmonCfg
2014-11-25 11:52 - 2014-11-25 11:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-21 12:20 - 2014-11-21 12:42 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-21 12:20 - 2014-11-21 12:42 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-20 09:18 - 2014-12-11 18:38 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-20 09:18 - 2014-11-20 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-18 08:52 - 2014-11-10 17:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 08:52 - 2014-11-10 17:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 08:52 - 2014-11-10 16:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 08:52 - 2014-11-10 16:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-17 12:28 - 2014-11-12 19:41 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20141117-122819.backup
2014-11-16 17:24 - 2014-11-16 17:24 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-16 17:23 - 2014-11-16 17:23 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-11-16 17:23 - 2014-11-16 17:23 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-11-16 17:23 - 2014-11-16 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-11-16 17:22 - 2014-12-07 07:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-16 17:22 - 2014-11-16 17:36 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-16 17:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-16 06:56 - 2010-09-23 08:43 - 02043989 _____ () C:\Windows\WindowsUpdate.log
2014-12-16 06:55 - 2014-11-10 18:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 06:55 - 2009-07-13 18:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 06:55 - 2009-07-13 18:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 06:52 - 2012-04-03 12:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-16 06:49 - 2012-08-15 13:11 - 00000000 ___RD () C:\Users\Nakamoto\Dropbox
2014-12-16 06:49 - 2012-08-15 13:08 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\Dropbox
2014-12-16 06:47 - 2011-01-08 16:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-16 06:47 - 2009-07-13 19:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 06:45 - 2011-01-08 16:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-16 06:33 - 2013-02-02 12:03 - 00000000 ____D () C:\Users\Nakamoto\AppData\Local\Unity
2014-12-16 06:23 - 2014-11-15 17:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-15 06:56 - 2014-11-08 16:02 - 00000000 ____D () C:\AdwCleaner
2014-12-15 06:45 - 2012-05-10 03:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 06:45 - 2012-05-10 03:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 06:18 - 2011-01-08 16:38 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\Skype
2014-12-14 07:54 - 2011-11-30 11:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-14 07:54 - 2011-01-09 10:42 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-14 03:06 - 2012-05-10 03:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 16:02 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 11:47 - 2014-10-24 07:58 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-13 11:42 - 2011-01-08 14:13 - 00000000 ____D () C:\Users\Nakamoto
2014-12-13 11:41 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-12 18:58 - 2012-02-06 21:06 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNakamoto
2014-12-12 18:58 - 2012-02-06 21:06 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForNakamoto.job
2014-12-12 11:57 - 2012-08-15 13:11 - 00001033 _____ () C:\Users\Nakamoto\Desktop\Dropbox.lnk
2014-12-12 11:57 - 2012-08-15 13:09 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-12 08:04 - 2012-01-10 20:03 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-12-11 07:54 - 2013-06-27 16:43 - 00000422 _____ () C:\Users\Nakamoto\Sti_Trace.log
2014-12-10 21:55 - 2014-11-11 20:47 - 00000000 ____D () C:\EEK
2014-12-10 14:58 - 2011-01-28 14:41 - 00000000 ____D () C:\Users\Nakamoto\AppData\Local\CrashDumps
2014-12-10 10:40 - 2014-08-22 09:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-10 10:22 - 2014-11-12 19:17 - 00000000 ____D () C:\Qoobox
2014-12-10 10:21 - 2014-10-22 08:32 - 00000000 ____D () C:\Program Files\PDFCreator
2014-12-10 06:50 - 2010-08-27 15:14 - 00000000 ____D () C:\ProgramData\Temp
2014-12-10 06:31 - 2014-11-07 11:52 - 00000000 ____D () C:\Users\Nakamoto\AppData\Roaming\QuickScan
2014-12-10 04:27 - 2013-08-27 09:05 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 04:12 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 04:12 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 04:12 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:52 - 2013-07-17 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:35 - 2011-01-08 17:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 22:52 - 2012-04-03 12:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 22:52 - 2012-04-03 12:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 22:52 - 2011-06-01 10:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 16:52 - 2014-11-06 09:11 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-08 08:59 - 2014-11-08 07:17 - 00181776 _____ () C:\Windows\RegBootClean.exe
2014-12-07 23:09 - 2014-11-11 20:48 - 00000745 _____ () C:\Users\Nakamoto\Desktop\Start Emsisoft Emergency Kit.lnk
2014-12-07 22:48 - 2014-11-10 22:36 - 00000000 ____D () C:\ProgramData\WRData
2014-12-07 22:15 - 2014-11-15 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-12-07 09:18 - 2014-05-21 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
2014-12-07 09:18 - 2012-05-22 12:28 - 00000000 ____D () C:\Windows\Minidump
2014-12-07 09:18 - 2010-08-27 15:04 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2014-12-07 09:18 - 2009-07-13 17:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-07 09:18 - 2009-07-13 17:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-06 09:32 - 2014-11-12 08:12 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-06 09:32 - 2014-11-10 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-06 09:32 - 2014-11-10 18:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 16:51 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-30 01:59 - 2014-11-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-26 11:41 - 2012-05-03 08:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 14:04 - 2011-07-07 15:11 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-24 11:05 - 2012-01-23 19:48 - 00000000 ____D () C:\Users\Nakamoto\Desktop\Ebay
2014-11-24 10:42 - 2009-07-13 19:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 06:14 - 2014-11-10 18:32 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-11-10 18:32 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-11-10 18:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 09:17 - 2011-01-08 16:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-20 08:15 - 2014-10-04 17:28 - 00000000 ____D () C:\Users\Nakamoto\Desktop\Old Firefox Data
2014-11-16 14:11 - 2012-03-29 21:00 - 00000000 ____D () C:\ProgramData\Recovery
2014-11-16 07:10 - 2014-10-22 08:31 - 00000000 ____D () C:\Program Files (x86)\PDF Creator
Some content of TEMP:
====================
C:\Users\Nakamoto\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf_lkco.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 16:04
==================== End Of Log ============================
Here is the addition log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
Ran by Nakamoto at 2014-12-16 07:01:30
Running from C:\Users\Nakamoto\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Ad-Aware Web Companion (x32 Version: 1.0.788.1475 - Lavasoft) Hidden
Adobe Acrobat 7.1.0 Standard (HKLM-x32\...\Adobe Acrobat 7.0 Standard - V) (Version: 7.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Belkin N600 DB USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0184.1 - Belkin International, Inc.)
Canon MF Toolbox 4.9.1.1.mf13 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf13 - CANON INC.)
Canon MF4700 Series (HKLM\...\{47A8DB42-4E21-4d55-9931-D4F44CC3F03B}) (Version: 4.1.0.0 - CANON INC.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Presentation Server Client (HKLM-x32\...\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}) (Version: 10.00.52110 - Citrix Systems, Inc.)
CollageIt 1.9.0 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version: - PearlMountain Technology Co., Ltd)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Global fx Components (HKLM-x32\...\InstallShield_{F781195B-8662-432D-AB76-6F024A3CF31C}) (Version: 12.12.1219.1536 - CCH Tax and Accounting. A WoltersKluwer Company.)
Global fx Components (x32 Version: 12.12.1219.1536 - CCH Tax and Accounting. A WoltersKluwer Company.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 4.8.0.723 (HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\GoToMeeting) (Version: 4.8.0.723 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-3728143812-4245075021-3154152335-1000\...\HuluDesktop) (Version: 0.9.10 - Hulu LLC)
JC-AM100 (HKLM-x32\...\{B8909A6F-E372-4ABE-8882-91F8D13D81F1}) (Version: 1.0.0.22 - jWIN)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.881 - Kaspersky Lab) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LastPass(uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.0.20.17316 - LeapFrog)
LeapFrog Connect (x32 Version: 5.0.20.17316 - LeapFrog) Hidden
LeapFrog Connect (x32 Version: 5.1.5.17469 - LeapFrog) Hidden
LeapFrog Leapster Explorer Plugin (x32 Version: 5.0.19.17305 - LeapFrog) Hidden
LeapFrog Leapster Explorer Plugin (x32 Version: 5.1.5.17469 - LeapFrog) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2003 Primary Interop Assemblies (HKLM-x32\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
MightyUninstaller (HKLM-x32\...\{91A02C6C-1FAA-49FA-957F-6ACF30D6B47D}_is1) (Version: 2.5.0.1 - MightyUninstaller.com)
MiMedia (HKLM\...\{AC2D7118-4F5C-4EB9-B8D4-AE5959B3E1D8}) (Version: 1.0.46.3234 - MiMedia LLC)
MiMedia (HKLM\...\MiMedia) (Version: 1.0.66.3574 - MiMedia, LLC)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9739 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.58.36 - NVIDIA Corporation)
pdfforge Toolbar v9.3 (HKLM-x32\...\{BF5A8895-5DF8-42F0-80DC-50DD1AA2DD23}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickBooks (x32 Version: 21.0.4014.904 - Intuit Inc.) Hidden
QuickBooks File Doctor (HKLM-x32\...\{7E458862-3A7F-4412-AD2F-EC96F688A393}) (Version: 3.6.5 - Intuit)
QuickBooks Pro 2011 (HKLM-x32\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.26.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
ShareFile Desktop Widget (HKLM-x32\...\ShareFileDesktop.17AF2FD64D6611D25BF6B31FA23B5F4BC1AA06EC.1) (Version: 2.21 - Novel Labs, Inc)
ShareFile Desktop Widget (x32 Version: 2.21 - Novel Labs, Inc) Hidden
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.0.0.4 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.0.0 - Shutterfly, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
System Files (x32 Version: 20.12.1022.1524 - CCH Tax and Accounting. A Wolters Kluwer Company.) Hidden
Trojan Remover 6.9.1.2932 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2932 - Simply Super Software)
USB 2.0 VGA Device (Multiple) 10.02.0324.0153 (HKLM-x32\...\{04A1E855-4EBF-417D-87FF-2F085CA534A0}) (Version: 10.02.0324.0153 - MCT Corp.)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) (HKLM-x32\...\LeapsterExplorerPlugin) (Version: - LeapFrog)
Web Companion (HKLM-x32\...\{0AB46A9E-1335-46CC-81A2-F34AB8DCAD62}_WebCompanion) (Version: 1.0.788.1475 - Lavasoft)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinX HD Video Converter Deluxe 3.10.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software,Inc.)
Wise Registry Cleaner 8.26 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.26 - WiseCleaner.com, Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\723\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3728143812-4245075021-3154152335-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-11-2014 03:05:30 Windows Update
20-11-2014 13:00:49 Windows Update
21-11-2014 21:36:24 avast! antivirus system restore point
23-11-2014 23:57:05 Windows Update
24-11-2014 23:05:23 LavasoftWeCompanion
27-11-2014 02:44:51 Windows Update
30-11-2014 17:15:05 Windows Update
04-12-2014 17:13:51 Windows Update
07-12-2014 17:50:49 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
07-12-2014 18:04:24 Windows Update
08-12-2014 07:05:30 avast! antivirus system restore point
09-12-2014 03:32:32 Removed Java 8 Update 25
10-12-2014 13:11:23 Windows Update
10-12-2014 20:21:47 Removed Java 8 Update 20
10-12-2014 20:34:09 Removed Java 8 Update 20
10-12-2014 20:38:01 Removed Java 7 Update 67
10-12-2014 21:31:13 Windows Backup
11-12-2014 08:00:59 Windows Backup
11-12-2014 17:33:16 Windows Backup
11-12-2014 18:00:54 Windows Backup
12-12-2014 16:40:24 AA11
13-12-2014 09:50:15 Windows Backup
13-12-2014 13:00:31 Windows Update
14-12-2014 13:00:43 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 16:34 - 2014-11-26 11:38 - 00000021 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00FB8777-9075-4208-94B3-7C91F168BE46} - System32\Tasks\{77127DFC-5C12-48EE-B69F-9C5DACE52A0D} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {01520BFC-D720-4E41-9B65-DFC69FAB8022} - System32\Tasks\{DC63CD6F-FF31-49D5-8894-F436E0C41DBF} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {09563AC8-185C-47D6-B11F-7898E71F499B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0D8B22A3-BC04-4FE8-99D9-D445287D5463} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0E059C20-09E3-4419-8DFF-B205E9CAD9C3} - System32\Tasks\{45A4B727-87A7-405D-A8EF-B7A4CE6E646D} => C:\Program Files (x86)\Ralink\Common\RaUI.exe
Task: {10C74263-3E1C-480A-9D24-E08454A60593} - System32\Tasks\{44C77295-4D49-44AD-B662-BBFE8C6BD281} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {1489A980-D1D5-4366-B7F0-143ED4E9C524} - System32\Tasks\{B4C94903-402A-41B3-97AF-B0423F2B9B7E} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {1A4F0DB1-75FA-47A9-A9EA-A247F0DE95A9} - System32\Tasks\{B0420684-AC2A-4265-B6ED-3048D500AA28} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {29EF024D-6D0A-4260-9FB6-4A70AD9042F4} - System32\Tasks\{575B3CA9-8DCE-45C7-9DFB-52E0A657034B} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {30ADE63C-1AFE-4FDB-9E9C-CC5E05537B45} - System32\Tasks\{103C8664-F93A-48CF-90AA-2B8DFCBE9DB2} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {44D8B6E9-3678-4529-B67A-93D5EC3BF048} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
Task: {45744EA7-63BE-4DD1-A6A1-97E3563C543A} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {5304B577-45A1-4A89-ABD8-9C00880CDB29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {5C0775D8-AE05-4DFE-97D0-44962FEE8B6C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {5D088ED5-50B3-4F68-B619-37F306B82983} - System32\Tasks\{30347E5A-EDA8-418A-A593-716014E555B4} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {5FAF769E-4366-44F0-B724-00700F969CDE} - System32\Tasks\{A5580F54-CE58-4E8B-8870-7929CE5EE27A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-02] (Skype Technologies S.A.)
Task: {6273DF32-458C-43B5-8179-B963A2B40F21} - System32\Tasks\{B8D5ABE9-043B-47F7-A21D-00CF4DA078CE} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {664CC9AD-4A54-43D6-8513-2F599DCCB0AD} - System32\Tasks\{6DD605EB-01DD-4428-A208-15395A024792} => pcalua.exe -a C:\Users\Nakamoto\Downloads\avast-browser-cleanup.exe -d C:\Users\Nakamoto\Downloads
Task: {69499373-F228-4C3D-93AA-5E0FA50C5D36} - System32\Tasks\{5D50E94A-8823-421F-ACAF-D82230AE1F99} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {6CB4CF58-58FE-4A96-AAFF-4B4DDC4C823F} - System32\Tasks\{E2DB79CC-F2FF-4961-86E7-CF98A58AFEEC} => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe [2013-07-23] (LeapFrog Enterprises, Inc.)
Task: {6EAD5A5A-0919-4E59-B5B3-E37DC2D380D8} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {84FB87D4-EA96-495A-B4D1-B5CED72E38CF} - System32\Tasks\{F8523CED-D42F-4CFB-917B-485BA8A75E69} => C:\Program Files (x86)\Ralink\Common\RaUI.exe
Task: {873A9006-852A-4F3E-84EA-D0932C30B1CF} - System32\Tasks\{CA3DB9EA-D282-473A-BCEB-3DA1A5094908} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {8CDCE77B-6107-4176-86A3-7A0C39F8302B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {9128E2BD-0A60-432C-9113-4A7E927B503D} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {95B23F23-C7B8-4663-90C8-BF590BBC4654} - System32\Tasks\{FB6C916C-31E5-4447-B427-2E9F71B42B6D} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {A04AB478-96D3-4D99-AE42-121EF3A1283A} - System32\Tasks\{8BAFBCD0-3278-4609-AFDF-D0C68386B6BA} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {A0B230BC-F38D-4662-AAB6-6E77CE28AB77} - System32\Tasks\{6116E31C-DD54-4EEB-965F-6EFFD6087DBC} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {A30EA9EA-1224-4A73-8C75-AB7F48FFAAD4} - System32\Tasks\SlimComputer Run => C:\Program Files (x86)\SlimComputer\SlimComputer.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {A484FCED-EFE5-4B58-9DE7-5F299D68BFF2} - System32\Tasks\{668A1A78-C3F8-4F1E-AECB-E4BE3BE3CB50} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {AAC0C116-1D5E-4AF2-99A1-08BA5A789A46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN15IJ14XT05HR => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {B03FDA6E-4B4C-4975-8343-B1EC54D12BFA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BF86E9FF-1B40-4853-BEDB-4B04D2ACB010} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C2BB4F7F-4D5F-472B-A9DB-69C71257F376} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {CF5322B4-A094-40AF-9853-A5CE4E046F0A} - System32\Tasks\{682FFCE6-BB5C-43B4-BDBC-DCB5002203D7} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {D12B1A82-2E73-4C9E-A0D7-89818BBC4D6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {E0288723-5FA1-4015-8D9F-5FF90355756C} - System32\Tasks\{FD226090-ADA2-4521-B539-C6E9134AED84} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {F0081978-1B68-449F-A584-8663E90C6B94} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {F247E569-BA65-444E-AC4C-158D6FE0990F} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F304B592-D6B4-4448-9F93-9775C157EB6D} - System32\Tasks\{D0D6456E-61EC-4A2B-A377-080665E21693} => C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32Pro.exe [2014-02-03] (Intuit Inc.)
Task: {F50551AF-B4D4-4311-9DE3-00CEBF5188AD} - System32\Tasks\HPCeeScheduleForNakamoto => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {FB78BA03-BD69-4E76-9E29-82D070F44119} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNakamoto.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2012-06-15 09:18 - 2012-06-15 09:18 - 00638904 _____ () C:\Program Files\MiMedia LLC\MiMedia\sqlite3-x64.dll
2009-09-14 13:17 - 2009-09-14 13:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-12-16 06:23 - 2014-12-16 06:23 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121600\algo.dll
2014-11-16 17:22 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-16 17:22 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-16 17:22 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-16 17:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-16 17:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-06-07 15:48 - 2011-06-07 15:48 - 00453000 _____ () C:\Program Files\MiMedia LLC\MiMedia\sqlite3.dll
2014-06-15 23:40 - 2014-06-15 23:40 - 02124256 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 07422144 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 02453696 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 00192704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 00794816 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2014-12-07 23:31 - 2014-12-07 23:32 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-03 20:42 - 2014-02-03 20:42 - 00269128 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll
2014-02-03 20:43 - 2014-02-03 20:43 - 00021320 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBCompressor.dll
2005-07-19 23:18 - 2005-07-19 23:18 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\zlib1.dll
2014-02-03 20:42 - 2014-02-03 20:42 - 00348488 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\BackupLib.dll
2014-02-03 20:43 - 2014-02-03 20:43 - 00126792 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\QBMAPILibrary.dll
2014-02-03 20:42 - 2014-02-03 20:42 - 00176968 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll
2014-02-03 20:43 - 2014-02-03 20:43 - 00042824 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2011\mbpopup.dll
2014-10-21 14:22 - 2014-10-21 14:22 - 00750080 _____ () C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-16 06:49 - 2014-12-16 06:49 - 00043008 _____ () c:\users\nakamoto\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf_lkco.dll
2014-10-21 14:22 - 2014-10-21 14:22 - 00047616 _____ () C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 14:22 - 2014-10-21 14:22 - 00863744 _____ () C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 14:22 - 2014-10-21 14:22 - 00200704 _____ () C:\Users\Nakamoto\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 15:58 - 2010-02-09 15:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Nakamoto\Desktop\Hanahouoli Magazine.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Nakamoto\Desktop\QEP Preschool Yearbook.jpeg:3or4kl4x13tuuug3Byamue2s4b
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Nakamoto^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
========================= Accounts: ==========================
Administrator (S-1-5-21-3728143812-4245075021-3154152335-500 - Administrator - Disabled)
Guest (S-1-5-21-3728143812-4245075021-3154152335-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3728143812-4245075021-3154152335-1002 - Limited - Enabled)
Nakamoto (S-1-5-21-3728143812-4245075021-3154152335-1000 - Administrator - Enabled) => C:\Users\Nakamoto
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (12/15/2014 06:48:15 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
System errors:
=============
Error: (12/16/2014 06:51:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.
Error: (12/16/2014 06:51:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.
Error: (12/16/2014 06:51:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.
Error: (12/16/2014 06:48:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kaspersky Security Scan Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/16/2014 06:47:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
Error: (12/16/2014 06:45:58 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (12/15/2014 07:40:19 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D51B7456-C396-4CEC-A045-6B606A57811F} because another computer on the network has the same name. The server could not start.
Error: (12/15/2014 05:55:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Error: (12/15/2014 07:37:47 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
Error: (12/15/2014 07:11:40 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Kaspersky Security Scan Service service, but this action failed with the following error:
%%1056
Microsoft Office Sessions:
=========================
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/16/2014 06:49:14 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:12:24 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 07:00:09 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
Error: (12/15/2014 06:48:15 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: QuickBooksReturning NULL QBWinInstance Handle
CodeIntegrity Errors:
===================================
Date: 2014-11-12 19:40:02.429
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-12 19:40:02.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon II X4 635 Processor
Percentage of memory in use: 40%
Total physical RAM: 3838.49 MB
Available physical RAM: 2275.64 MB
Total Pagefile: 7675.16 MB
Available Pagefile: 5494.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:584.38 GB) (Free:379.2 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.68 GB) (Free:1.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:3.81 GB) (Free:2.49 GB) FAT32
Drive l: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive m: () (Removable) (Total:1.9 GB) (Free:0.39 GB) FAT
Drive n: (Elements) (Fixed) (Total:931.48 GB) (Free:665.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0CAF551F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 1.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 7 (Size: 3.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================