Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 8 Laptop determined to stay powered on [Closed]


  • This topic is locked This topic is locked

#16
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Just for clarity run this one too:



MbrScan.png Scan with MBRScan

Please download MbrScan by Eric_71 and save it to your desktop.
  • Right-click on MbrScan.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • First click Scan at the upper bar.
  • When the table will get filled with data, click Report.
  • A log (MbrScan.txt) will open in notepad.
Please include the contents of that file in your reply. Due to special formatting, post it directly and not attach!
There will be also a file named Dump_Hdd*_DR*.mbr on your desktop. Do not click on it or delete it!
  • 0

Advertisements


#17
Spencer4134

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
BOOT           : Normal Boot
DATE           : 2014/12/19 (ISO 8601) at 13:04:52
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __TOSHIBA MQ01ABD075 (AX0A4M)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0    698.6 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : A84DD93B5B19931CEADDBCCC47850486
MBR_SHA1  : B0944268147995B9E49E326C04D7E26FE43632AA

Device\Harddisk0\Partition1    2.00 To      0xEE EFI GPT[1]
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0xC447C000
SIZE    : 7.59 Mo

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0xC440C000
SIZE    : 448.0 Ko

DRIVER  : C:\Windows\system32\kd.dll => Invisible on the disk
ADDRESS : 0xC3025000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0xAF0A1000
SIZE    : 408.0 Ko

DRIVER  : C:\Windows\System32\drivers\werkernel.sys => Invisible on the disk
ADDRESS : 0xAF107000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0xAF115000
SIZE    : 388.0 Ko

DRIVER  : C:\Windows\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0xAF176000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0xAF000000
SIZE    : 544.0 Ko

DRIVER  : C:\Windows\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0xAF2B9000
SIZE    : 372.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0xAF316000
SIZE    : 828.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0xAF3E5000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0xAF200000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0xAF218000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0xAF223000
SIZE    : 552.0 Ko

DRIVER  : C:\Windows\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0xAF2AD000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0xAF4F9000
SIZE    : 556.0 Ko

DRIVER  : C:\Windows\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0xAF58C000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0xAF596000
SIZE    : 288.0 Ko

DRIVER  : C:\Windows\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0xAF5DE000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\LPCFilter.sys => Invisible on the disk
ADDRESS : 0xAF5EB000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\trufos.sys => Invisible on the disk
ADDRESS : 0xAF400000
SIZE    : 480.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\FLTMGR.SYS => Invisible on the disk
ADDRESS : 0xAF478000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0xAF4D4000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0xAF088000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0xAF6E2000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0xAF74B000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0xAF760000
SIZE    : 380.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0xAF7BF000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0xAF889000
SIZE    : 2.71 Mo

DRIVER  : C:\Windows\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0xAFB3F000
SIZE    : 380.0 Ko

DRIVER  : C:\Windows\System32\drivers\EhStorClass.sys => Invisible on the disk
ADDRESS : 0xAFB9E000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0xAFBB8000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Wof.sys => Invisible on the disk
ADDRESS : 0xAFBCE000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\avc3.sys => Invisible on the disk
ADDRESS : 0xAFC7B000
SIZE    : 1.26 Mo

DRIVER  : C:\Windows\system32\drivers\WdFilter.sys => Invisible on the disk
ADDRESS : 0xAFDBE000
SIZE    : 264.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\gzflt.sys => Invisible on the disk
ADDRESS : 0xAFC00000
SIZE    : 208.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0xAFEE8000
SIZE    : 1.96 Mo

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0xB00DE000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0xB00FA000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0xB010A000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0xB02EF000
SIZE    : 1.09 Mo

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0xB0407000
SIZE    : 480.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0xB047F000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0xB06E1000
SIZE    : 2.44 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0xB0952000
SIZE    : 432.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0xB09BE000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0xB0600000
SIZE    : 596.0 Ko

DRIVER  : C:\Windows\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0xB04AF000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\System32\drivers\TVALZ_O.SYS => Invisible on the disk
ADDRESS : 0xB0695000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0xB04FE000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0xB06A1000
SIZE    : 92.0 Ko

DRIVER  : C:\Windows\System32\drivers\intelpep.sys => Invisible on the disk
ADDRESS : 0xB06B8000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0xB09E3000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0xB0544000
SIZE    : 340.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0xB06C7000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0xB0F14000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0xB0F42000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0xB0F4B000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0xB0F53000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0xB106C000
SIZE    : 1.50 Mo

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0xB11ED000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0xB1000000
SIZE    : 388.0 Ko

DRIVER  : C:\Windows\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0xB0F61000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0xB0F73000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0xB0F87000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0xB0C00000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0xB0C20000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0xB05A5000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0xB0200000
SIZE    : 584.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0xB0292000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0xB0C2E000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0xB0FE9000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0xB0115000
SIZE    : 448.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0xB02BC000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0xB02CA000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0xB02D6000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0xB0185000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bdvedisk.sys => Invisible on the disk
ADDRESS : 0xB01BB000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ahcache.sys => Invisible on the disk
ADDRESS : 0xB01D1000
SIZE    : 92.0 Ko

DRIVER  : C:\Windows\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0xB05F1000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0xB1061000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0xB01E8000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0xB1289000
SIZE    : 4.14 Mo

DRIVER  : C:\Windows\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0xB16AD000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0xB16C6000
SIZE    : 340.0 Ko

DRIVER  : C:\Windows\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0xB171B000
SIZE    : 200.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0xB174D000
SIZE    : 228.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TeeDriverx64.sys => Invisible on the disk
ADDRESS : 0xB1786000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\RtsP2Stor.sys => Invisible on the disk
ADDRESS : 0xB17A3000
SIZE    : 300.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Rt630x64.sys => Invisible on the disk
ADDRESS : 0xAFE00000
SIZE    : 828.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\athwbx.sys => Invisible on the disk
ADDRESS : 0xB18D7000
SIZE    : 3.75 Mo

DRIVER  : C:\Windows\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0xB1C98000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0xB1CA5000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0xB1CBD000
SIZE    : 444.0 Ko

DRIVER  : C:\Windows\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0xB1D2C000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0xB1D33000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0xB1D3F000
SIZE    : 124.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0xB1D5E000
SIZE    : 556.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0xB1DE9000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0xB1800000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CeKbFilter.sys => Invisible on the disk
ADDRESS : 0xB1810000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0xB181A000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0xB182A000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys => Invisible on the disk
ADDRESS : 0xB1831000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0xB183E000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\Thotkey.sys => Invisible on the disk
ADDRESS : 0xB185C000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0xB1869000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0xB1872000
SIZE    : 124.0 Ko

DRIVER  : C:\Windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0xB1891000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\UEFI.sys => Invisible on the disk
ADDRESS : 0xB1899000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\NdisVirtualBus.sys => Invisible on the disk
ADDRESS : 0xB18A4000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0xB18AF000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0xB1200000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\System32\drivers\iwdbus.sys => Invisible on the disk
ADDRESS : 0xB18B1000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\avchv.sys => Invisible on the disk
ADDRESS : 0xAFC34000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0xB18BD000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0xAF800000
SIZE    : 424.0 Ko

DRIVER  : C:\Windows\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0xAF600000
SIZE    : 480.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0xB1E2D000
SIZE    : 3.71 Mo

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0xAF678000
SIZE    : 284.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0xB21E2000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0xB1E00000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x001E7000
SIZE    : 4.09 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0xB22DF000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0xB0C46000
SIZE    : 2.71 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0xB22EB000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0xB2301000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0xB2328000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0xB2336000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00720000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0xB2343000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x0085F000
SIZE    : 236.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0xB2351000
SIZE    : 208.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0xB2385000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0xB23A9000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0xB2200000
SIZE    : 464.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0xB2274000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0xB2288000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0xB2471000
SIZE    : 1000.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0xB256B000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0xB258B000
SIZE    : 92.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0xB2400000
SIZE    : 432.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0xB25A2000
SIZE    : 228.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0xB25DB000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\aksdf.sys => Invisible on the disk
ADDRESS : 0xB25EA000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\aksfridge.sys => Invisible on the disk
ADDRESS : 0xB22A0000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\drivers\hardlock.sys => Invisible on the disk
ADDRESS : 0xB269B000
SIZE    : 320.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0xB26EB000
SIZE    : 300.0 Ko

DRIVER  : C:\Windows\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0xB2736000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0xB2753000
SIZE    : 676.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0xB2600000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0xB260B000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0xB264E000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0xB2807000
SIZE    : 688.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0xB28B3000
SIZE    : 568.0 Ko

DRIVER  : C:\Windows\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0xB2941000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\mrxdav.sys => Invisible on the disk
ADDRESS : 0xB2951000
SIZE    : 160.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

  • 0

#18
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi,

I'm sorry, weekends are difficult for me to respond timely.


MBRScan is good, your machine uses UEFI.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
  • 0

#19
Spencer4134

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

It is now the holidays so I am not sure when I will get access to this laptop again. Feel free to post the next instructions, though, and I will get to it as soon as I can. Thanks!

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2014
Ran by Bowplus (administrator) on CBSTOSH on 23-12-2014 15:24:42
Running from C:\Users\Bowplus\Desktop
Loaded Profile: Bowplus (Available profiles: Bowplus)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Electronics for Imaging, Inc.) C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Electronics for Imaging, Inc.) C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe
(Electronics for Imaging, Inc) C:\Program Files (x86)\Fiery\Applications3\Command WorkStation 5\FDC\FDC.exe
(Electronics For Imaging) C:\Program Files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSMailboxSyncService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\EFI\OFASQ\ofaApp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Fiery\Applications3\HotFolder\hotfolder.exe
() C:\Program Files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSSysTrayIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Fiery\Fiery Software Manager\Fiery Software Manager.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Flexera Software LLC) C:\Program Files (x86)\EFI\EFILM\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\EFI\EFILM\lmgrd.exe
(EFI Inc.) C:\Program Files (x86)\EFI\EFILM\EFI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Users\Bowplus\AppData\Local\Temp\RarSFX20\FSM\Fiery Software Manager.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [FRSSysTrayIcon] => C:\Program Files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSSysTrayIcon.exe [57344 2014-09-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-12-17] (Bitdefender)
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Run: [GoogleChromeAutoLaunch_531895E92825E8F79FA0C82707A227E6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bowplus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hotfolder.exe - Shortcut.lnk
ShortcutTarget: hotfolder.exe - Shortcut.lnk -> C:\Program Files (x86)\Fiery\Applications3\HotFolder\hotfolder.exe ()
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-696741958-2862974563-846841340-1001 -> {2F436636-E538-4692-912F-207099FB0E90} URL =
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{631A0648-D571-410F-A163-B9FBFEC76DCD}: [NameServer] 75.75.75.75,75.75.76.76
Tcpip\..\Interfaces\{DA9420F3-AC69-4B4C-9646-02BF83EAEC68}: [NameServer] 75.75.75.75,75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Bowplus\AppData\Roaming\Mozilla\Firefox\Profiles\far87mnr.default-1407361548559
FF DefaultSearchEngine: Google
FF Homepage: https://www.memotoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-07-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - [email protected] [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-15]
CHR Extension: (Google Docs) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-15]
CHR Extension: (Google Drive) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-15]
CHR Extension: (YouTube) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15]
CHR Extension: (Google Search) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15]
CHR Extension: (Google Sheets) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Google Wallet) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR Extension: (Gmail) - C:\Users\Bowplus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15]
CHR HKU\S-1-5-21-696741958-2862974563-846841340-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-27] (Adobe Systems) [File not signed]
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-17] (Bitdefender)
R2 EFI ES1000; C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe [11776 2009-10-19] (Electronics for Imaging, Inc.) [File not signed]
R2 EFI License Manager; C:\Program Files (x86)\EFI\EFILM\lmgrd.exe [1448752 2014-09-24] (Flexera Software LLC)
R2 Fiery Data Collector; C:\Program Files (x86)\Fiery\Applications3\Command WorkStation 5\FDC\FDC.exe [503808 2014-09-25] (Electronics for Imaging, Inc) [File not signed]
R2 Fiery Mailbox Synchronization; C:\Program Files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSMailboxSyncService.exe [11264 2014-09-11] (Electronics For Imaging) [File not signed]
S3 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 ofaApp; C:\Program Files (x86)\EFI\OFASQ\ofaApp.exe [2417856 2014-12-03] ()
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-12] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-17] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-11-12] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-11-12] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-25] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-17] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows ® Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-12-17] (BitDefender LLC)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291032 2013-11-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-10] (Windows ® Win 7 DDK provider)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-12] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
U0 SR; No ImagePath
U2 srservice; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:24 - 2014-12-23 15:25 - 00029064 _____ () C:\Users\Bowplus\Desktop\FRST.txt
2014-12-23 15:24 - 2014-12-23 15:24 - 00000000 ____D () C:\Users\Bowplus\Desktop\FRST-OlderVersion
2014-12-23 14:28 - 2014-12-23 14:28 - 00007622 _____ () C:\Users\Bowplus\AppData\Local\Resmon.ResmonCfg
2014-12-22 20:51 - 2014-12-22 21:23 - 00005632 _____ () C:\Users\Bowplus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-22 20:51 - 2014-12-22 20:51 - 00000000 ____D () C:\Users\Bowplus\Downloads\Documents\ezvid
2014-12-22 20:51 - 2014-12-22 20:51 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\ezvid,_inc
2014-12-19 13:04 - 2014-12-19 13:04 - 00044934 _____ () C:\Users\Bowplus\Desktop\MbrScan.log
2014-12-19 13:04 - 2014-12-19 13:04 - 00000512 _____ () C:\Users\Bowplus\Desktop\Dump_Hdd0_DR0.mbr
2014-12-19 13:03 - 2014-12-19 13:03 - 00147456 _____ (Eric_71) C:\Users\Bowplus\Desktop\MbrScan.exe
2014-12-19 12:31 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-19 12:31 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-18 10:28 - 2014-12-18 10:28 - 00007016 _____ () C:\Users\Bowplus\Desktop\GMER.txt
2014-12-18 10:18 - 2014-12-18 10:18 - 00380416 _____ () C:\Users\Bowplus\Desktop\jjvqgcqk.exe
2014-12-17 16:39 - 2014-12-17 17:42 - 00000000 ____D () C:\AdwCleaner
2014-12-17 16:39 - 2014-12-17 16:39 - 02166272 _____ () C:\Users\Bowplus\Desktop\AdwCleaner.exe
2014-12-17 16:21 - 2014-12-17 16:21 - 00000771 _____ () C:\Users\Bowplus\Desktop\JRT.txt
2014-12-17 09:44 - 2014-12-17 09:44 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-12-17 09:44 - 2014-12-17 09:44 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-12-17 09:44 - 2014-12-17 09:44 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2014-12-12 12:19 - 2014-12-12 12:19 - 00000000 __SHD () C:\Users\Bowplus\AppData\Local\EmieBrowserModeList
2014-12-12 10:40 - 2014-12-23 15:24 - 00000000 ____D () C:\FRST
2014-12-12 10:39 - 2014-12-23 15:24 - 02122240 _____ (Farbar) C:\Users\Bowplus\Desktop\FRST64.exe
2014-12-11 16:31 - 2014-12-12 10:28 - 00006040 _____ () C:\Users\Bowplus\Desktop\Agent list for 4441nBedford.txt
2014-12-11 15:16 - 2014-12-12 18:29 - 00039936 _____ () C:\Windows\system32\umstartup.etl
2014-12-11 13:41 - 2014-12-11 13:53 - 00000434 _____ () C:\Users\Bowplus\Desktop\Buyer Agents Over $500k Names.txt
2014-12-10 17:39 - 2014-12-10 17:39 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-12-10 05:53 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 05:53 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 05:53 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 05:53 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 05:38 - 2014-11-06 21:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 05:38 - 2014-11-06 20:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 05:38 - 2014-10-31 16:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 05:38 - 2014-10-31 16:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-10 05:37 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 05:37 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 05:37 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 05:37 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 05:37 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 05:37 - 2014-10-12 19:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-10 05:37 - 2014-10-12 19:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-10 05:37 - 2014-10-12 19:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-10 05:37 - 2014-10-12 19:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-10 05:36 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 05:36 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 05:36 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 05:36 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 05:36 - 2014-11-21 19:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 05:36 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 05:36 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 05:36 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 05:36 - 2014-11-21 19:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 05:36 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 05:36 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 05:36 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 05:36 - 2014-11-21 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 05:36 - 2014-11-21 18:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 05:36 - 2014-11-21 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 05:36 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 05:36 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 05:36 - 2014-11-21 18:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 05:36 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 05:36 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 05:36 - 2014-11-21 18:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 05:36 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 05:36 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 05:36 - 2014-11-21 18:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 05:36 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 05:36 - 2014-11-21 18:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 05:36 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 05:36 - 2014-11-21 18:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 05:36 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 05:36 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 05:36 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 05:36 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 05:36 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 05:36 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 15:44 - 2014-12-09 15:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 15:25 - 2014-12-09 15:25 - 01037026 _____ () C:\Users\Bowplus\Downloads\RE-BuyerAgentsOver$500k.avery
2014-12-09 15:19 - 2014-12-09 15:19 - 00988028 _____ () C:\Users\Bowplus\Desktop\RE-BuyerAgentsOver$500k.avery
2014-12-09 15:04 - 2014-12-09 15:04 - 00010986 _____ () C:\Users\Bowplus\Downloads\google(1).csv
2014-12-09 15:00 - 2014-12-09 15:00 - 00010986 _____ () C:\Users\Bowplus\Downloads\google.csv
2014-12-09 14:53 - 2014-12-09 14:53 - 00011160 _____ () C:\Users\Bowplus\Downloads\contacts.csv
2014-12-09 14:38 - 2014-12-09 14:38 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\DesktopDPO-d00b9882479ed9b4899926f5c7e44f49
2014-12-09 14:37 - 2014-12-09 14:37 - 00001914 _____ () C:\Users\Public\Desktop\Design&Print.lnk
2014-12-09 14:37 - 2014-12-09 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Products
2014-12-09 14:34 - 2014-12-09 14:37 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-12-05 15:59 - 2014-12-05 15:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-05 15:59 - 2014-12-05 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-05 15:59 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-05 15:59 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-05 15:59 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-05 15:59 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-05 15:58 - 2014-12-05 15:59 - 00006753 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-05 15:55 - 2014-12-05 15:55 - 00000000 ____D () C:\Users\Bowplus\Downloads\Documents\Impose
2014-12-04 16:36 - 2014-12-04 16:36 - 00000000 ____D () C:\Users\Bowplus\Downloads\Attachments_2014124(1)
2014-12-04 16:36 - 2014-12-04 16:36 - 00000000 ____D () C:\Users\Bowplus\Downloads\Attachments_2014124
2014-12-04 16:33 - 2014-12-04 16:33 - 00137337 _____ () C:\Users\Bowplus\Downloads\Attachments_2014124(1).zip
2014-12-04 16:32 - 2014-12-04 16:32 - 00184695 _____ () C:\Users\Bowplus\Downloads\Attachments_2014124.zip
2014-12-03 17:38 - 2014-12-04 13:02 - 00004891 _____ () C:\Users\Bowplus\Desktop\Foreclosures 14-12-3.txt
2014-12-03 15:37 - 2013-12-04 22:50 - 00000253 _____ () C:\Windows\UnInsDBP30.iss
2014-12-03 15:35 - 2014-12-12 09:19 - 00006345 _____ () C:\Users\Bowplus\Desktop\Buyer Agents.txt
2014-12-03 15:35 - 2014-12-03 15:35 - 00002180 _____ () C:\Users\Public\Desktop\Fiery Hot Folders.lnk
2014-12-03 15:35 - 2014-12-03 15:35 - 00000000 _____ () C:\Windows\hf_install.done
2014-12-03 15:35 - 2014-05-08 12:33 - 00000261 _____ () C:\Windows\UnInsHF30.iss
2014-12-03 15:34 - 2014-12-05 15:39 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\hotfolder
2014-12-03 15:34 - 2014-12-03 15:34 - 00002539 _____ () C:\Users\Public\Desktop\Fiery Command WorkStation 5.lnk
2014-12-03 15:34 - 2014-12-03 15:34 - 00000000 ____D () C:\ProgramData\Fiery Remote Scan
2014-12-03 15:34 - 2014-12-03 15:34 - 00000000 _____ () C:\Windows\cws_install.done
2014-12-03 15:34 - 2014-05-08 13:03 - 00000261 _____ () C:\Windows\UnIFRS56.ISS
2014-12-03 15:34 - 2013-09-26 10:37 - 00000263 _____ () C:\Windows\UnInCWS50.ISS
2014-12-03 15:32 - 2014-12-03 15:32 - 00274432 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\IscDbc.dll
2014-12-03 15:32 - 2014-12-03 15:32 - 00262144 _____ (IBPhoenix Inc) C:\Windows\SysWOW64\OdbcJdbcMT.dll
2014-12-03 15:32 - 2014-12-03 15:32 - 00253952 _____ (IBPhoenix Inc) C:\Windows\SysWOW64\OdbcJdbc.dll
2014-12-03 15:32 - 2014-12-03 15:32 - 00155648 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\OdbcJdbcSetup.dll
2014-12-03 15:32 - 2014-12-03 15:32 - 00000000 ____D () C:\ProgramData\Image Enhance Visual Editor
2014-12-03 15:32 - 2013-05-03 16:44 - 00000385 _____ () C:\Windows\UnInsIV30.iss
2014-12-03 15:32 - 2013-05-02 10:46 - 00000271 _____ () C:\Windows\UnInIEVE.iss
2014-12-03 15:30 - 2014-12-03 15:30 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-12-03 15:30 - 2009-12-08 15:58 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1io2_x64.sys
2014-12-03 15:30 - 2009-12-08 15:58 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1_x64.sys
2014-12-03 15:30 - 2009-12-08 15:58 - 00007808 _____ (GretagMacbeth LLC) C:\Windows\system32\Drivers\i1display_x64.sys
2014-12-03 15:30 - 2007-03-29 18:36 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1iSis_x64.sys
2014-12-03 15:29 - 2013-05-01 22:37 - 00000255 _____ () C:\Windows\UnInsHar30_CXP.ISS
2014-12-03 15:28 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2014-12-03 15:28 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2014-12-03 15:28 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys
2014-12-03 15:28 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2014-12-03 15:28 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2014-12-03 15:28 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys
2014-12-03 15:27 - 2013-05-01 22:37 - 00001065 ____N () C:\Windows\del_har.bat
2014-12-03 15:26 - 2014-12-03 15:26 - 00000469 _____ () C:\Windows\del_hf_dll.bat
2014-12-03 15:25 - 2014-12-03 15:27 - 00000176 _____ () C:\Windows\setup.log
2014-12-03 15:23 - 2014-12-03 15:37 - 00001622 _____ () C:\Windows\efiswupdater.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:19 - 2014-07-08 13:05 - 01874757 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 15:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-23 15:00 - 2014-07-08 14:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 14:56 - 2014-04-18 12:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 13:45 - 2014-06-13 05:37 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-696741958-2862974563-846841340-1001
2014-12-23 12:52 - 2014-09-24 15:02 - 00000257 _____ () C:\Users\Bowplus\AppData\Roaming\com.efi.FierySoftwareManager
2014-12-23 12:52 - 2014-09-24 15:02 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\Fiery Software Manager
2014-12-23 12:50 - 2014-06-17 08:28 - 00000000 __RDO () C:\Users\Bowplus\OneDrive
2014-12-23 12:49 - 2014-09-24 13:57 - 00000000 ___RD () C:\Users\Bowplus\Google Drive
2014-12-23 12:48 - 2014-04-18 12:31 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 12:48 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 21:55 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-22 15:08 - 2014-07-30 12:09 - 00008599 _____ () C:\Windows\setupact.log
2014-12-22 14:22 - 2014-03-25 20:26 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-21 10:13 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-20 03:11 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-18 10:20 - 2014-06-17 12:08 - 00000000 ____D () C:\Users\Bowplus\AppData\Local\CrashDumps
2014-12-17 17:43 - 2014-08-06 10:02 - 00024172 _____ () C:\Windows\PFRO.log
2014-12-17 16:35 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-17 09:43 - 2014-07-15 14:54 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-12-17 09:43 - 2014-07-15 14:46 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2014-12-12 14:56 - 2014-09-15 11:35 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 13:20 - 2014-03-25 21:52 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 02:34 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2014-12-10 22:46 - 2014-06-17 20:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 22:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-10 22:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-10 22:45 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 17:39 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\spool
2014-12-10 09:30 - 2014-06-21 15:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 09:27 - 2014-06-21 15:19 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 14:00 - 2014-07-08 14:41 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-05 15:59 - 2014-09-24 17:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-04 09:16 - 2014-06-13 05:29 - 00000000 ____D () C:\Users\Bowplus
2014-12-03 15:56 - 2014-09-25 14:15 - 00003862 _____ () C:\Windows\efi_test.log
2014-12-03 15:38 - 2014-09-24 18:01 - 00026291 _____ () C:\Windows\efiinst.log
2014-12-03 15:38 - 2014-09-24 18:01 - 00000000 ____D () C:\Program Files (x86)\Fiery
2014-12-03 15:38 - 2014-09-24 17:57 - 00013447 _____ () C:\Windows\efimi.log
2014-12-03 15:38 - 2014-09-24 15:03 - 00000000 ___HD () C:\Fiery Software Manager
2014-12-03 15:38 - 2014-03-25 21:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 15:37 - 2014-09-24 18:08 - 00000330 _____ () C:\Windows\efifsw.log
2014-12-03 15:35 - 2014-09-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiery
2014-12-03 15:34 - 2014-09-25 14:44 - 00000000 ____D () C:\Users\Bowplus\AppData\Roaming\EFI
2014-12-03 15:32 - 2014-09-24 18:04 - 00000401 _____ () C:\Windows\ODBCINST.INI
2014-12-03 15:30 - 2014-09-24 18:02 - 00000000 ____D () C:\ProgramData\Fiery Command WorkStation
2014-12-03 15:29 - 2014-09-24 18:01 - 00003364 _____ () C:\Windows\System32\Tasks\LINQ_wxWidgets
2014-12-03 15:29 - 2014-09-24 18:01 - 00000000 ____D () C:\ProgramData\efiLINQ
2014-12-03 15:28 - 2014-09-24 17:59 - 00045414 _____ () C:\Windows\aksdrvsetup.log
2014-12-03 15:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\setup
2014-12-03 14:04 - 2014-07-16 12:13 - 00000000 ____D () C:\Users\Bowplus\AppData\Temp
2014-12-03 14:02 - 2014-07-15 14:54 - 00000000 ____D () C:\ProgramData\BDLogging
2014-11-26 14:10 - 2013-08-22 08:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 14:10 - 2013-08-22 08:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-20 03:10

==================== End Of Log ============================

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2014
Ran by Bowplus at 2014-12-23 15:26:00
Running from C:\Users\Bowplus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{893CB813-4179-4BFE-8D33-ABCC38816B48}) (Version: 1.0.6 - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avery Design & Print (HKLM-x32\...\Avery Design & Print 1.0.0) (Version: 1.0.0 - Avery Products Corporation)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.12.0.958 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
Digital Pass Launcher (HKLM-x32\...\{2359C6E9-DE4F-4FDA-9C12-AE6EFC2EE330}) (Version: 1.0.0.0 - TOSHIBA America Information Systems, Inc)
EFI Flexera License Manager (remove only) (HKLM-x32\...\EFILM) (Version: 11.11.1.3 - EFI)
Fiery User Software-5.6.0.20 (HKLM-x32\...\{731B8125-5C8F-4422-BC5F-07A8CEE9538E}) (Version: 5.6.0.20 - Electronics For Imaging)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
hp LaserJet-all-in-one (HKLM-x32\...\hp LaserJet-all-in-one) (Version:  - hp)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)
License Activation (remove only) (HKLM-x32\...\OFASQ) (Version: 1.2.0.9 - EFI)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29073 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.6 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.3 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{4F0F44AF-90E9-4A6E-9E82-354A3AB79F22}) (Version: 1.0.0.2 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-12-2014 15:57:53 Installed Java 7 Update 71
10-12-2014 09:24:23 Windows Update
17-12-2014 17:03:28 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-08-13 09:07 - 2014-08-13 09:07 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DCB0136-761A-487F-9E87-83547AA6E636} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {4307FE6C-33DB-4725-A7A0-7127C3021633} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated)
Task: {5BD00B8C-019E-4B7F-BB0D-EEBC11EFD9F2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {5DD0D483-11B3-4B5D-AF8F-80ABCA676C6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {67C9D1B7-34FC-43AA-A80B-9DEE7D44C237} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {7F3A173A-67F9-4BB4-9109-23F6EF60B47E} - System32\Tasks\Fiery Software Manager => C:\Program Files (x86)\Fiery\Fiery Software Manager\Fiery Software Manager.exe [2014-09-17] ()
Task: {8D631C81-2D37-4C4F-BD62-22CA733B3814} - System32\Tasks\{541AFE6F-1BA0-479B-AF40-F3C170A27D42} => pcalua.exe -a "C:\Program Files (x86)\YTDownloader\YTDUninstall.exe"
Task: {A055BEB8-7005-4D10-BA29-5A1E003D71FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A4A943C2-3D3C-48E2-BAC8-A4C678A6E09E} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {A7E6E291-9082-43AA-8AFB-D212AD9D06AA} - System32\Tasks\LINQ_wxWidgets => C:\ProgramData\efiLINQ\efiLINQ.exe [2014-09-03] (Electronics For Imaging, Inc.)
Task: {AC864FD6-D66F-418A-9718-2754187E68AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {B6081EFB-F46A-47BB-ADC1-4C97B6954E53} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {CA8A3DDD-F5C0-4086-BE7C-390D69B87919} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-04 12:03 - 2014-09-04 12:03 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-07-15 14:54 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-07-15 14:54 - 2014-07-11 16:30 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-07-15 14:54 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-07-25 12:34 - 2014-07-25 12:34 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpbr.mdl
2014-07-25 12:34 - 2014-07-25 12:34 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpdsp.mdl
2014-07-25 12:34 - 2014-07-25 12:34 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpph.mdl
2014-07-25 12:34 - 2014-07-25 12:34 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttprbl.mdl
2014-09-24 18:06 - 2014-12-03 15:36 - 02417856 _____ () C:\Program Files (x86)\EFI\OFASQ\ofaApp.exe
2014-12-03 15:35 - 2014-09-25 00:33 - 01021952 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\HF3MenuExt64.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-12-03 15:35 - 2014-09-25 00:33 - 01118208 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\hotfolder.exe
2014-12-03 15:34 - 2014-09-11 20:53 - 00057344 _____ () C:\Program Files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSSysTrayIcon.exe
2014-12-03 15:38 - 2014-09-17 01:41 - 04908104 _____ () C:\Program Files (x86)\Fiery\Fiery Software Manager\Fiery Software Manager.exe
2014-12-23 12:50 - 2014-09-17 01:37 - 04077344 _____ () C:\Users\Bowplus\AppData\Local\Temp\RarSFX20\FSM\Fiery Software Manager.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-03 15:33 - 2009-02-17 11:19 - 00194048 _____ () C:\Program Files (x86)\Fiery\Applications3\Command WorkStation 5\FDC\curllib.dll
2014-12-03 15:33 - 2003-10-24 00:27 - 00110592 _____ () C:\Program Files (x86)\Fiery\Applications3\Command WorkStation 5\FDC\OpenLDAP.dll
2014-12-03 15:34 - 2014-09-11 20:53 - 00192512 _____ () C:\Program Files (x86)\Fiery\Applications3\Common Files\EFI\FolderMapping.dll
2014-09-24 18:06 - 2014-12-03 15:36 - 00663552 _____ () C:\Program Files (x86)\EFI\OFASQ\LIBEXPAT.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00303104 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\1BITTIFF.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00442368 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\libeficsl.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00492544 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\libacsredux.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00305664 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\efi_basics.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00186368 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdfwind.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00501248 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdfeye.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00017408 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdfgale.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00368128 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdfblizzard.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00355840 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdftyphoon.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00016384 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\pdfclouds.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00135168 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\LIBEXPAT.dll
2014-09-24 18:06 - 2014-09-08 11:39 - 00385024 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\CTLWtoPS.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00294912 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\DCS.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00483328 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\EPS.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00286720 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\ExportPS.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00253952 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\JDF.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00483328 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\JPEG.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00417792 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\MSOffice.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00344064 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\PDF.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00286720 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\PDF2GO.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00270336 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\PS.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00528384 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\TIFF.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00413696 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\TIFFIT.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00286720 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\VDP.fil
2014-09-24 18:06 - 2014-09-08 11:39 - 00307200 _____ () C:\Program Files (x86)\Fiery\Applications3\HotFolder\XRX.fil
2014-12-23 12:48 - 2014-12-23 12:48 - 00098816 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32api.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00110080 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\pywintypes27.dll
2014-12-23 12:48 - 2014-12-23 12:48 - 00364544 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\pythoncom27.dll
2014-12-23 12:48 - 2014-12-23 12:48 - 00045568 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_socket.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 01160704 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_ssl.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00320512 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32com.shell.shell.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00713216 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_hashlib.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 01175040 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._core_.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00805888 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._gdi_.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00811008 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._windows_.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 01062400 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._controls_.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00735232 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._misc_.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00128512 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_elementtree.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00127488 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\pyexpat.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00557056 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\pysqlite2._sqlite.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00087552 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_ctypes.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00119808 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32file.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00108544 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32security.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00007168 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\hashobjs_ext.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00167936 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32gui.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00018432 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32event.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00038912 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32inet.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00011264 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32crypt.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00070656 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._html2.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00027136 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\_multiprocessing.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00035840 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32process.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00686080 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\unicodedata.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00122368 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._wizard.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00024064 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32pipe.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00025600 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32pdh.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00525640 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\windows._lib_cacheinvalidation.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00010240 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\select.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00017408 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32profile.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00022528 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\win32ts.pyd
2014-12-23 12:48 - 2014-12-23 12:48 - 00078336 _____ () C:\Users\Bowplus\AppData\Local\Temp\_MEI46602\wx._animate.pyd
2014-04-18 11:58 - 2013-12-10 07:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-12-23 12:51 - 2014-09-17 00:39 - 00413184 _____ () C:\Users\Bowplus\AppData\Local\Temp\RarSFX20\FSM\updater_lib\Win\GradInterface.dll
2014-12-12 14:56 - 2014-12-05 18:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 14:56 - 2014-12-05 18:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 14:56 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 14:56 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-09 15:44 - 2014-12-09 15:44 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-25 16:04 - 2014-09-04 12:02 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll
2014-10-06 02:59 - 2014-11-24 18:32 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Bowplus\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Bowplus\Downloads\Support-LogMeInRescue(1).exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-696741958-2862974563-846841340-500 - Administrator - Disabled)
Bowplus (S-1-5-21-696741958-2862974563-846841340-1001 - Administrator - Enabled) => C:\Users\Bowplus
Guest (S-1-5-21-696741958-2862974563-846841340-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2014 01:45:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/18/2014 10:20:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jjvqgcqk.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: jjvqgcqk.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x91c
Faulting application start time: 0xjjvqgcqk.exe0
Faulting application path: jjvqgcqk.exe1
Faulting module path: jjvqgcqk.exe2
Report Id: jjvqgcqk.exe3
Faulting package full name: jjvqgcqk.exe4
Faulting package-relative application ID: jjvqgcqk.exe5

Error: (12/18/2014 10:19:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jjvqgcqk.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Faulting module name: jjvqgcqk.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83
Exception code: 0xc0000005
Fault offset: 0x000011aa
Faulting process id: 0x544
Faulting application start time: 0xjjvqgcqk.exe0
Faulting application path: jjvqgcqk.exe1
Faulting module path: jjvqgcqk.exe2
Report Id: jjvqgcqk.exe3
Faulting package full name: jjvqgcqk.exe4
Faulting package-relative application ID: jjvqgcqk.exe5

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37297

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37297

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/20/2014 05:59:23 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/20/2014 05:59:23 PM) (Source: DCOM) (EventID: 10010) (User: CBSTOSH)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (12/19/2014 04:11:03 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.0.101 with the system
having network hardware address 00-26-08-F4-7A-43. Network operations on this system may
be disrupted as a result.

Error: (12/18/2014 10:29:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.

Error: (12/18/2014 10:28:21 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (12/18/2014 10:28:18 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/18/2014 10:28:07 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (12/18/2014 10:28:07 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (12/18/2014 10:28:07 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/18/2014 10:27:52 AM) (Source: DCOM) (EventID: 10005) (User: CBSTOSH)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Microsoft Office Sessions:
=========================
Error: (12/23/2014 01:45:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/18/2014 10:20:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jjvqgcqk.exe2.1.19357.052e7ea83jjvqgcqk.exe2.1.19357.052e7ea83c0000005000011aa91c01d01ae6dde4d72cC:\Users\Bowplus\Desktop\jjvqgcqk.exeC:\Users\Bowplus\Desktop\jjvqgcqk.exe1e1653c4-86da-11e4-828c-f8a96316bafd

Error: (12/18/2014 10:19:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: jjvqgcqk.exe2.1.19357.052e7ea83jjvqgcqk.exe2.1.19357.052e7ea83c0000005000011aa54401d01ae6cef6c07eC:\Users\Bowplus\Desktop\jjvqgcqk.exeC:\Users\Bowplus\Desktop\jjvqgcqk.exe14f19d5e-86da-11e4-828c-f8a96316bafd

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37297

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37297

Error: (12/17/2014 05:52:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Processor: Intel® Core™ i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 36%
Total physical RAM: 6054.98 MB
Available physical RAM: 3838.88 MB
Total Pagefile: 7014.98 MB
Available Pagefile: 4685.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (TI10692000E) (Fixed) (Total:687.94 GB) (Free:558.17 GB) NTFS
Drive e: (USB20FD) (Removable) (Total:1.87 GB) (Free:0.73 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)

==================== End Of Log ============================


  • 0

#20
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi,

Holidays are also a special time for me, it may happen that until Monday I won't be able to respond timely. Merry Christmas :)



51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.


ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:
  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!
  • 0

#21
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP