Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Explorer and windows media Player crashing among other program


  • This topic is locked This topic is locked

#1
x_LUIS_X

x_LUIS_X

    Member

  • Member
  • PipPipPip
  • 131 posts

Hello Geeks I having this problem from like 3 weeks ago it began with the windows explorer and youtube website start crashing

and then any other webpage with a video player crashes and the window media player,VLC media player too

and other programs too. it takes a long time to boot

thank you for the Help

 

 


  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hey, sorry for the delay. :)

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

  • 0

#3
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

Hi Machiavelli and thanks for your help and time...

 

 I  run the FRST but it freezes at Listing Installed Programs and I try 3 times

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Desktop (administrator) on DESKTOP-HP on 14-01-2015 16:29:04
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Desktop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-10]
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-10]
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-10]
CHR Extension: (Google Sheets) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-07-07] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2014-06-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-07-07] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 V0500Dev; C:\Windows\System32\DRIVERS\V0500Vid.sys [310432 2009-09-30] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:29 - 2015-01-14 16:29 - 00019174 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-14 15:41 - 2015-01-14 16:28 - 00000872 _____ () C:\Users\Desktop\Desktop\Addition.txt
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-14 16:29 - 00000000 ____D () C:\FRST
2015-01-14 15:17 - 2015-01-14 15:17 - 02125312 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-13 22:01 - 2015-01-14 15:05 - 00000336 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:31 - 2015-01-14 15:12 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-13 16:31 - 2015-01-14 15:12 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-09 14:24 - 2015-01-09 14:27 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620
2014-12-15 23:38 - 2014-12-15 23:38 - 00229806 _____ () C:\Users\Desktop\Documents\cc_20141215_233757.reg
2014-12-15 21:08 - 2014-12-15 21:08 - 00002054 _____ () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:11 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:48 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 15:44 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:16 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-14 15:13 - 2013-09-21 22:45 - 01636105 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 15:09 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001902 _____ () C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001196 _____ () C:\Windows\Tasks\Safe Saver-codedownloader.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001192 _____ () C:\Windows\Tasks\Safe Saver-updater.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001096 _____ () C:\Windows\Tasks\Safe Saver-enabler.job
2015-01-14 15:08 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 15:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 02:54 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-14 02:39 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:04 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:04 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-10 21:37 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 21:49 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-09 14:58 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 14:29 - 2013-10-14 14:32 - 00000000 ____D () C:\Users\Desktop\AppData\Local\AVG SafeGuard toolbar
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 18:02 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 18:59 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 18:59 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-12-18 23:42 - 2013-05-23 19:53 - 00000000 ____D () C:\Users\Desktop\Documents\ConvertXToDVD
2014-12-18 21:29 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2014-12-18 21:29 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job
2014-12-15 21:08 - 2014-10-22 02:07 - 00002024 _____ () C:\Users\Desktop\Desktop\FileHippo App Manager.lnk
2014-12-15 20:57 - 2013-05-14 18:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 20:57 - 2013-05-14 18:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2015 01
Ran by Desktop at 2015-01-14 16:29:27
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


Edited by x_LUIS_X, 14 January 2015 - 05:59 PM.

  • 0

#4
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Please download the new version and do the scan again. :)
  • 0

#5
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

Hello Machiavelli  here are the los that you requested

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Desktop (administrator) on DESKTOP-HP on 15-01-2015 15:17:19
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Desktop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-10]
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-10]
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-10]
CHR Extension: (Google Sheets) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-07-07] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2014-06-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-07-07] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 V0500Dev; C:\Windows\System32\DRIVERS\V0500Vid.sys [310432 2009-09-30] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 15:17 - 2015-01-15 15:17 - 00020071 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-15 15:15 - 2015-01-15 15:15 - 02125312 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-14 18:25 - 2015-01-14 18:30 - 00000000 ____D () C:\Users\Desktop\Downloads\BELLADURPMHD
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-15 15:17 - 00000000 ____D () C:\FRST
2015-01-13 22:01 - 2015-01-15 15:10 - 00000672 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:31 - 2015-01-14 15:12 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-13 16:31 - 2015-01-14 15:12 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-09 14:24 - 2015-01-09 14:27 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-14 17:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 15:14 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 15:12 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-15 15:11 - 2013-09-21 22:45 - 01669639 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 15:11 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 15:10 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001902 _____ () C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001196 _____ () C:\Windows\Tasks\Safe Saver-codedownloader.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001192 _____ () C:\Windows\Tasks\Safe Saver-updater.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001096 _____ () C:\Windows\Tasks\Safe Saver-enabler.job
2015-01-15 15:10 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 03:20 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-14 19:50 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-14 19:48 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-14 18:30 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-14 15:09 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-14 15:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:04 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:04 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 21:49 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-09 14:58 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 14:29 - 2013-10-14 14:32 - 00000000 ____D () C:\Users\Desktop\AppData\Local\AVG SafeGuard toolbar
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 18:59 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 18:59 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-12-18 23:42 - 2013-05-23 19:53 - 00000000 ____D () C:\Users\Desktop\Documents\ConvertXToDVD
2014-12-18 21:29 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2014-12-18 21:29 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-04 18:52

==================== End Of Log ============================

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Desktop at 2015-01-15 15:17:42
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ConvertXtoDVD 4.0.12.327 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVDFab 8.0.6.8 (05/01/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.8 (26/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Dynex 1.3MP Webcam Driver (1.01.04.00) (HKLM\...\Dynex VF0500) (Version:  - Dynex)
Dynex Live! Central (HKLM-x32\...\Dynex Live! Central) (Version: 2.00.22 - Creative Technology Ltd)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flixster (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodi (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.3.18 - Nike)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PeaZip 5.5.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sansa Updater (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Win Bus Messenger version 1.0.112 (HKLM-x32\...\{5CCDC5B4-0C5B-4441-9E17-0EED64D7B8DK}_is1) (Version: 1.0.112 - DelphiWorx)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

25-12-2014 19:00:25 Windows Update
29-12-2014 14:06:49 Windows Update
01-01-2015 18:44:24 Windows Update
01-01-2015 20:05:03 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
01-01-2015 20:05:26 Installed DirectX
05-01-2015 13:24:13 Windows Update
08-01-2015 13:52:10 Windows Update
10-01-2015 20:29:36 Revo Uninstaller's restore point - magicJack
10-01-2015 20:35:22 Revo Uninstaller's restore point - Battlefield Play4Free
10-01-2015 20:59:19 Revo Uninstaller's restore point - Freemake Video Converter version 4.1.5
11-01-2015 21:35:18 Windows Update
13-01-2015 22:04:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-07-19 15:23 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D888065-7588-499D-A4B8-6A98DB461216} - System32\Tasks\Safe Saver-updater => C:\Program Files (x86)\Safe Saver\Safe Saver-updater.exe
Task: {21A98F91-F0F4-4F75-9A5D-4CB6D5291025} - System32\Tasks\Safe Saver-enabler => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe
Task: {2C4A1E1F-3F1C-4A14-BA0D-F3E14FA489C1} - System32\Tasks\HPCeeScheduleForDesktop => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {30842E09-A031-4E6B-9711-3A9E416D61C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {30FA83A7-B968-47E0-A7D0-D9460072A717} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {3268E651-7557-4951-BFD0-AD4C9CEC885C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {533F9551-3E7A-47C1-94C2-985E763C6C72} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {5A3C57A1-6CA2-4C38-8024-64BA8DEA6E40} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {6902E89B-C3EC-4B45-AD02-EB768982082E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {6999C65D-A7BE-4397-B820-04EB9F19C637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {6BA0CDEB-00D8-4232-8465-2B4475B74C9B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {712EE8B0-F94D-451F-8767-71415BC94C04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-21] (Microsoft)
Task: {79863093-87C4-4973-9DB0-3072775F56DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7C60EE88-0548-4A48-806F-3ADCCAB3D0E6} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {885B1918-0631-47E6-9CCF-249EF52A35D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {A433BF79-F211-49B0-B53D-2C2C76147463} - System32\Tasks\Safe Saver-codedownloader => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: {BBFE5BD2-0C15-45D9-917E-2B4E8CBCD4D1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {C79BFB8C-C33B-4E73-9E35-A91CE51653BC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {C9D0DC79-4899-46C6-8589-0298BF9A1FFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {CC382EDE-B268-461B-8E64-B4017D2A8ED7} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {CC6891C0-FD88-4D90-8A5F-139897C1DECF} - System32\Tasks\Safe Saver-chromeinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: {CE3FEC92-5BA3-48DD-82FC-270D999DFFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {D502EAAB-8229-49B7-83EF-88A32F18DFF9} - System32\Tasks\Norton Security Scan for Desktop => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: {DA0249DF-D68A-419C-82C5-AE26C5C3C961} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3CF800D-E6CD-45F2-ADA3-1A28221286A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E787AD76-1641-408F-A8FD-F94AED22AD73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {EB0D59E7-C1D1-46DB-A924-069210D11B83} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F2B038B7-BAEB-494B-88A2-BADAA0C99E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {F5AE8F22-D1E0-4F68-B275-E096AAD53A7A} - System32\Tasks\HPCeeScheduleForDESKTOP-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDesktop.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Desktop.job => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: C:\Windows\Tasks\Safe Saver-chromeinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: C:\Windows\Tasks\Safe Saver-codedownloader.job => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: C:\Windows\Tasks\Safe Saver-enabler.job => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe
Task: C:\Windows\Tasks\Safe Saver-updater.job => C:\Program Files (x86)\Safe Saver\Safe Saver-updater.exe

==================== Loaded Modules (whitelisted) =============

2014-02-15 17:25 - 2014-02-16 03:15 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-09-15 11:31 - 2010-09-15 11:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-12-11 04:30 - 2014-12-11 04:30 - 01444560 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2010-12-15 10:38 - 2010-09-20 04:13 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 14:23 - 2014-11-20 13:57 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2013-05-20 21:45 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2010-07-01 23:13 - 2010-07-01 23:13 - 01004840 _____ () c:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2010-12-15 10:38 - 2010-09-20 04:13 - 00028672 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00144680 _____ () c:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: cdloader => "C:\Users\Desktop\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

========================= Accounts: ==========================

Administrator (S-1-5-21-3213102928-3512760173-2800184843-500 - Administrator - Disabled)
Desktop (S-1-5-21-3213102928-3512760173-2800184843-1000 - Administrator - Enabled) => C:\Users\Desktop
Guest (S-1-5-21-3213102928-3512760173-2800184843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3213102928-3512760173-2800184843-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2015 07:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ehshell.exe, version: 6.1.7600.16385, time stamp: 0x4a5bd053
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1508
Faulting application start time: 0xehshell.exe0
Faulting application path: ehshell.exe1
Faulting module path: ehshell.exe2
Report Id: ehshell.exe3

Error: (01/14/2015 07:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1fc4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:44:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1928
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x6a4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xec4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xb9c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1420
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x16f8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x12e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1354
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (01/09/2015 02:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/09/2015 02:31:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1069

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/09/2015 02:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/09/2015 02:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Client Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/09/2015 02:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Document Manager service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/09/2015 02:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (01/14/2015 07:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ehshell.exe6.1.7600.163854a5bd053ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102150801d0306da4ff4bf1C:\Windows\ehome\ehshell.exeC:\Windows\SYSTEM32\ntdll.dlle4407cd3-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce7531fc401d0306d297c5845C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll6c3c7967-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:44:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753192801d0306b879d18f7C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll6127b0e3-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce7536a401d0306b81a43a34C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllc4487000-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753ec401d0306b7087ccb8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllbb316104-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753b9c01d0306b66d56a54C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlla730e615-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753142001d0306af147d97fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlla140a78c-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce75316f801d0306ad1a20567C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll9205c886-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce75312e001d03069bbbac778C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll0c838153-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753135401d03069bbb86618C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllfb6f4473-9c5c-11e4-93c0-64315045182c

==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1045T Processor
Percentage of memory in use: 16%
Total physical RAM: 8191.29 MB
Available physical RAM: 6845.66 MB
Total Pagefile: 16380.75 MB
Available Pagefile: 13735.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.86 GB) (Free:861.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.31 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 00041C69)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1383.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#6
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

  • 0

#7
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

Hello here are the logs

 

 

# AdwCleaner v4.108 - Report created 17/01/2015 at 19:24:58
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Desktop - DESKTOP-HP
# Running from : C:\Users\Desktop\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.99

*************************

AdwCleaner[R0].txt - [9256 octets] - [09/01/2015 14:24:21]
AdwCleaner[R1].txt - [1358 octets] - [16/01/2015 16:48:36]
AdwCleaner[R2].txt - [990 octets] - [17/01/2015 19:21:43]
AdwCleaner[S0].txt - [9274 octets] - [09/01/2015 14:27:45]
AdwCleaner[S1].txt - [1431 octets] - [16/01/2015 16:52:47]
AdwCleaner[S2].txt - [912 octets] - [17/01/2015 19:24:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [971 octets] ##########

 

 

 

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/16/2015
Scan Time: 5:05:31 PM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.16.14
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Desktop

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335998
Time Elapsed: 17 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Desktop on Sat 01/17/2015 at 19:13:43.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-updater.job

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/17/2015 at 19:16:23.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015
Ran by Desktop (administrator) on DESKTOP-HP on 17-01-2015 19:34:54
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6154008 2013-05-24] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Desktop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-10]
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-10]
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-10]
CHR Extension: (Google Sheets) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-07-07] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2014-06-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-07-07] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 V0500Dev; C:\Windows\System32\DRIVERS\V0500Vid.sys [310432 2009-09-30] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 19:34 - 2015-01-17 19:35 - 00018991 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-17 19:34 - 2015-01-17 19:34 - 00000000 ____D () C:\Users\Desktop\Desktop\FRST-OlderVersion
2015-01-17 19:20 - 2015-01-17 19:20 - 02186752 _____ () C:\Users\Desktop\Desktop\AdwCleaner.exe
2015-01-17 19:16 - 2015-01-17 19:16 - 00001596 _____ () C:\Users\Desktop\Desktop\JRT.txt
2015-01-17 19:13 - 2015-01-17 19:13 - 00000000 ____D () C:\Windows\ERUNT
2015-01-17 18:40 - 2015-01-17 18:40 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-16 17:28 - 2015-01-16 17:28 - 00001066 _____ () C:\Users\Desktop\Desktop\malwarebytes.txt
2015-01-16 16:57 - 2015-01-17 18:40 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-16 16:53 - 2015-01-17 19:25 - 00000628 _____ () C:\Windows\PFRO.log
2015-01-16 16:46 - 2015-01-16 16:46 - 01707939 _____ (Thisisu) C:\Users\Desktop\Desktop\JRT.exe
2015-01-16 02:03 - 2015-01-16 02:06 - 00000000 ____D () C:\Users\Desktop\Downloads\Cantinflas 2014 1080p Web-Dl PMHD.part1
2015-01-15 15:15 - 2015-01-17 19:34 - 02126336 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-14 18:25 - 2015-01-14 18:30 - 00000000 ____D () C:\Users\Desktop\Downloads\BELLADURPMHD
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-17 19:34 - 00000000 ____D () C:\FRST
2015-01-13 22:01 - 2015-01-17 19:26 - 00001792 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 14:24 - 2015-01-17 19:24 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-14 17:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 19:33 - 2013-09-21 22:45 - 01807942 _____ () C:\Windows\WindowsUpdate.log
2015-01-17 19:29 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-17 19:27 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-17 19:26 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-17 19:26 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-17 19:26 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-17 19:26 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-17 19:26 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 19:11 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-17 18:49 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-17 18:49 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-17 18:49 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 18:44 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-17 18:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-17 00:39 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-16 23:54 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-16 23:54 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-16 21:48 - 2014-09-24 16:19 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 17:55 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-16 16:40 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-16 16:40 - 2013-05-20 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-16 16:40 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2015-01-15 03:20 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-14 19:50 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-14 18:30 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:04 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-18 23:42 - 2013-05-23 19:53 - 00000000 ____D () C:\Users\Desktop\Documents\ConvertXToDVD
2014-12-18 21:29 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2014-12-18 21:29 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job

==================== Files in the root of some directories =======
2013-05-18 16:10 - 2013-05-18 16:10 - 0099384 _____ () C:\Users\Desktop\AppData\Roaming\inst.exe
2013-05-18 16:10 - 2013-05-18 16:10 - 0007859 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.cat
2013-05-18 16:10 - 2013-05-18 16:10 - 0001167 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.inf
2013-05-18 16:12 - 2013-05-18 16:12 - 0000034 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.log
2013-05-18 16:10 - 2013-05-18 16:10 - 0082816 _____ (VSO Software) C:\Users\Desktop\AppData\Roaming\pcouffin.sys
2013-05-18 16:13 - 2014-12-28 00:46 - 0001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2013-10-26 16:36 - 2014-11-28 18:09 - 0019968 _____ () C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 01:11 - 2014-05-23 01:11 - 0007625 _____ () C:\Users\Desktop\AppData\Local\Resmon.ResmonCfg
2014-08-31 01:35 - 2014-08-31 01:35 - 0000000 _____ () C:\Users\Desktop\AppData\Local\{2755F927-71EC-43A7-B0F2-8D344CFF2BC1}
2013-05-14 22:17 - 2013-07-24 23:56 - 0003196 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Desktop\AppData\Local\Temp\Quarantine.exe
C:\Users\Desktop\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-04 18:52

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015
Ran by Desktop at 2015-01-17 19:36:00
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ConvertXtoDVD 4.0.12.327 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVDFab 8.0.6.8 (05/01/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.8 (26/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Dynex 1.3MP Webcam Driver (1.01.04.00) (HKLM\...\Dynex VF0500) (Version:  - Dynex)
Dynex Live! Central (HKLM-x32\...\Dynex Live! Central) (Version: 2.00.22 - Creative Technology Ltd)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flixster (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodi (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.3.18 - Nike)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PeaZip 5.5.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sansa Updater (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Win Bus Messenger version 1.0.112 (HKLM-x32\...\{5CCDC5B4-0C5B-4441-9E17-0EED64D7B8DK}_is1) (Version: 1.0.112 - DelphiWorx)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

25-12-2014 19:00:25 Windows Update
29-12-2014 14:06:49 Windows Update
01-01-2015 18:44:24 Windows Update
01-01-2015 20:05:03 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
01-01-2015 20:05:26 Installed DirectX
05-01-2015 13:24:13 Windows Update
08-01-2015 13:52:10 Windows Update
10-01-2015 20:29:36 Revo Uninstaller's restore point - magicJack
10-01-2015 20:35:22 Revo Uninstaller's restore point - Battlefield Play4Free
10-01-2015 20:59:19 Revo Uninstaller's restore point - Freemake Video Converter version 4.1.5
11-01-2015 21:35:18 Windows Update
13-01-2015 22:04:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-07-19 15:23 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2C4A1E1F-3F1C-4A14-BA0D-F3E14FA489C1} - System32\Tasks\HPCeeScheduleForDesktop => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {30842E09-A031-4E6B-9711-3A9E416D61C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {30FA83A7-B968-47E0-A7D0-D9460072A717} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {3268E651-7557-4951-BFD0-AD4C9CEC885C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {36224B61-5957-4F8D-A5CD-D8BF53F900C6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {533F9551-3E7A-47C1-94C2-985E763C6C72} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {5A3C57A1-6CA2-4C38-8024-64BA8DEA6E40} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {6902E89B-C3EC-4B45-AD02-EB768982082E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {6999C65D-A7BE-4397-B820-04EB9F19C637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {712EE8B0-F94D-451F-8767-71415BC94C04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-21] (Microsoft)
Task: {79863093-87C4-4973-9DB0-3072775F56DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7C60EE88-0548-4A48-806F-3ADCCAB3D0E6} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {885B1918-0631-47E6-9CCF-249EF52A35D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {BBFE5BD2-0C15-45D9-917E-2B4E8CBCD4D1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {C9D0DC79-4899-46C6-8589-0298BF9A1FFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {CC382EDE-B268-461B-8E64-B4017D2A8ED7} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {CE3FEC92-5BA3-48DD-82FC-270D999DFFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {D502EAAB-8229-49B7-83EF-88A32F18DFF9} - System32\Tasks\Norton Security Scan for Desktop => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: {DA0249DF-D68A-419C-82C5-AE26C5C3C961} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3CF800D-E6CD-45F2-ADA3-1A28221286A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E787AD76-1641-408F-A8FD-F94AED22AD73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {EB0D59E7-C1D1-46DB-A924-069210D11B83} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F2B038B7-BAEB-494B-88A2-BADAA0C99E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {F5AE8F22-D1E0-4F68-B275-E096AAD53A7A} - System32\Tasks\HPCeeScheduleForDESKTOP-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {FA1AC578-021E-4C80-BA16-51A79032AB4E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDesktop.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Desktop.job => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe

==================== Loaded Modules (whitelisted) =============

2014-02-15 17:25 - 2014-02-16 03:15 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-09-15 11:31 - 2010-09-15 11:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-12-11 04:30 - 2014-12-11 04:30 - 01444560 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2010-12-15 10:38 - 2010-09-20 04:13 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 14:23 - 2014-11-20 13:57 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2013-05-20 21:45 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2010-07-01 23:13 - 2010-07-01 23:13 - 01004840 _____ () c:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2010-12-15 10:38 - 2010-09-20 04:13 - 00028672 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00144680 _____ () c:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: cdloader => "C:\Users\Desktop\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

========================= Accounts: ==========================

Administrator (S-1-5-21-3213102928-3512760173-2800184843-500 - Administrator - Disabled)
Desktop (S-1-5-21-3213102928-3512760173-2800184843-1000 - Administrator - Enabled) => C:\Users\Desktop
Guest (S-1-5-21-3213102928-3512760173-2800184843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3213102928-3512760173-2800184843-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1045T Processor
Percentage of memory in use: 33%
Total physical RAM: 8191.29 MB
Available physical RAM: 5432.45 MB
Total Pagefile: 16380.75 MB
Available Pagefile: 13684.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.86 GB) (Free:855.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.31 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 00041C69)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1383.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#8
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hey, :)


Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
    HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
    Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?
  • 0

#9
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

 

 

Hello Machiavelli  the internet Explorer keeps crashing like youtube, realplayer cloud Facebook and Kodi not even start to watch youtube I use Google Chrome seems to be ok

here are the Logs

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-01-2015 01
Ran by Desktop at 2015-01-18 15:14:57 Run:1
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9ad977d-6add-11e4-bf38-64315045182c}" => Key deleted successfully.
HKCR\CLSID\{a9ad977d-6add-11e4-bf38-64315045182c} => Key not found.
"HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc6efaa4-3157-11e4-b249-64315045182c}" => Key deleted successfully.
HKCR\CLSID\{fc6efaa4-3157-11e4-b249-64315045182c} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found.
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
EmptyTemp: => Removed 50.6 GB temporary data.

The system needed a reboot.

==== End of Fixlog 15:15:54 ====

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015 01
Ran by Desktop (administrator) on DESKTOP-HP on 18-01-2015 15:33:06
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6154008 2013-05-24] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Desktop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-10]
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-10]
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-10]
CHR Extension: (Google Sheets) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-07-07] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2014-06-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-07-07] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 V0500Dev; C:\Windows\System32\DRIVERS\V0500Vid.sys [310432 2009-09-30] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 15:33 - 2015-01-18 15:33 - 00018186 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-18 15:22 - 2015-01-18 15:22 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-18 15:22 - 2015-01-18 15:22 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-18 15:13 - 2015-01-18 15:13 - 00000000 ____D () C:\Users\Desktop\Desktop\FRST-OlderVersion
2015-01-17 19:20 - 2015-01-17 19:20 - 02186752 _____ () C:\Users\Desktop\Desktop\AdwCleaner.exe
2015-01-17 19:13 - 2015-01-17 19:13 - 00000000 ____D () C:\Windows\ERUNT
2015-01-16 16:53 - 2015-01-17 19:25 - 00000628 _____ () C:\Windows\PFRO.log
2015-01-16 16:46 - 2015-01-16 16:46 - 01707939 _____ (Thisisu) C:\Users\Desktop\Desktop\JRT.exe
2015-01-15 15:15 - 2015-01-18 15:13 - 02126848 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-18 15:33 - 00000000 ____D () C:\FRST
2015-01-13 22:01 - 2015-01-18 15:18 - 00002296 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 14:24 - 2015-01-17 19:24 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-18 15:26 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 15:29 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 15:29 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 15:27 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-18 15:26 - 2013-09-21 22:45 - 01887269 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 15:22 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-18 15:20 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 15:19 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-18 15:19 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-18 15:19 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-18 15:19 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-18 15:18 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 14:54 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-18 14:50 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-18 14:50 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 14:50 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-17 23:54 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-17 22:57 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2015-01-17 22:57 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job
2015-01-17 19:11 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-17 18:43 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-16 21:48 - 2014-09-24 16:19 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 17:55 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-16 16:40 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-16 16:40 - 2013-05-20 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-16 16:40 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2015-01-15 03:20 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-14 19:50 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-14 18:30 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

==================== Files in the root of some directories =======
2013-05-18 16:10 - 2013-05-18 16:10 - 0099384 _____ () C:\Users\Desktop\AppData\Roaming\inst.exe
2013-05-18 16:10 - 2013-05-18 16:10 - 0007859 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.cat
2013-05-18 16:10 - 2013-05-18 16:10 - 0001167 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.inf
2013-05-18 16:12 - 2013-05-18 16:12 - 0000034 _____ () C:\Users\Desktop\AppData\Roaming\pcouffin.log
2013-05-18 16:10 - 2013-05-18 16:10 - 0082816 _____ (VSO Software) C:\Users\Desktop\AppData\Roaming\pcouffin.sys
2013-05-18 16:13 - 2014-12-28 00:46 - 0001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2013-10-26 16:36 - 2014-11-28 18:09 - 0019968 _____ () C:\Users\Desktop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-23 01:11 - 2014-05-23 01:11 - 0007625 _____ () C:\Users\Desktop\AppData\Local\Resmon.ResmonCfg
2014-08-31 01:35 - 2014-08-31 01:35 - 0000000 _____ () C:\Users\Desktop\AppData\Local\{2755F927-71EC-43A7-B0F2-8D344CFF2BC1}
2013-05-14 22:17 - 2013-07-24 23:56 - 0003196 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-04 18:52

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
Ran by Desktop at 2015-01-18 15:34:14
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ConvertXtoDVD 4.0.12.327 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVDFab 8.0.6.8 (05/01/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.8 (26/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Dynex 1.3MP Webcam Driver (1.01.04.00) (HKLM\...\Dynex VF0500) (Version:  - Dynex)
Dynex Live! Central (HKLM-x32\...\Dynex Live! Central) (Version: 2.00.22 - Creative Technology Ltd)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flixster (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodi (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Kodi) (Version:  - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.3.18 - Nike)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PeaZip 5.5.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sansa Updater (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Win Bus Messenger version 1.0.112 (HKLM-x32\...\{5CCDC5B4-0C5B-4441-9E17-0EED64D7B8DK}_is1) (Version: 1.0.112 - DelphiWorx)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

10-01-2015 20:35:22 Revo Uninstaller's restore point - Battlefield Play4Free
10-01-2015 20:59:19 Revo Uninstaller's restore point - Freemake Video Converter version 4.1.5
11-01-2015 21:35:18 Windows Update
13-01-2015 22:04:56 Windows Update
17-01-2015 23:16:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-07-19 15:23 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E93D7F7-F8B7-4F16-8565-B858F5CF19F6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2C4A1E1F-3F1C-4A14-BA0D-F3E14FA489C1} - System32\Tasks\HPCeeScheduleForDesktop => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {30842E09-A031-4E6B-9711-3A9E416D61C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {30FA83A7-B968-47E0-A7D0-D9460072A717} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {3268E651-7557-4951-BFD0-AD4C9CEC885C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {533F9551-3E7A-47C1-94C2-985E763C6C72} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {5A3C57A1-6CA2-4C38-8024-64BA8DEA6E40} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {6902E89B-C3EC-4B45-AD02-EB768982082E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {6999C65D-A7BE-4397-B820-04EB9F19C637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {712EE8B0-F94D-451F-8767-71415BC94C04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-21] (Microsoft)
Task: {73A267B7-971B-4D94-B088-7C255796AC04} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {79863093-87C4-4973-9DB0-3072775F56DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7C60EE88-0548-4A48-806F-3ADCCAB3D0E6} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {885B1918-0631-47E6-9CCF-249EF52A35D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {BBFE5BD2-0C15-45D9-917E-2B4E8CBCD4D1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {C9D0DC79-4899-46C6-8589-0298BF9A1FFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {CC382EDE-B268-461B-8E64-B4017D2A8ED7} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {CE3FEC92-5BA3-48DD-82FC-270D999DFFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {D502EAAB-8229-49B7-83EF-88A32F18DFF9} - System32\Tasks\Norton Security Scan for Desktop => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: {DA0249DF-D68A-419C-82C5-AE26C5C3C961} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3CF800D-E6CD-45F2-ADA3-1A28221286A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E787AD76-1641-408F-A8FD-F94AED22AD73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {EB0D59E7-C1D1-46DB-A924-069210D11B83} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F2B038B7-BAEB-494B-88A2-BADAA0C99E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {F5AE8F22-D1E0-4F68-B275-E096AAD53A7A} - System32\Tasks\HPCeeScheduleForDESKTOP-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDesktop.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Desktop.job => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe

==================== Loaded Modules (whitelisted) =============

2014-02-15 17:25 - 2014-02-16 03:15 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-09-15 11:31 - 2010-09-15 11:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-12-11 04:30 - 2014-12-11 04:30 - 01444560 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2010-12-15 10:38 - 2010-09-20 04:13 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 14:23 - 2014-11-20 13:57 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2013-05-20 21:45 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2010-07-01 23:13 - 2010-07-01 23:13 - 01004840 _____ () c:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2010-12-15 10:38 - 2010-09-20 04:13 - 00028672 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00144680 _____ () c:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: cdloader => "C:\Users\Desktop\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

========================= Accounts: ==========================

Administrator (S-1-5-21-3213102928-3512760173-2800184843-500 - Administrator - Disabled)
Desktop (S-1-5-21-3213102928-3512760173-2800184843-1000 - Administrator - Enabled) => C:\Users\Desktop
Guest (S-1-5-21-3213102928-3512760173-2800184843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3213102928-3512760173-2800184843-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 03:27:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Kodi.exe, version: 14.0.0.0, time stamp: 0x54990369
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x12ec
Faulting application start time: 0xKodi.exe0
Faulting application path: Kodi.exe1
Faulting module path: Kodi.exe2
Report Id: Kodi.exe3

Error: (01/18/2015 00:49:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/18/2015 00:17:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x193c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/17/2015 10:58:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Kodi.exe, version: 14.0.0.0, time stamp: 0x54990369
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1468
Faulting application start time: 0xKodi.exe0
Faulting application path: Kodi.exe1
Faulting module path: Kodi.exe2
Report Id: Kodi.exe3

Error: (01/17/2015 08:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YAHOOM~1.EXE, version: 11.5.0.228, time stamp: 0x4fbf6b79
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000343e0
Faulting process id: 0x162c
Faulting application start time: 0xYAHOOM~1.EXE0
Faulting application path: YAHOOM~1.EXE1
Faulting module path: YAHOOM~1.EXE2
Report Id: YAHOOM~1.EXE3

Error: (01/17/2015 07:45:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1568
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/17/2015 07:45:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xeb8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/17/2015 07:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x15f0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/17/2015 07:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1518
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/17/2015 07:43:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1708
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (01/18/2015 03:27:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Kodi.exe14.0.0.054990369ntdll.dll6.1.7601.18247521ea8e7c0000374000ce75312ec01d0336dddfae36cC:\Program Files (x86)\Kodi\Kodi.exeC:\Windows\SysWOW64\ntdll.dll247ebae4-9f61-11e4-a9dd-64315045182c

Error: (01/18/2015 00:49:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe

Error: (01/18/2015 00:17:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753193c01d032eed55f6771C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll1c13d55c-9ee2-11e4-b5ce-64315045182c

Error: (01/17/2015 10:58:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Kodi.exe14.0.0.054990369ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753146801d032e3b314a4c6C:\Program Files (x86)\Kodi\Kodi.exeC:\Windows\SysWOW64\ntdll.dllf7602887-9ed6-11e4-b5ce-64315045182c

Error: (01/17/2015 08:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: YAHOOM~1.EXE11.5.0.2284fbf6b79ntdll.dll6.1.7601.18247521ea8e7c0000005000343e0162c01d032cb0c29d151C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXEC:\Windows\SysWOW64\ntdll.dll56ff43bd-9ebe-11e4-b5ce-64315045182c

Error: (01/17/2015 07:45:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753156801d032c8cbcc4c8fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll0a5da9aa-9ebc-11e4-b5ce-64315045182c

Error: (01/17/2015 07:45:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753eb801d032c8c92a5901C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll0862566f-9ebc-11e4-b5ce-64315045182c

Error: (01/17/2015 07:44:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce75315f001d032c8b5357921C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllf3f3e9a9-9ebb-11e4-b5ce-64315045182c

Error: (01/17/2015 07:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753151801d032c89fdf19aeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllf1c921a1-9ebb-11e4-b5ce-64315045182c

Error: (01/17/2015 07:43:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753170801d032c884b81176C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlld9497e1e-9ebb-11e4-b5ce-64315045182c

==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1045T Processor
Percentage of memory in use: 23%
Total physical RAM: 8191.29 MB
Available physical RAM: 6299.97 MB
Total Pagefile: 16380.75 MB
Available Pagefile: 14349.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.86 GB) (Free:904.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.31 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 00041C69)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1383.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
C:\Users\Desktop\Documents\Documents\debut video setup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Users\Desktop\Documents\Importants Documents\asc-setup.exe a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\Users\Desktop\Downloads\Apps\ReimageRepair.exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Users\Desktop\Downloads\Pacman\Pac-Man And The Ghostly ...Mas][RELOADED].part4.exe a variant of Win32/4Shared.AE potentially unwanted application deleted - quarantined


  • 0

#10
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hey, :)
  • Download Windows Repair (All in One) from this site
  • Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.
  • Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
  • If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer.
p22004342.gif
  • Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:
p22004343.gif
  • Go to Step 4 and under "System Restore" click on Create button:
p22004346.gif
  • Go to Start Repairs tab and click Start button. Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button.
 
p22004347.gif
  • Post Windows Repair log which is located in the following folder:
    • 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
    • 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

  • 0

Advertisements


#11
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

Hello Machiavelli

theres a folder with 8 logs do you need them too?

 these is the chkdsk full log

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Desktop\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
0 percent complete. (0 of 306944 file records processed)    
0 percent complete. (11521 of 306944 file records processed)    
0 percent complete. (27753 of 306944 file records processed)    
1 percent complete. (30695 of 306944 file records processed)    
1 percent complete. (40191 of 306944 file records processed)    
1 percent complete. (50855 of 306944 file records processed)    
1 percent complete. (55554 of 306944 file records processed)    
2 percent complete. (61389 of 306944 file records processed)    
2 percent complete. (84903 of 306944 file records processed)    
3 percent complete. (92084 of 306944 file records processed)    
3 percent complete. (110081 of 306944 file records processed)    
4 percent complete. (122778 of 306944 file records processed)    
4 percent complete. (143679 of 306944 file records processed)    
5 percent complete. (153472 of 306944 file records processed)    
5 percent complete. (176457 of 306944 file records processed)    
6 percent complete. (184167 of 306944 file records processed)    
6 percent complete. (204083 of 306944 file records processed)    
7 percent complete. (214861 of 306944 file records processed)    
7 percent complete. (241057 of 306944 file records processed)    
8 percent complete. (245556 of 306944 file records processed)    
8 percent complete. (275098 of 306944 file records processed)    
9 percent complete. (276250 of 306944 file records processed)    
  306944 file records processed.                                        

File verification completed.
  2631 large file records processed.                                  

  0 bad file records processed.                                    

  0 EA records processed.                                          

  44 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
11 percent complete. (9259 of 403272 index entries processed)   
12 percent complete. (19408 of 403272 index entries processed)   
13 percent complete. (29558 of 403272 index entries processed)   
14 percent complete. (39708 of 403272 index entries processed)   
15 percent complete. (49858 of 403272 index entries processed)   
16 percent complete. (60008 of 403272 index entries processed)   
17 percent complete. (70158 of 403272 index entries processed)   
18 percent complete. (80307 of 403272 index entries processed)   
19 percent complete. (90457 of 403272 index entries processed)   
20 percent complete. (100607 of 403272 index entries processed)   
21 percent complete. (110757 of 403272 index entries processed)   
22 percent complete. (120907 of 403272 index entries processed)   
23 percent complete. (131057 of 403272 index entries processed)   
24 percent complete. (141206 of 403272 index entries processed)   
25 percent complete. (151356 of 403272 index entries processed)   
26 percent complete. (161506 of 403272 index entries processed)   
27 percent complete. (171656 of 403272 index entries processed)   
28 percent complete. (181806 of 403272 index entries processed)   
29 percent complete. (191956 of 403272 index entries processed)   
30 percent complete. (202105 of 403272 index entries processed)   
31 percent complete. (212255 of 403272 index entries processed)   
32 percent complete. (222405 of 403272 index entries processed)   
33 percent complete. (232555 of 403272 index entries processed)   
34 percent complete. (242705 of 403272 index entries processed)   
35 percent complete. (252855 of 403272 index entries processed)   
36 percent complete. (263004 of 403272 index entries processed)   
37 percent complete. (273154 of 403272 index entries processed)   
38 percent complete. (283304 of 403272 index entries processed)   
39 percent complete. (293454 of 403272 index entries processed)   
40 percent complete. (303604 of 403272 index entries processed)   
40 percent complete. (306957 of 403272 index entries processed)   
40 percent complete. (307898 of 403272 index entries processed)   
40 percent complete. (308364 of 403272 index entries processed)   
40 percent complete. (308783 of 403272 index entries processed)   
40 percent complete. (309093 of 403272 index entries processed)   
40 percent complete. (309250 of 403272 index entries processed)   
40 percent complete. (309539 of 403272 index entries processed)   
40 percent complete. (310334 of 403272 index entries processed)   
40 percent complete. (310704 of 403272 index entries processed)   
40 percent complete. (311014 of 403272 index entries processed)   
40 percent complete. (311547 of 403272 index entries processed)   
40 percent complete. (311856 of 403272 index entries processed)   
40 percent complete. (312966 of 403272 index entries processed)   
40 percent complete. (313597 of 403272 index entries processed)   
41 percent complete. (313754 of 403272 index entries processed)   
41 percent complete. (316779 of 403272 index entries processed)   
41 percent complete. (317180 of 403272 index entries processed)   
41 percent complete. (317409 of 403272 index entries processed)   
41 percent complete. (318279 of 403272 index entries processed)   
41 percent complete. (318775 of 403272 index entries processed)   
41 percent complete. (319377 of 403272 index entries processed)   
41 percent complete. (319935 of 403272 index entries processed)   
41 percent complete. (320258 of 403272 index entries processed)   
41 percent complete. (321995 of 403272 index entries processed)   
42 percent complete. (323903 of 403272 index entries processed)   
42 percent complete. (325246 of 403272 index entries processed)   
42 percent complete. (326590 of 403272 index entries processed)   
42 percent complete. (326789 of 403272 index entries processed)   
42 percent complete. (328632 of 403272 index entries processed)   
42 percent complete. (330864 of 403272 index entries processed)   
42 percent complete. (331153 of 403272 index entries processed)   
42 percent complete. (331265 of 403272 index entries processed)   
42 percent complete. (331675 of 403272 index entries processed)   
42 percent complete. (332149 of 403272 index entries processed)   
42 percent complete. (332353 of 403272 index entries processed)   
42 percent complete. (332657 of 403272 index entries processed)   
42 percent complete. (333194 of 403272 index entries processed)   
42 percent complete. (333655 of 403272 index entries processed)   
42 percent complete. (333924 of 403272 index entries processed)   
43 percent complete. (334053 of 403272 index entries processed)   
43 percent complete. (334501 of 403272 index entries processed)   
43 percent complete. (334765 of 403272 index entries processed)   
43 percent complete. (335128 of 403272 index entries processed)   
43 percent complete. (335318 of 403272 index entries processed)   
43 percent complete. (335369 of 403272 index entries processed)   
43 percent complete. (335896 of 403272 index entries processed)   
43 percent complete. (336215 of 403272 index entries processed)   
43 percent complete. (336395 of 403272 index entries processed)   
43 percent complete. (336587 of 403272 index entries processed)   
43 percent complete. (336859 of 403272 index entries processed)   
43 percent complete. (337199 of 403272 index entries processed)   
43 percent complete. (337955 of 403272 index entries processed)   
43 percent complete. (339839 of 403272 index entries processed)   
43 percent complete. (340264 of 403272 index entries processed)   
43 percent complete. (340518 of 403272 index entries processed)   
43 percent complete. (340753 of 403272 index entries processed)   
43 percent complete. (340990 of 403272 index entries processed)   
43 percent complete. (341306 of 403272 index entries processed)   
43 percent complete. (341642 of 403272 index entries processed)   
43 percent complete. (341751 of 403272 index entries processed)   
43 percent complete. (341884 of 403272 index entries processed)   
43 percent complete. (342039 of 403272 index entries processed)   
43 percent complete. (342177 of 403272 index entries processed)   
43 percent complete. (342405 of 403272 index entries processed)   
43 percent complete. (343091 of 403272 index entries processed)   
43 percent complete. (343627 of 403272 index entries processed)   
43 percent complete. (343820 of 403272 index entries processed)   
43 percent complete. (343920 of 403272 index entries processed)   
43 percent complete. (344103 of 403272 index entries processed)   
44 percent complete. (344203 of 403272 index entries processed)   
44 percent complete. (344523 of 403272 index entries processed)   
44 percent complete. (344778 of 403272 index entries processed)   
44 percent complete. (344990 of 403272 index entries processed)   
44 percent complete. (345145 of 403272 index entries processed)   
44 percent complete. (345303 of 403272 index entries processed)   
44 percent complete. (345649 of 403272 index entries processed)   
44 percent complete. (345736 of 403272 index entries processed)   
44 percent complete. (345886 of 403272 index entries processed)   
44 percent complete. (346167 of 403272 index entries processed)   
44 percent complete. (346296 of 403272 index entries processed)   
44 percent complete. (346453 of 403272 index entries processed)   
44 percent complete. (346590 of 403272 index entries processed)   
44 percent complete. (346757 of 403272 index entries processed)   
44 percent complete. (346895 of 403272 index entries processed)   
44 percent complete. (347009 of 403272 index entries processed)   
44 percent complete. (347135 of 403272 index entries processed)   
44 percent complete. (347286 of 403272 index entries processed)   
44 percent complete. (347413 of 403272 index entries processed)   
44 percent complete. (347527 of 403272 index entries processed)   
44 percent complete. (347666 of 403272 index entries processed)   
44 percent complete. (348004 of 403272 index entries processed)   
44 percent complete. (348121 of 403272 index entries processed)   
44 percent complete. (348390 of 403272 index entries processed)   
44 percent complete. (348537 of 403272 index entries processed)   
44 percent complete. (348942 of 403272 index entries processed)   
Error detected in index $I30 for file 259130.
Error detected in index $I30 for file 259130.
Error detected in index $I30 for file 259130.
44 percent complete. (349256 of 403272 index entries processed)   
44 percent complete. (349374 of 403272 index entries processed)   
44 percent complete. (349536 of 403272 index entries processed)   
44 percent complete. (349795 of 403272 index entries processed)   
44 percent complete. (350086 of 403272 index entries processed)   
44 percent complete. (350268 of 403272 index entries processed)   
44 percent complete. (350710 of 403272 index entries processed)   
44 percent complete. (351223 of 403272 index entries processed)   
44 percent complete. (351504 of 403272 index entries processed)   
44 percent complete. (351979 of 403272 index entries processed)   
44 percent complete. (352411 of 403272 index entries processed)   
44 percent complete. (352723 of 403272 index entries processed)   
44 percent complete. (353304 of 403272 index entries processed)   
44 percent complete. (353420 of 403272 index entries processed)   
44 percent complete. (353425 of 403272 index entries processed)   
44 percent complete. (353431 of 403272 index entries processed)   
44 percent complete. (353520 of 403272 index entries processed)   
44 percent complete. (353695 of 403272 index entries processed)   
44 percent complete. (353749 of 403272 index entries processed)   
44 percent complete. (353823 of 403272 index entries processed)   
44 percent complete. (353989 of 403272 index entries processed)   
45 percent complete. (354353 of 403272 index entries processed)   
  403272 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>

 

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Desktop\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
9 percent complete. (276250 of 306944 file records processed)    
306944 file records processed.                                        

File verification completed.
2631 large file records processed.                                  

  0 bad file records processed.                                    

  0 EA records processed.                                          

  44 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
44 percent complete. (348942 of 403272 index entries processed)   
Error detected in index $I30 for file 259130.
Error detected in index $I30 for file 259130.
Error detected in index $I30 for file 259130.
45 percent complete. (354353 of 403272 index entries processed)   
403272 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>


  • 0

#12
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
How is your system running now? :)

There seems to be some hardware error.
  • 0

#13
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

Hi Machiavelli I still have the same problems internet explorer crashes on youtube or any video page,yahoo messanger crashes,google earth.kodi, facebook page,sometimes window media player,VLC too

installing windows could fix the problem??


  • 0

#14
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Hey, :)
Hope your day went good.

installing windows could fix the problem??

What do you exactly mean?
  • 0

#15
x_LUIS_X

x_LUIS_X

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 131 posts

hi Im mean Reinstalling Windows


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP