Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows Explorer and windows media Player crashing among other program

Started by x_LUIS_X , Jan 09 2015 04:24 PM

This topic is locked

#1
x_LUIS_X

Posted 09 January 2015 - 04:24 PM

Member

Member
153 posts

Hello Geeks I having this problem from like 3 weeks ago it began with the windows explorer and youtube website start crashing

and then any other webpage with a video player crashes and the window media player,VLC media player too

and other programs too. it takes a long time to boot

thank you for the Help

#2
Machiavelli

Posted 14 January 2015 - 02:17 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hey, sorry for the delay.

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here

Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
When the disclaimer appears, click Yes.
Click Scan to start FRST.
When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

#3
x_LUIS_X

Posted 14 January 2015 - 05:57 PM

Member

Topic Starter
Member
153 posts

Hi Machiavelli and thanks for your help and time...

I run the FRST but it freezes at Listing Installed Programs and I try 3 times

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Desktop (administrator) on DESKTOP-HP on 14-01-2015 16:29:04
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKU\S-1-5-21-3213102928-3512760173-2800184843-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Desktop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-10]
CHR Extension: (Google Docs) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-10]
CHR Extension: (Google Drive) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-10]
CHR Extension: (Google Sheets) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-10]
CHR Extension: (Google Wallet) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-24]
CHR Extension: (Gmail) - C:\Users\Desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-07-07] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29696 2014-06-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-07-07] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 V0500Dev; C:\Windows\System32\DRIVERS\V0500Vid.sys [310432 2009-09-30] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:29 - 2015-01-14 16:29 - 00019174 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-14 15:41 - 2015-01-14 16:28 - 00000872 _____ () C:\Users\Desktop\Desktop\Addition.txt
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-14 16:29 - 00000000 ____D () C:\FRST
2015-01-14 15:17 - 2015-01-14 15:17 - 02125312 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-13 22:01 - 2015-01-14 15:05 - 00000336 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:31 - 2015-01-14 15:12 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-13 16:31 - 2015-01-14 15:12 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-09 14:24 - 2015-01-09 14:27 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620
2014-12-15 23:38 - 2014-12-15 23:38 - 00229806 _____ () C:\Users\Desktop\Documents\cc_20141215_233757.reg
2014-12-15 21:08 - 2014-12-15 21:08 - 00002054 _____ () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:11 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:48 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 15:44 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:16 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-14 15:13 - 2013-09-21 22:45 - 01636105 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 15:09 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001902 _____ () C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001196 _____ () C:\Windows\Tasks\Safe Saver-codedownloader.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001192 _____ () C:\Windows\Tasks\Safe Saver-updater.job
2015-01-14 15:08 - 2013-07-30 16:05 - 00001096 _____ () C:\Windows\Tasks\Safe Saver-enabler.job
2015-01-14 15:08 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 15:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 02:54 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-14 02:39 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:04 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:04 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-10 21:37 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 21:49 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-09 14:58 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 14:29 - 2013-10-14 14:32 - 00000000 ____D () C:\Users\Desktop\AppData\Local\AVG SafeGuard toolbar
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 18:02 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 18:59 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 18:59 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-12-18 23:42 - 2013-05-23 19:53 - 00000000 ____D () C:\Users\Desktop\Documents\ConvertXToDVD
2014-12-18 21:29 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2014-12-18 21:29 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job
2014-12-15 21:08 - 2014-10-22 02:07 - 00002024 _____ () C:\Users\Desktop\Desktop\FileHippo App Manager.lnk
2014-12-15 20:57 - 2013-05-14 18:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 20:57 - 2013-05-14 18:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2015 01
Ran by Desktop at 2015-01-14 16:29:27
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Edited by x_LUIS_X, 14 January 2015 - 05:59 PM.

#4
Machiavelli

Posted 15 January 2015 - 12:53 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Please download the new version and do the scan again.

#5
x_LUIS_X

Posted 15 January 2015 - 04:22 PM

Member

Topic Starter
Member
153 posts

Hello Machiavelli here are the los that you requested

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Desktop (administrator) on DESKTOP-HP on 15-01-2015 15:17:19
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 15:17 - 2015-01-15 15:17 - 00020071 _____ () C:\Users\Desktop\Desktop\FRST.txt
2015-01-15 15:15 - 2015-01-15 15:15 - 02125312 _____ (Farbar) C:\Users\Desktop\Desktop\FRST64.exe
2015-01-14 18:25 - 2015-01-14 18:30 - 00000000 ____D () C:\Users\Desktop\Downloads\BELLADURPMHD
2015-01-14 15:40 - 2015-01-14 15:41 - 00043376 _____ () C:\Users\Desktop\Documents\FRST.txt
2015-01-14 15:39 - 2015-01-15 15:17 - 00000000 ____D () C:\FRST
2015-01-13 22:01 - 2015-01-15 15:10 - 00000672 _____ () C:\Windows\setupact.log
2015-01-13 22:01 - 2015-01-13 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:38 - 2015-01-13 20:45 - 00000000 ____D () C:\Users\Desktop\Downloads\JHONWICKPMHD.part1 - 1
2015-01-13 17:31 - 2014-12-11 22:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 17:31 - 2014-12-11 22:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 17:31 - 2014-12-11 22:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 17:31 - 2014-12-11 22:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 17:31 - 2014-12-11 22:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 17:31 - 2014-12-11 22:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 16:44 - 2014-12-18 20:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 16:44 - 2014-12-18 18:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 16:44 - 2014-12-11 10:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 16:44 - 2014-12-05 21:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 16:44 - 2014-12-05 20:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 16:31 - 2015-01-14 15:12 - 00003348 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-13 16:31 - 2015-01-14 15:12 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-10 20:27 - 2015-01-10 20:27 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-09 14:24 - 2015-01-09 14:27 - 00000000 ____D () C:\AdwCleaner
2015-01-04 21:47 - 2015-01-04 21:47 - 01766457 _____ () C:\Users\Desktop\Downloads\Mashup.zip
2015-01-04 18:30 - 2015-01-04 18:30 - 00001879 _____ () C:\Users\Desktop\Desktop\Kodi.lnk
2015-01-01 20:04 - 2015-01-01 20:04 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-01-01 20:03 - 2015-01-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Kodi
2015-01-01 19:18 - 2015-01-01 19:19 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0-Helix.exe
2015-01-01 18:44 - 2015-01-01 18:45 - 71046199 _____ () C:\Users\Desktop\Downloads\kodi-14.0.exe
2014-12-30 18:24 - 2014-12-30 18:24 - 00002118 _____ () C:\Users\Desktop\Desktop\My Videos - Shortcut.lnk
2014-12-30 18:22 - 2014-12-30 18:22 - 00002099 _____ () C:\Users\Desktop\Desktop\WinPatrol.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00001204 _____ () C:\Users\Desktop\Desktop\Format Factory.lnk
2014-12-30 17:35 - 2014-12-30 17:35 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-12-29 16:29 - 2014-12-29 16:29 - 00510776 _____ () C:\Users\Desktop\Downloads\AppManagerSetup_1.45.exe
2014-12-28 13:16 - 2014-12-28 13:16 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 13:27 - 2014-12-23 13:27 - 00001013 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-21 16:13 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-21 16:13 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-20 21:57 - 2015-01-14 17:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Kodi
2014-12-20 21:57 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-20 21:57 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-20 21:50 - 2014-12-20 21:51 - 63850156 _____ () C:\Users\Desktop\Downloads\xbmc-13.2-Gotham.exe
2014-12-20 15:27 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-20 00:52 - 2014-12-20 00:52 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-20 00:52 - 2014-12-20 00:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-12-20 00:52 - 2014-12-20 00:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-20 00:52 - 2014-12-20 00:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-20 00:52 - 2014-12-20 00:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-20 00:52 - 2014-12-20 00:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:17 - 2014-12-19 00:17 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\14620

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 15:14 - 2013-05-20 23:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 15:12 - 2014-02-01 23:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job
2015-01-15 15:11 - 2013-09-21 22:45 - 01669639 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 15:11 - 2013-05-20 23:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 15:10 - 2014-02-01 23:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001902 _____ () C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001196 _____ () C:\Windows\Tasks\Safe Saver-codedownloader.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001192 _____ () C:\Windows\Tasks\Safe Saver-updater.job
2015-01-15 15:10 - 2013-07-30 16:05 - 00001096 _____ () C:\Windows\Tasks\Safe Saver-enabler.job
2015-01-15 15:10 - 2013-05-20 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 03:20 - 2013-10-21 13:20 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForDesktop.job
2015-01-14 19:50 - 2014-11-24 01:19 - 00000000 ____D () C:\Users\Desktop\Documents\yayas Stuf
2015-01-14 19:48 - 2013-05-14 23:19 - 00000000 ____D () C:\Users\Desktop\AppData\Local\CrashDumps
2015-01-14 18:30 - 2014-08-02 19:47 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\vlc
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:17 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 15:14 - 2014-07-01 12:22 - 00000000 ____D () C:\Users\Desktop\AppData\Local\Adobe
2015-01-14 15:09 - 2014-11-14 15:52 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2015-01-14 15:08 - 2014-04-20 23:46 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2015-01-14 15:08 - 2014-02-07 20:26 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2015-01-14 15:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-13 22:20 - 2013-08-23 19:33 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-13 22:20 - 2009-07-13 22:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 22:12 - 2013-08-13 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 22:05 - 2013-05-14 18:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:04 - 2014-05-19 12:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-13 16:44 - 2013-05-20 21:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 16:44 - 2013-05-20 21:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 16:44 - 2013-05-20 21:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:04 - 2013-07-30 16:05 - 00000456 ____H () C:\Windows\Tasks\Norton Security Scan for Desktop.job
2015-01-10 20:59 - 2014-11-03 19:00 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-10 20:37 - 2013-12-06 00:31 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-01-10 20:33 - 2013-07-10 23:29 - 00000000 ____D () C:\ProgramData\magicJack
2015-01-09 21:49 - 2010-12-15 10:45 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-09 14:58 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 14:29 - 2013-10-14 14:32 - 00000000 ____D () C:\Users\Desktop\AppData\Local\AVG SafeGuard toolbar
2015-01-09 14:27 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 22:35 - 2013-05-18 16:10 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Vso
2015-01-01 21:16 - 2013-05-15 17:33 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\HpUpdate
2015-01-01 20:05 - 2014-11-16 19:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 04:14 - 2013-05-14 17:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 16:31 - 2013-05-17 18:36 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\PeaZip
2014-12-28 00:46 - 2013-05-18 16:13 - 00001189 _____ () C:\Users\Desktop\AppData\Roaming\vso_ts_preview.xml
2014-12-23 13:29 - 2009-07-24 12:22 - 00000000 ____D () C:\Windows\Panther
2014-12-23 13:28 - 2014-04-12 00:55 - 00000000 ____D () C:\Users\Desktop\AppData\Roaming\Audacity
2014-12-23 13:27 - 2014-01-03 21:34 - 00001025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-23 13:27 - 2014-01-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-12-22 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-20 01:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 18:59 - 2013-05-20 22:49 - 00001023 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 18:59 - 2013-05-15 17:02 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-12-18 23:42 - 2013-05-23 19:53 - 00000000 ____D () C:\Users\Desktop\Documents\ConvertXToDVD
2014-12-18 21:29 - 2013-08-13 15:24 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDESKTOP-HP$
2014-12-18 21:29 - 2013-08-13 15:24 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2015-01-04 18:52

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Desktop at 2015-01-15 15:17:42
Running from C:\Users\Desktop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ConvertXtoDVD 4.0.12.327 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVDFab 8.0.6.8 (05/01/2011) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.2.2.8 (26/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Dynex 1.3MP Webcam Driver (1.01.04.00) (HKLM\...\Dynex VF0500) (Version: - Dynex)
Dynex Live! Central (HKLM-x32\...\Dynex Live! Central) (Version: 2.00.22 - Creative Technology Ltd)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flixster (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\404b9336c7552828) (Version: 1.9.0.205 - Flixster)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{2EA3D6B2-157E-4112-A3AB-BF17E16661C3}) (Version: 1.0.4.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodi (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Kodi) (Version: - XBMC-Foundation)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.3.18 - Nike)
OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PeaZip 5.5.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 - NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.101 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sansa Updater (HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Win Bus Messenger version 1.0.112 (HKLM-x32\...\{5CCDC5B4-0C5B-4441-9E17-0EED64D7B8DK}_is1) (Version: 1.0.112 - DelphiWorx)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

25-12-2014 19:00:25 Windows Update
29-12-2014 14:06:49 Windows Update
01-01-2015 18:44:24 Windows Update
01-01-2015 20:05:03 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
01-01-2015 20:05:26 Installed DirectX
05-01-2015 13:24:13 Windows Update
08-01-2015 13:52:10 Windows Update
10-01-2015 20:29:36 Revo Uninstaller's restore point - magicJack
10-01-2015 20:35:22 Revo Uninstaller's restore point - Battlefield Play4Free
10-01-2015 20:59:19 Revo Uninstaller's restore point - Freemake Video Converter version 4.1.5
11-01-2015 21:35:18 Windows Update
13-01-2015 22:04:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2013-07-19 15:23 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D888065-7588-499D-A4B8-6A98DB461216} - System32\Tasks\Safe Saver-updater => C:\Program Files (x86)\Safe Saver\Safe Saver-updater.exe
Task: {21A98F91-F0F4-4F75-9A5D-4CB6D5291025} - System32\Tasks\Safe Saver-enabler => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe
Task: {2C4A1E1F-3F1C-4A14-BA0D-F3E14FA489C1} - System32\Tasks\HPCeeScheduleForDesktop => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {30842E09-A031-4E6B-9711-3A9E416D61C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {30FA83A7-B968-47E0-A7D0-D9460072A717} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {3268E651-7557-4951-BFD0-AD4C9CEC885C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {533F9551-3E7A-47C1-94C2-985E763C6C72} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {5A3C57A1-6CA2-4C38-8024-64BA8DEA6E40} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {6902E89B-C3EC-4B45-AD02-EB768982082E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {6999C65D-A7BE-4397-B820-04EB9F19C637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {6BA0CDEB-00D8-4232-8465-2B4475B74C9B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {712EE8B0-F94D-451F-8767-71415BC94C04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-21] (Microsoft)
Task: {79863093-87C4-4973-9DB0-3072775F56DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7C60EE88-0548-4A48-806F-3ADCCAB3D0E6} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: {885B1918-0631-47E6-9CCF-249EF52A35D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: {A433BF79-F211-49B0-B53D-2C2C76147463} - System32\Tasks\Safe Saver-codedownloader => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: {BBFE5BD2-0C15-45D9-917E-2B4E8CBCD4D1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {C79BFB8C-C33B-4E73-9E35-A91CE51653BC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {C9D0DC79-4899-46C6-8589-0298BF9A1FFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-01] (Facebook Inc.)
Task: {CC382EDE-B268-461B-8E64-B4017D2A8ED7} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: {CC6891C0-FD88-4D90-8A5F-139897C1DECF} - System32\Tasks\Safe Saver-chromeinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: {CE3FEC92-5BA3-48DD-82FC-270D999DFFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-20] (Google Inc.)
Task: {D502EAAB-8229-49B7-83EF-88A32F18DFF9} - System32\Tasks\Norton Security Scan for Desktop => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: {DA0249DF-D68A-419C-82C5-AE26C5C3C961} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3CF800D-E6CD-45F2-ADA3-1A28221286A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {E787AD76-1641-408F-A8FD-F94AED22AD73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {EB0D59E7-C1D1-46DB-A924-069210D11B83} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3213102928-3512760173-2800184843-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F2B038B7-BAEB-494B-88A2-BADAA0C99E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {F5AE8F22-D1E0-4F68-B275-E096AAD53A7A} - System32\Tasks\HPCeeScheduleForDESKTOP-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000Core.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3213102928-3512760173-2800184843-1000UA.job => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDESKTOP-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDesktop.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Desktop.job => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: C:\Windows\Tasks\Safe Saver-chromeinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: C:\Windows\Tasks\Safe Saver-codedownloader.job => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: C:\Windows\Tasks\Safe Saver-enabler.job => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe
Task: C:\Windows\Tasks\Safe Saver-updater.job => C:\Program Files (x86)\Safe Saver\Safe Saver-updater.exe

==================== Loaded Modules (whitelisted) =============

2014-02-15 17:25 - 2014-02-16 03:15 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-09-15 11:31 - 2010-09-15 11:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-12-11 04:30 - 2014-12-11 04:30 - 01444560 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2010-12-15 10:38 - 2010-09-20 04:13 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 14:23 - 2014-11-20 13:57 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2013-05-20 21:45 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2010-07-01 23:13 - 2010-07-01 23:13 - 01004840 _____ () c:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2010-12-15 10:38 - 2010-09-20 04:13 - 00028672 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00144680 _____ () c:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 19:35 - 2014-12-05 18:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: cdloader => "C:\Users\Desktop\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

========================= Accounts: ==========================

Administrator (S-1-5-21-3213102928-3512760173-2800184843-500 - Administrator - Disabled)
Desktop (S-1-5-21-3213102928-3512760173-2800184843-1000 - Administrator - Enabled) => C:\Users\Desktop
Guest (S-1-5-21-3213102928-3512760173-2800184843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3213102928-3512760173-2800184843-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2015 07:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ehshell.exe, version: 6.1.7600.16385, time stamp: 0x4a5bd053
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1508
Faulting application start time: 0xehshell.exe0
Faulting application path: ehshell.exe1
Faulting module path: ehshell.exe2
Report Id: ehshell.exe3

Error: (01/14/2015 07:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1fc4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:44:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1928
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x6a4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xec4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xb9c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1420
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x16f8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x12e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/14/2015 07:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1354
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (01/09/2015 02:31:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/09/2015 02:31:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1069

Error: (01/09/2015 02:28:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/09/2015 02:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/09/2015 02:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Client Services service terminated unexpectedly. It has done this 1 time(s).

Error: (01/09/2015 02:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDF Document Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (01/09/2015 02:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (01/14/2015 07:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ehshell.exe6.1.7600.163854a5bd053ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102150801d0306da4ff4bf1C:\Windows\ehome\ehshell.exeC:\Windows\SYSTEM32\ntdll.dlle4407cd3-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce7531fc401d0306d297c5845C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll6c3c7967-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:44:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753192801d0306b879d18f7C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll6127b0e3-9c60-11e4-93c0-64315045182c

Error: (01/14/2015 07:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce7536a401d0306b81a43a34C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllc4487000-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753ec401d0306b7087ccb8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllbb316104-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753b9c01d0306b66d56a54C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlla730e615-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753142001d0306af147d97fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlla140a78c-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce75316f801d0306ad1a20567C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll9205c886-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce75312e001d03069bbbac778C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll0c838153-9c5e-11e4-93c0-64315045182c

Error: (01/14/2015 07:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccntdll.dll6.1.7601.18247521ea8e7c0000374000ce753135401d03069bbb86618C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllfb6f4473-9c5c-11e4-93c0-64315045182c

==================== Memory info ===========================

Processor: AMD Phenom™ II X6 1045T Processor
Percentage of memory in use: 16%
Total physical RAM: 8191.29 MB
Available physical RAM: 6845.66 MB
Total Pagefile: 16380.75 MB
Available Pagefile: 13735.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.86 GB) (Free:861.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.31 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 00041C69)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1383.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#6
Machiavelli

Posted 16 January 2015 - 07:20 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Hey,

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1

Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
Click Scan and let the scan run.
When it finishes, click Clean, following the on screen prompts
After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

Go back to the Dashboard and select Scan Now

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 4: FRST Scan

Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
Click Scan to start FRST.
When FRST finishes scanning, a log, FRST.txt, will open.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

#7
x_LUIS_X

Posted 17 January 2015 - 08:40 PM

Member

Topic Starter
Member
153 posts

Hello here are the logs

# AdwCleaner v4.108 - Report created 17/01/2015 at 19:24:58
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Desktop - DESKTOP-HP
# Running from : C:\Users\Desktop\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.99

*************************

AdwCleaner[R0].txt - [9256 octets] - [09/01/2015 14:24:21]
AdwCleaner[R1].txt - [1358 octets] - [16/01/2015 16:48:36]
AdwCleaner[R2].txt - [990 octets] - [17/01/2015 19:21:43]
AdwCleaner[S0].txt - [9274 octets] - [09/01/2015 14:27:45]
AdwCleaner[S1].txt - [1431 octets] - [16/01/2015 16:52:47]
AdwCleaner[S2].txt - [912 octets] - [17/01/2015 19:24:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [971 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/16/2015
Scan Time: 5:05:31 PM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.16.14
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Desktop

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335998
Time Elapsed: 17 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Desktop on Sat 01/17/2015 at 19:13:43.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Safe Saver-updater.job

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/17/2015 at 19:16:23.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015
Ran by Desktop (administrator) on DESKTOP-HP on 17-01-2015 19:34:54
Running from C:\Users\Desktop\Desktop
Loaded Profiles: Desktop (Available profiles: Desktop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [Facebook Update] => C:\Users\Desktop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-01] (Facebook Inc.)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6154008 2013-05-24] (Piriform Ltd)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-18] (SUPERAntiSpyware)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-23] (AMD)
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1444560 2014-12-11] ()
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\RunOnce: [Uninstall C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Desktop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {a9ad977d-6add-11e4-bf38-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\...\MountPoints2: {fc6efaa4-3157-11e4-b249-64315045182c} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
HKU\S-1-5-21-3213102928-3512760173-2800184843-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {16DA3878-1BDB-4E70-9BDB-A8B226EC1560} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-3213102928-3512760173-2800184843-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62