Thank you very much for your help Adam, it really is appreciated! You can call me Beth I'm sorry my reply is a little later than I'd have liked - I've been stuck in college all day and I've only just gotten home!
Here's FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Beth (administrator) on BETHPC on 13-01-2015 19:20:39
Running from C:\Users\Beth\Desktop
Loaded Profile: Beth (Available profiles: Beth)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-13] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942208 2015-01-09] (Valve Corporation)
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\Run: [Facebook Update] => C:\Users\Beth\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-02] (Facebook Inc.)
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\Run: [GoogleChromeAutoLaunch_7AA02041506F505FF9861A1007033B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
Startup: C:\Users\Beth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\j1dpxnyo.default-1401231934056
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1195360697-2828033514-3606766148-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Beth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\
[email protected] [2015-01-13]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-27]
CHR Extension: (Adblock Plus) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-13]
CHR Extension: (Google Search) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-27]
CHR Extension: (XKit) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-12-03]
CHR Extension: (Hola Better Internet) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-13]
CHR Extension: (avast! Online Security) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-16]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Hover Zoom) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-01-13]
CHR Extension: (Gmail) - C:\Users\Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-01-23] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-13] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [37760 2012-11-27] (Hewlett-Packard)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-06-09] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-13] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49200 2013-02-26] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-07-24] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [29424 2013-08-28] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-06-20] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 19:20 - 2015-01-13 19:21 - 00025436 _____ () C:\Users\Beth\Desktop\FRST.txt
2015-01-13 02:57 - 2015-01-13 02:57 - 00154234 _____ () C:\Users\Beth\Downloads\OTL.Txt
2015-01-13 02:57 - 2015-01-13 02:57 - 00134422 _____ () C:\Users\Beth\Downloads\Extras.Txt
2015-01-13 02:40 - 2015-01-13 02:40 - 00602112 _____ (OldTimer Tools) C:\Users\Beth\Downloads\OTL.exe
2015-01-13 02:35 - 2015-01-13 02:39 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-13 02:35 - 2015-01-13 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-13 02:34 - 2015-01-13 02:39 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 02:34 - 2015-01-13 02:39 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 02:34 - 2015-01-13 02:34 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-13 02:34 - 2015-01-13 02:34 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-13 02:26 - 2014-12-31 11:14 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-01-13 02:21 - 2015-01-13 02:21 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-13 02:21 - 2015-01-13 02:21 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-13 02:20 - 2015-01-13 02:20 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-13 02:04 - 2015-01-13 02:04 - 00852504 _____ () C:\Users\Beth\Desktop\SecurityCheck.exe
2015-01-13 00:42 - 2015-01-13 00:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-12 22:49 - 2015-01-12 22:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-12 22:25 - 2015-01-12 22:26 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Beth\Desktop\tdsskiller.exe
2015-01-12 22:23 - 2015-01-12 22:23 - 00000613 _____ () C:\Users\Beth\Desktop\JRT.txt
2015-01-12 22:14 - 2015-01-12 22:14 - 01707939 _____ (Thisisu) C:\Users\Beth\Downloads\JRT.exe
2015-01-12 22:14 - 2015-01-12 22:14 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-12 22:00 - 2015-01-12 22:01 - 00050176 _____ () C:\Users\Beth\Downloads\Addition.txt
2015-01-12 21:58 - 2015-01-13 19:20 - 00000000 ____D () C:\FRST
2015-01-12 21:58 - 2015-01-12 22:01 - 00035954 _____ () C:\Users\Beth\Downloads\FRST.txt
2015-01-12 21:57 - 2015-01-12 21:57 - 02124288 _____ (Farbar) C:\Users\Beth\Desktop\FRST64.exe
2015-01-12 21:07 - 2015-01-12 21:07 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-12 21:02 - 2015-01-12 21:49 - 00000000 ____D () C:\AdwCleaner
2015-01-12 21:02 - 2015-01-12 21:02 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-12 21:02 - 2015-01-12 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-12 21:02 - 2015-01-12 21:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-12 21:02 - 2015-01-12 21:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 21:02 - 2014-11-21 06:54 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-12 21:02 - 2014-11-21 06:53 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-12 21:02 - 2014-11-21 06:53 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-12 21:01 - 2015-01-12 21:01 - 02191360 _____ () C:\Users\Beth\Downloads\AdwCleaner.exe
2015-01-12 21:01 - 2015-01-12 21:01 - 00305664 _____ (Secure By Design Inc.) C:\Users\Beth\Downloads\Ninite Malwarebytes Installer(1).exe
2015-01-12 21:00 - 2015-01-12 21:00 - 00305664 _____ (Secure By Design Inc.) C:\Users\Beth\Downloads\Ninite Malwarebytes Installer.exe
2015-01-12 20:38 - 2015-01-12 20:38 - 00000000 ____D () C:\Users\Beth\AppData\Local\Deployment
2015-01-12 20:26 - 2015-01-12 21:40 - 00000000 ____D () C:\Program Files (x86)\unnisalless
2015-01-12 20:26 - 2015-01-12 21:40 - 00000000 ____D () C:\Program Files (x86)\unisaLes
2015-01-12 20:26 - 2015-01-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Enhance Browser
2015-01-12 20:25 - 2015-01-13 02:08 - 00000000 ____D () C:\ProgramData\aoeaidngllmeeamehfmlefgalocndpji
2015-01-11 21:13 - 2015-01-11 23:40 - 00011771 _____ () C:\Users\Beth\Desktop\Work schedule.xlsx
2015-01-11 17:55 - 2013-08-16 05:21 - 08153088 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNHP.dll
2015-01-11 17:55 - 2013-08-16 05:21 - 08078848 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNGUI.exe
2015-01-11 17:55 - 2013-08-16 05:21 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-01-11 17:55 - 2013-08-16 05:21 - 02230784 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNX.dll
2015-01-11 17:55 - 2013-08-16 05:21 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-01-11 17:55 - 2013-08-16 05:21 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-01-11 17:55 - 2013-08-16 05:21 - 00253952 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNJ.exe
2015-01-11 17:55 - 2013-08-16 05:21 - 00224768 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2015-01-11 17:55 - 2012-06-28 08:47 - 00049523 _____ () C:\WINDOWS\system32\ROADSTER.XML
2015-01-11 17:55 - 2011-05-17 17:25 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2015-01-10 18:33 - 2015-01-10 18:33 - 00000000 ____D () C:\Users\Beth\Documents\walk
2015-01-10 18:31 - 2015-01-10 18:32 - 20198237 _____ () C:\Users\Beth\Downloads\attachments (1).zip
2015-01-10 18:31 - 2015-01-10 18:32 - 15599959 _____ () C:\Users\Beth\Downloads\attachments (2).zip
2015-01-05 19:36 - 2015-01-05 19:37 - 22481284 _____ () C:\Users\Beth\Downloads\Example1.zip
2015-01-02 17:41 - 2015-01-02 17:57 - 11171848 _____ () C:\Users\Beth\Downloads\I wouldn't mind [He is we cover] .m4a
2015-01-02 17:41 - 2015-01-02 17:42 - 05413480 _____ () C:\Users\Beth\Downloads\I wouldn't mind [He is we cover] (1).m4a
2014-12-29 01:05 - 2014-12-29 01:05 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-29 01:04 - 2013-08-16 05:21 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-12-29 01:04 - 2013-08-16 05:21 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-12-29 01:04 - 2013-08-16 05:21 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-12-29 01:04 - 2013-08-16 05:21 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-12-29 01:01 - 2014-12-29 01:02 - 46079856 _____ (Hewlett-Packard ) C:\Users\Beth\Downloads\sp63555.exe
2014-12-26 17:22 - 2014-12-26 17:22 - 07878008 _____ (Microsoft Corporation) C:\Users\Beth\Downloads\Xbox360_64Eng (1).exe
2014-12-26 17:22 - 2014-12-26 17:22 - 00003136 _____ () C:\WINDOWS\System32\Tasks\{9520D0E3-877B-49F5-A9D0-E861B294A189}
2014-12-26 17:01 - 2014-12-26 17:01 - 00001648 _____ () C:\Users\Beth\Desktop\DS4Windows.lnk
2014-12-26 16:56 - 2014-12-26 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DS4Windows
2014-12-25 16:15 - 2014-12-25 16:15 - 00002237 _____ () C:\Users\Beth\Desktop\HP Support Assistant.lnk
2014-12-25 16:13 - 2014-12-25 16:13 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-12-24 19:09 - 2014-12-24 19:32 - 00000000 ____D () C:\Users\Beth\Documents\Bully Scholarship Edition
2014-12-24 02:52 - 2014-12-24 02:55 - 45721480 _____ (Hewlett-Packard ) C:\Users\Beth\Downloads\sp59861 (1).exe
2014-12-24 02:34 - 2014-12-24 02:38 - 00000000 ____D () C:\Users\Beth\Documents\mem stick backup
2014-12-23 17:38 - 2014-12-23 17:38 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\java
2014-12-23 16:39 - 2014-12-23 16:39 - 00000000 ____D () C:\Users\Beth\Documents\My Games
2014-12-22 23:14 - 2014-12-22 23:14 - 00667648 _____ () C:\Users\Beth\Downloads\Detection (4).msi
2014-12-20 00:42 - 2014-12-20 00:42 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\3909
2014-12-20 00:11 - 2014-12-20 00:11 - 00667648 _____ () C:\Users\Beth\Downloads\Detection (3).msi
2014-12-14 00:11 - 2014-12-14 00:11 - 05197824 _____ () C:\Users\Beth\Downloads\HPSupportSolutionsFramework-en-11.51.0048.msi
2014-12-14 00:06 - 2014-12-14 00:08 - 45375952 _____ (Hewlett-Packard ) C:\Users\Beth\Downloads\sp59154.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-13 19:19 - 2014-11-25 16:01 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DB7162D7-8762-47C4-A588-FF771743A215}
2015-01-13 19:19 - 2014-06-20 18:31 - 01572539 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-13 19:19 - 2013-03-04 15:30 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-01-13 19:16 - 2013-08-28 23:39 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-01-13 19:16 - 2013-08-28 23:39 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-01-13 19:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-13 12:16 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-13 03:07 - 2013-08-27 19:19 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1195360697-2828033514-3606766148-1002
2015-01-13 02:34 - 2013-08-27 19:53 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-13 02:33 - 2014-06-20 18:40 - 00000000 ___DO () C:\Users\Beth\OneDrive
2015-01-13 02:30 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 02:28 - 2014-03-18 08:16 - 00036644 _____ () C:\WINDOWS\PFRO.log
2015-01-13 02:28 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 02:21 - 2014-08-01 20:30 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-13 02:21 - 2014-08-01 20:29 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-13 02:21 - 2014-08-01 20:29 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-13 02:13 - 2013-09-27 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-13 00:20 - 2013-09-02 20:15 - 00000938 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002UA.job
2015-01-12 22:15 - 2014-02-18 23:47 - 00003154 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForBeth
2015-01-12 22:15 - 2014-02-18 23:47 - 00000342 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForBeth.job
2015-01-12 21:41 - 2014-05-14 11:40 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\uTorrent
2015-01-12 21:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-12 21:20 - 2013-09-02 20:15 - 00000916 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002Core.job
2015-01-11 17:55 - 2013-08-22 14:46 - 00322218 _____ () C:\WINDOWS\setupact.log
2015-01-09 19:51 - 2013-08-27 21:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 17:19 - 2013-08-28 13:20 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-07 17:19 - 2013-08-28 13:20 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-06 15:02 - 2014-03-18 15:26 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-06 01:05 - 2013-09-20 15:17 - 00000000 ____D () C:\Users\Beth\Documents\Thoughts
2015-01-05 19:34 - 2013-09-15 23:02 - 00000000 ____D () C:\Users\Beth\Documents\Visual Studio 2010
2015-01-02 17:56 - 2014-10-28 14:43 - 00000000 ____D () C:\Users\Beth\Documents\phone pictures 281014
2015-01-01 00:12 - 2014-06-28 16:46 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\.minecraft
2014-12-29 01:05 - 2013-07-05 15:05 - 00000000 ____D () C:\Program Files\IDT
2014-12-29 01:03 - 2012-08-04 00:02 - 00000000 ____D () C:\SWSetup
2014-12-26 17:27 - 2013-08-22 14:44 - 00535920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-26 16:55 - 2014-12-09 19:45 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\DSDCS
2014-12-25 16:15 - 2013-04-01 18:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-25 16:15 - 2013-04-01 18:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-12-25 16:14 - 2013-04-01 18:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-25 16:12 - 2013-04-01 18:29 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-12-25 04:27 - 2014-11-02 22:54 - 00000000 ____D () C:\Users\Beth\AppData\Roaming\Skype
2014-12-24 19:12 - 2013-04-01 18:25 - 00209549 _____ () C:\WINDOWS\DirectX.log
2014-12-23 16:49 - 2014-02-25 19:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-23 16:46 - 2013-09-12 21:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-23 16:37 - 2014-01-08 21:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-21 16:52 - 2014-06-20 17:57 - 00000000 ____D () C:\Users\Beth
2014-12-17 18:24 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-17 16:48 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-14 00:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-12-14 00:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-14 00:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-14 00:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-12-14 00:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-13 12:11
==================== End Of Log ============================
Here's addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Beth at 2015-01-13 19:21:55
Running from C:\Users\Beth\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(HKLM\...\UDK-5a7d20c3-b84c-4311-a2e3-4ac5a88cecc5) (Version: - RuneStorm
(HKLM\...\UDK-5b338baf-3766-4502-aa77-c27b1c57440e) (Version: - RuneStorm
µTorrent (HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{7545D28D-00EC-C15D-FE18-C3E3F5EC0BDD}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version: - The Chinese Room)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Autograph 3.3 (HKLM-x32\...\{AD6A8057-680B-459E-84D6-13A880A3575C}) (Version: 3.30.10.0 - Eastmond Publishing Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DS4Windows (HKLM-x32\...\{4006439B-D5ED-4048-BE9C-B5BEE669B312}) (Version: 1.5.16 - DSDCS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.1.1 (HKLM-x32\...\{19ABCFE2-7EED-11E3-B98A-00163E98E7D6}) (Version: 5.1.1.2334 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gone Home (HKLM-x32\...\Steam App 232430) (Version: - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.6.3 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{92E8BC5B-6023-4846-8151-415351A4FAFF}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
I am Bread (HKLM-x32\...\Steam App 327890) (Version: - Bossa Studios)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Just Cause 2 Demo (HKLM-x32\...\Steam App 35110) (Version: - Avalanche)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-GB)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Octodad (HKLM-x32\...\Octodad) (Version: - )
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{24B89186-2A56-4D28-B930-6F4FCF224E2F}) (Version: 4.01.9714 - Apache Software Foundation)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{7B83C685-3EA9-544F-9580-368394C67C3A}) (Version: 11.0.737.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27025 - Realtek Semiconductor Corp.)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.104 - Skype Technologies S.A.)
Sleeping Dogs™ Demo (HKLM-x32\...\Steam App 215220) (Version: - United Front Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter IV (HKLM-x32\...\Steam App 21660) (Version: - Capcom)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{5835D73F-A07B-4232-A186-2CEA2017241B}) (Version: 2.2.3.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-942fb610-9f89-4d8f-adfb-14967a1f4b9e) (Version: - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version: - RuneStorm)
Viscera Cleanup Detail: Santas Rampage
Viscera Cleanup Detail: Santa's Rampage (HKLM-x32\...\Steam App 265210) (Version: - RuneStorm)
Viscera Cleanup Detail: Shadow Warrior
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version: - RuneStorm)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Beth\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Beth\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Beth\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Beth\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Beth\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beth\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beth\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beth\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1195360697-2828033514-3606766148-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Beth\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-12-2014 18:08:57 Windows Update
01-01-2015 01:18:14 Windows Update
08-01-2015 19:48:21 Windows Update
11-01-2015 23:11:29 Windows Update
13-01-2015 02:19:06 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {054DCE5C-FA05-463D-94E5-6F87388396DE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {09825A92-B77C-48C7-9298-2A93A24B6EDD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {0BD088BE-A639-4FD7-A968-AE143B46B34E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-13] (AVAST Software)
Task: {0CC076BD-D7E7-4E9E-A223-0D96D59D1891} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {13B3E442-F166-433F-AF2D-61507094C518} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {193F60A5-6DE6-4DD6-8401-0B2DE41A7154} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {199A7D30-1DE8-4490-9CE9-10BCEE383B9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: {1F91C8C9-5F5A-4EB0-8F08-495D8511C065} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002Core => C:\Users\Beth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-02] (Facebook Inc.)
Task: {44071BA5-0D67-4CB0-AE14-C7AF78FDD30F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5122D40D-AE4B-4DD4-86EB-7B11E6E8DA31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {766975DE-7A6D-4601-ADE6-85C6EA2F21F0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {91911DBA-7F1A-488B-AAD9-F5C9B3DACBBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {ACB48B59-43A4-45E0-9D6A-0247A33516ED} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002UA => C:\Users\Beth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-02] (Facebook Inc.)
Task: {C2AA7A86-606A-4134-8359-504565B46ADB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C61A5354-9436-4211-ABDA-3DDC56333FAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C7F38767-F4EC-4D9A-AFD7-C670E2F82F3D} - System32\Tasks\HPCeeScheduleForBeth => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {E72ED5D8-11C6-4181-96CB-75D5C8D4E6EE} - System32\Tasks\{9520D0E3-877B-49F5-A9D0-E861B294A189} => pcalua.exe -a "C:\Users\Beth\Downloads\Xbox360_64Eng (1).exe" -d C:\Users\Beth\Downloads
Task: {F23C6162-6AA0-44D6-BEA3-5DD3EF7A48EB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {F26CF091-E3C7-41E1-8275-6DD86C473A50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-13] (Google Inc.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002Core.job => C:\Users\Beth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1195360697-2828033514-3606766148-1002UA.job => C:\Users\Beth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeth.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-01-23 01:27 - 2013-01-23 01:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-27 16:55 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-10 12:35 - 2013-01-10 12:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2014-11-19 14:45 - 2014-09-23 13:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-01-10 10:25 - 2013-01-10 10:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-01-10 12:30 - 2013-01-10 12:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-01-10 12:35 - 2013-01-10 12:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2012-06-18 15:24 - 2012-06-18 15:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-02-07 08:19 - 2013-02-07 08:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2012-11-27 11:56 - 2012-11-27 11:56 - 00124288 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-11-27 11:56 - 2012-11-27 11:56 - 00051072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-11-27 11:56 - 2012-11-27 11:56 - 00018432 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\PowerDVD.dll
2013-04-01 18:29 - 2013-04-01 18:29 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\System.Data.SQLite.dll
2012-11-27 11:56 - 2012-11-27 11:56 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-08-29 00:23 - 2013-08-29 00:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-06-20 18:36 - 2014-06-20 18:36 - 00124288 _____ () C:\Users\Beth\AppData\Local\assembly\dl3\KV4YKHKC.HQD\19D8KX78.7C7\e69b1999\0085223f_96cccd01\HPItunesModule.DLL
2014-06-20 18:36 - 2014-06-20 18:36 - 00018432 _____ () C:\Users\Beth\AppData\Local\assembly\dl3\KV4YKHKC.HQD\19D8KX78.7C7\59b865bd\00df8441_96cccd01\PowerDVD.DLL
2015-01-12 20:27 - 2015-01-12 20:27 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-10 12:30 - 2013-01-10 12:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll
2013-01-10 12:35 - 2013-01-10 12:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 12:35 - 2013-01-10 12:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-02-27 16:55 - 2013-02-27 16:55 - 00381027 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 09:53 - 2011-07-05 09:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-08-28 23:54 - 2012-06-08 03:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-12-20 12:14 - 2013-12-20 12:14 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-12-20 12:14 - 2013-12-20 12:14 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-01-31 16:04 - 2013-01-31 16:04 - 00080120 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll
2013-01-10 10:25 - 2013-01-10 10:25 - 00364544 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll
2013-08-29 00:25 - 2013-08-29 00:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-01-10 12:30 - 2013-01-10 12:30 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-01-13 02:20 - 2015-01-13 02:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-13 02:35 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-13 02:35 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-13 02:35 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-13 02:35 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Beth\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1195360697-2828033514-3606766148-1002\...\StartupApproved\Run: => "Power2GoExpress8"
========================= Accounts: ==========================
Administrator (S-1-5-21-1195360697-2828033514-3606766148-500 - Administrator - Disabled)
Beth (S-1-5-21-1195360697-2828033514-3606766148-1002 - Administrator - Enabled) => C:\Users\Beth
Guest (S-1-5-21-1195360697-2828033514-3606766148-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1195360697-2828033514-3606766148-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/13/2015 02:34:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x137c
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report ID: CCC.exe3
Faulting package full name: CCC.exe4
Faulting package-relative application ID: CCC.exe5
Error: (01/13/2015 02:34:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (01/13/2015 02:33:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Faulting module name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Exception code: 0xc000041d
Fault offset: 0x000000000001162a
Faulting process ID: 0x1164
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report ID: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (01/13/2015 02:33:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Faulting module name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Exception code: 0xc0000005
Fault offset: 0x000000000001162a
Faulting process ID: 0x1164
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report ID: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (01/13/2015 02:30:37 AM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed
Error: (01/13/2015 02:16:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x146c
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report ID: CCC.exe3
Faulting package full name: CCC.exe4
Faulting package-relative application ID: CCC.exe5
Error: (01/13/2015 02:16:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (01/13/2015 02:15:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Faulting module name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Exception code: 0xc000041d
Fault offset: 0x000000000001162a
Faulting process ID: 0x1330
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report ID: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (01/13/2015 02:15:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Faulting module name: sttray64.exe, version: 1.0.6491.0, time stamp: 0x520e0160
Exception code: 0xc0000005
Fault offset: 0x000000000001162a
Faulting process ID: 0x1330
Faulting application start time: 0xsttray64.exe0
Faulting application path: sttray64.exe1
Faulting module path: sttray64.exe2
Report ID: sttray64.exe3
Faulting package full name: sttray64.exe4
Faulting package-relative application ID: sttray64.exe5
Error: (01/13/2015 02:14:10 AM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed
System errors:
=============
Error: (01/13/2015 02:26:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.191.2145.0).
Error: (01/13/2015 02:12:29 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:11:08 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:10:38 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:10:08 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:09:38 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:09:08 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:08:38 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:08:08 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/13/2015 02:07:38 AM) (Source: DCOM) (EventID: 10010) (User: BETHPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Microsoft Office Sessions:
=========================
Error: (01/13/2015 02:34:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe3.5.0.04f8350e0KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c137c01d02ed9565de2b8C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\system32\KERNELBASE.dllaa1c476a-9acc-11e4-bed6-bc8556b1666e
Error: (01/13/2015 02:34:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (01/13/2015 02:33:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sttray64.exe1.0.6491.0520e0160sttray64.exe1.0.6491.0520e0160c000041d000000000001162a116401d02ed94c9b308aC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\IDT\WDM\sttray64.exe8d774a6d-9acc-11e4-bed6-bc8556b1666e
Error: (01/13/2015 02:33:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sttray64.exe1.0.6491.0520e0160sttray64.exe1.0.6491.0520e0160c0000005000000000001162a116401d02ed94c9b308aC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\IDT\WDM\sttray64.exe8af82a86-9acc-11e4-bed6-bc8556b1666e
Error: (01/13/2015 02:30:37 AM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed
Error: (01/13/2015 02:16:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe3.5.0.04f8350e0KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c146c01d02ed6c9140ee4C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\system32\KERNELBASE.dll24b02d5e-9aca-11e4-bed4-bc8556b1666e
Error: (01/13/2015 02:16:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (01/13/2015 02:15:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sttray64.exe1.0.6491.0520e0160sttray64.exe1.0.6491.0520e0160c000041d000000000001162a133001d02ed6bd383584C:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\IDT\WDM\sttray64.exefd85a743-9ac9-11e4-bed4-bc8556b1666e
Error: (01/13/2015 02:15:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sttray64.exe1.0.6491.0520e0160sttray64.exe1.0.6491.0520e0160c0000005000000000001162a133001d02ed6bd383584C:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\IDT\WDM\sttray64.exefb48f91c-9ac9-11e4-bed4-bc8556b1666e
Error: (01/13/2015 02:14:10 AM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed
CodeIntegrity Errors:
===================================
Date: 2014-08-29 14:17:49.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-08-29 14:17:47.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-08-28 20:50:23.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-08-28 20:50:23.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-08-28 11:38:34.428
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5750M APU with Radeon HD Graphics
Percentage of memory in use: 29%
Total physical RAM: 7642.26 MB
Available physical RAM: 5363.79 MB
Total Pagefile: 8858.26 MB
Available Pagefile: 6145.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:904.14 GB) (Free:621.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:26.16 GB) (Free:3.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (KINGSTON) (Removable) (Total:7.2 GB) (Free:5.37 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EDDF4297)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 4EFC471C)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0B)
==================== End Of Log ============================
And here's RKreport.txt:
RogueKiller V10.1.2.0 (x64) [Jan 7 2015] by Adlice Software
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Beth [Administrator]
Mode : Scan -- Date : 01/13/2015 19:39:17
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 10 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BthAvrcpTg (\SystemRoot\System32\drivers\BthAvrcpTg.sys) -> Found
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BthHFEnum (\SystemRoot\System32\drivers\bthhfenum.sys) -> Found
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bthhfhid (\SystemRoot\System32\drivers\BthHFHid.sys) -> Found
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1195360697-2828033514-3606766148-1002\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1195360697-2828033514-3606766148-1002\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541010A9E680 SATA Disk Device +++++
--- User ---
[MBR] 96bd96326a9a6aa24224581854f81f0a
[BSP] e1d56229466116be87ebea42773e7356 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK