Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer freezes and proxy setting random changes


  • Please log in to reply

#1
skandranon1971

skandranon1971

    Member

  • Member
  • PipPip
  • 64 posts
Computer freezes and proxy setting random changes - also, it seems to have a hidden user account blocking changes
 
OTL logfile created on: 2/18/2015 9:23:59 PM - Run 11
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jon Lowry\Desktop\Geeks To Go
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 62.13% Memory free
7.60 Gb Paging File | 6.03 Gb Available in Paging File | 79.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.46 Gb Total Space | 122.15 Gb Free Space | 26.24% Space Free | Partition Type: NTFS
 
Computer Name: CARLAGROETZMEIE | User Name: Jon Lowry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/13 12:17:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jon Lowry\Desktop\Geeks To Go\OTL.exe
PRC - [2015/02/06 10:36:42 | 000,232,264 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
PRC - [2015/02/05 07:09:02 | 005,456,720 | ---- | M] (Crawler Group) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2015/02/05 07:08:52 | 003,860,304 | ---- | M] (Crawler Group) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2015/01/26 16:34:59 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/01/21 14:18:38 | 004,535,760 | ---- | M] (PC Drivers HeadQuarters LP) -- C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAO.exe
PRC - [2015/01/21 14:18:38 | 001,684,944 | ---- | M] (PC Drivers HeadQuarters LP) -- C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe
PRC - [2014/12/02 16:34:33 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/05/08 03:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/15 12:58:00 | 000,577,408 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/03/21 10:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/02 11:14:22 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/05/21 01:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/13 08:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 08:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 11:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/02 16:34:38 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/11/12 08:28:44 | 000,452,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\749e98fb5b5796e75b21e41985cafd9d\IAStorUtil.ni.dll
MOD - [2014/11/12 08:14:39 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MOD - [2014/10/24 11:28:17 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014/10/24 11:26:58 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/24 11:26:44 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/24 11:26:35 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/24 11:26:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/24 11:26:00 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/24 11:25:50 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/02 07:00:13 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2011/03/21 10:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 10:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/01/11 18:34:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/12/02 16:34:33 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/11/26 15:37:17 | 001,025,920 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV:64bit: - [2014/04/09 05:13:48 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/12 10:29:36 | 000,534,824 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\Windows\SysNative\ngvpnmgr.exe -- (NgVpnMgr)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2010/06/18 15:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/11/17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 17:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (RemoteAccess)
SRV - [2015/02/09 18:47:00 | 000,088,400 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- C:\Program Files (x86)\Arc\ArcService.exe -- (ArcService)
SRV - [2015/02/06 12:13:34 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/05 07:09:10 | 003,037,520 | ---- | M] (Crawler Group) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2015/01/21 14:18:38 | 001,684,944 | ---- | M] (PC Drivers HeadQuarters LP) [Auto | Running] -- C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe -- (DSAO)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/05/08 03:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/02/15 12:58:00 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/01 14:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/21 01:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/13 08:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/04/03 15:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 11:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 11:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/02/13 12:02:58 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015/02/02 13:15:51 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2014/12/02 16:35:03 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/12/02 16:34:44 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/12/02 16:34:44 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/12/02 16:34:44 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/12/02 16:34:44 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/12/02 16:34:44 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/12/02 16:34:44 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/12/02 16:34:43 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/11/26 15:37:07 | 000,015,920 | ---- | M] (Enigma Software Group USA, LLC.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/04/12 05:38:40 | 000,103,496 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngvpn.sys -- (NgVpn)
DRV:64bit: - [2013/04/12 05:38:40 | 000,031,304 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nglog.sys -- (NgLog)
DRV:64bit: - [2013/04/12 05:38:40 | 000,028,744 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngwfp.sys -- (NgWfp)
DRV:64bit: - [2013/04/12 05:38:40 | 000,026,184 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ngfilter.sys -- (NgFilter)
DRV:64bit: - [2013/02/11 20:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/20 15:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012/08/20 15:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/19 15:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV:64bit: - [2011/12/19 15:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV:64bit: - [2011/12/19 15:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV:64bit: - [2011/12/19 15:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV:64bit: - [2011/12/19 15:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV:64bit: - [2011/11/28 14:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011/10/14 03:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011/09/05 20:04:00 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2011/08/24 11:56:28 | 000,051,496 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2011/05/09 17:09:00 | 000,122,368 | ---- | M] (Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT_U_USBSER.sys -- (Generalusbserialser20675)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/16 14:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/12/01 11:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/01 23:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/08/02 11:14:48 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/28 20:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/31 11:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/03 06:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/24 07:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/19 18:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/02/15 16:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2010/12/01 11:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/01/28 13:46:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/28 13:46:42 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/09/22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/02/15 16:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{CB469F30-480D-4846-B7EB-63F186F828BD}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vosteran.com/...=1153401321&ir=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{89E5D4A6-A38F-4D4C-87DF-EE09063A18EA}: "URL" = http://Vosteran.com/...=1892657414&ir=
IE - HKCU\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://vosteran.com/...=1153401321&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.findamo.c...?&cid=4301ch=2"
FF - prefs.js..extensions.enabledAddons: 
FF - prefs.js..extensions.enabledAddons: 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..keyword.URL: "https://search.yahoo...type=994519&p="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109:  File not found
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader:  File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/26 14:53:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/04 05:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/04 05:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/26 21:07:39 | 000,000,000 | ---D | M]
 
[2013/08/29 06:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Extensions
[2012/03/27 18:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Extensions\[email protected]
[2015/02/13 12:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions
[2015/02/13 12:01:08 | 000,000,000 | ---D | M] (Slick Savings) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}
[2015/02/13 12:01:11 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7}
[2015/02/13 12:01:13 | 000,000,000 | ---D | M] (Ebay Shopping Assistant by Spigot) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C}
[2014/10/02 07:12:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\staged
[2014/12/12 10:37:02 | 000,000,805 | ---- | M] () -- C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
[2013/12/05 23:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/05 21:14:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\JON LOWRY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8MZBHQ3R.DEFAULT\EXTENSIONS\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC}
File not found (No name found) -- C:\USERS\JON LOWRY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8MZBHQ3R.DEFAULT\EXTENSIONS\{8F02605D-BE4E-41BA-BD00-C39A59C46919}
File not found (No name found) -- C:\USERS\JON LOWRY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8MZBHQ3R.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\JON LOWRY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8MZBHQ3R.DEFAULT\EXTENSIONS\[email protected]936311DB9.COM
File not found (No name found) -- C:\USERS\JON LOWRY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8MZBHQ3R.DEFAULT\EXTENSIONS\[email protected]
[2013/10/17 11:25:52 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/11/12 08:13:23 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Browser Extensions) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Browser Extensions) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons.dll ()
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler Group)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : MyAdGuardian Options - {43831889-D47B-4D83-8CAC-67E1BE866056} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2ECEE45-E66C-43D0-BF61-9B61E89D0E19}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E73B43AB-B625-4EF7-932A-B128EF0F8391}: DhcpNameServer = 192.168.15.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/02/07 00:44:47 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/18 21:44:57 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/02/18 21:44:56 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/02/18 21:44:55 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/02/13 12:17:08 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
[2015/02/13 12:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2015/02/13 12:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
[2015/02/13 12:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2015/02/12 16:28:59 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/02/12 16:28:59 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/02/12 16:28:59 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/02/12 16:28:58 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/02/12 16:28:58 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/02/12 16:28:57 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015/02/12 16:28:57 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/02/12 16:28:56 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/02/12 16:28:48 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/02/12 16:28:32 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/02/12 16:28:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/02/12 16:28:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/02/12 16:28:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/02/12 16:28:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/02/12 16:28:30 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/02/12 16:28:30 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/02/12 16:28:29 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/02/12 16:28:29 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/02/12 16:28:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/02/12 16:28:24 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/02/12 16:28:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/02/12 16:28:23 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/02/12 16:28:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/02/12 16:28:21 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/02/12 16:28:21 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/02/12 16:28:20 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/02/12 16:28:20 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/02/12 16:28:20 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/02/12 16:28:18 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/02/12 16:28:17 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/02/12 16:28:15 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/02/12 16:28:13 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/02/12 16:28:12 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/02/12 16:28:10 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/02/12 16:28:08 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/02/12 16:28:08 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/02/12 16:28:06 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/02/12 16:28:05 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/02/12 16:28:03 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/02/12 16:27:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/02/12 16:27:59 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/02/12 16:27:36 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015/02/12 16:27:28 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/02/12 16:27:27 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/02/12 16:27:26 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/02/12 16:27:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/02/12 16:27:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/02/12 16:27:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/02/12 16:27:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/02/12 16:27:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/02/12 16:27:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/02/12 16:27:22 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/02/12 16:27:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/02/12 16:27:20 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/02/12 16:27:09 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/02/12 16:27:08 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/02/12 16:26:57 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015/02/12 16:26:08 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015/02/12 16:26:08 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015/02/12 16:26:02 | 005,554,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/02/12 16:25:59 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/02/12 16:25:58 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/02/12 16:25:55 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/02/12 16:25:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/02/12 16:25:54 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/02/10 12:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Star Trek Online_en
[2015/02/10 12:42:43 | 000,000,000 | -H-D | C] -- C:\ArcTemp
[2015/02/10 12:39:16 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Roaming\Arc
[2015/02/10 12:39:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Arc
[2015/02/10 12:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2015/02/10 12:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arc
[2015/02/10 12:33:37 | 001,294,088 | ---- | C] (Mojang) -- C:\Users\Jon Lowry\Desktop\Minecraft.exe
[2015/02/10 12:17:17 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
[2015/02/10 12:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2015/02/10 12:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015/02/06 12:13:13 | 005,070,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/02/06 11:45:14 | 000,000,000 | -HSD | C] -- C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
[2015/01/28 10:18:57 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Local\{EE94C051-FD92-4553-A11E-48A572F5E434}
[2015/01/26 22:04:49 | 000,000,000 | ---D | C] -- C:\f8e8ddfd1a907b9ad5
[2015/01/26 13:18:36 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Roaming\DigitalSites
[2015/01/26 13:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\Documents\My Kindle Content
[2015/01/26 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2015/01/26 13:12:14 | 000,000,000 | ---D | C] -- C:\Users\Jon Lowry\AppData\Local\Amazon
[2012/12/22 19:20:34 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/18 21:41:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/18 21:31:09 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/18 21:31:09 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/18 21:25:00 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\WSE_Vosteran.job
[2015/02/18 21:20:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/18 21:19:04 | 000,000,132 | ---- | M] () -- C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
[2015/02/18 21:19:00 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2015/02/18 21:18:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/18 21:18:20 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/13 12:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/13 12:02:58 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/13 11:59:10 | 005,043,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/13 11:27:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA.job
[2015/02/12 16:41:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJon Lowry.job
[2015/02/10 12:45:23 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\Star Trek Online.lnk
[2015/02/10 12:37:07 | 000,001,588 | ---- | M] () -- C:\Users\Public\Desktop\Arc.lnk
[2015/02/10 12:33:39 | 001,294,088 | ---- | M] (Mojang) -- C:\Users\Jon Lowry\Desktop\Minecraft.exe
[2015/02/06 12:13:32 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/02/06 12:13:31 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/02/06 12:13:14 | 005,070,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/02/04 21:59:26 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry).job
[2015/02/03 19:16:29 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/02/03 19:16:20 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/02/03 19:16:16 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/02/03 19:16:14 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/02/03 19:16:13 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/02/03 19:16:13 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/02/03 19:13:28 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/02/02 13:15:51 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2015/01/30 17:46:22 | 004,576,690 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/30 17:46:22 | 001,491,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/30 17:46:22 | 000,006,774 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/27 15:36:21 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015/01/26 13:24:33 | 000,001,164 | ---- | M] () -- C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
[2015/01/26 13:17:12 | 000,002,254 | ---- | M] () -- C:\Users\Jon Lowry\Desktop\Kindle.lnk
[2015/01/22 20:42:35 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/01/22 20:41:36 | 006,041,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/01/22 19:43:04 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/01/20 14:27:03 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core.job
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/02/13 12:03:15 | 000,007,799 | ---- | C] () -- C:\Users\Jon Lowry\Desktop\Gina's Pink Lady Cocktails.jpg
[2015/02/10 12:37:07 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\Star Trek Online.lnk
[2015/02/10 12:37:07 | 000,001,588 | ---- | C] () -- C:\Users\Public\Desktop\Arc.lnk
[2015/01/26 13:24:33 | 000,001,164 | ---- | C] () -- C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
[2015/01/26 13:19:13 | 000,000,306 | ---- | C] () -- C:\Windows\tasks\WSE_Vosteran.job
[2015/01/26 13:18:38 | 000,000,306 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2015/01/26 13:12:36 | 000,002,254 | ---- | C] () -- C:\Users\Jon Lowry\Desktop\Kindle.lnk
[2015/01/07 13:27:53 | 000,000,132 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2014/12/28 20:44:08 | 000,234,679 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Local\dsi1.dat
[2014/12/28 20:44:08 | 000,161,916 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Local\dsi2.dat
[2014/12/27 02:56:42 | 000,032,832 | ---- | C] () -- C:\Windows\SysWow64\rnd_chunk.bin
[2014/12/12 10:37:19 | 000,000,064 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
[2014/10/26 18:38:56 | 000,002,058 | ---- | C] () -- C:\Windows\patsearch.bin
[2014/10/26 15:56:09 | 000,000,676 | ---- | C] () -- C:\Windows\PCHealthFix.INI
[2014/09/09 23:14:07 | 000,000,503 | ---- | C] () -- C:\Users\Jon Lowry\.swfinfo
[2014/07/28 17:49:06 | 000,000,132 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
[2014/07/24 14:16:10 | 000,070,144 | ---- | C] () -- C:\Windows\SysWow64\tasks.dll
[2014/06/06 02:18:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2013/12/06 14:53:43 | 000,000,145 | ---- | C] () -- C:\Windows\avast5.ini
[2013/12/02 22:10:54 | 000,172,693 | ---- | C] () -- C:\Windows\hpoins46.dat
[2013/12/02 22:10:54 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2013/11/15 13:49:23 | 000,000,042 | ---- | C] () -- C:\Windows\BDNET32.INI
[2013/04/12 10:31:30 | 000,234,280 | ---- | C] () -- C:\Windows\ngmsi.dll
[2013/04/12 10:30:42 | 000,020,776 | ---- | C] () -- C:\Windows\ngutil.exe
[2013/01/04 20:12:28 | 000,006,144 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/22 19:20:34 | 000,007,859 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
[2012/12/22 19:20:33 | 000,001,167 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
[2012/08/25 11:42:13 | 000,000,008 | RHS- | C] () -- C:\Users\Jon Lowry\ntuser.pol
[2012/05/19 07:48:52 | 000,870,128 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
[2012/03/18 15:06:46 | 000,000,132 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/12/23 15:12:26 | 000,000,097 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
[2011/06/03 14:10:04 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/16 19:50:25 | 000,001,854 | ---- | C] () -- C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
[2011/01/29 10:50:13 | 000,000,124 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 18:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 17:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
< End of report >
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  
    Tonight let Avast do a boot-time scan while you sleep (takes like 6 hours so you don't want to sit and watch it):
     

    How to do a boot-time scan while you sleep:
    First mute the speakers so it won't wake you up when Windows loads.  Click on the orange ball.  (windows may hide the orange ball - click on the up arrow to the left of the clock to see it) Click on Scan, then Scan for Viruses and wait a couple of minutes for the page to change.  Change Quickscan to Boot-time Scan.  Click on Settings.  Where it says Heuristic Sensitivity click on the last rectangle so that all of them are  orange and it says High.  Check both boxes.  Then change When a threat is found ... to:  Move to Chest.  OK.  Now click on Start.  Close the Avast window and then reboot.  The scan will start.  It will tell you where it will save the report.  Usually it's 
    C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.  When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report.  If it found anything then open the aswBoot.txt file and copy and paste it.  If you can't find it then take a screen shot of the Detailed Report:
     

    • 0

    #3
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    Here are the logs:

     

    # AdwCleaner v4.111 - Logfile created 18/02/2015 at 21:36:38
    # Updated 18/02/2015 by Xplode
    # Database : 2015-02-18.3 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Jon Lowry - CARLAGROETZMEIE
    # Running from : C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    # Option : Cleaning
     
    ***** [ Services ] *****
    AdwCleaner crashed on cleaning process.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.2 (02.02.2015:1)
    OS: Windows 7 Home Premium x64
    Ran by Jon Lowry on Wed 02/18/2015 at 21:38:22.62
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
     
     
     
    ~~~ Registry Keys
     
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\tasks_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\tasks_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\tasks_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\tasks_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{89E5D4A6-A38F-4D4C-87DF-EE09063A18EA}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
     
     
     
    ~~~ Files
     
    Successfully deleted: [File] C:\Users\Jon Lowry\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] C:\Users\Jon Lowry\AppData\Roaming\DigitalSites
    Successfully deleted: [Folder] "C:\Users\Jon Lowry\AppData\Roaming\getrighttogo"
    Successfully deleted: [Folder] "C:\Users\Jon Lowry\AppData\Roaming\opencandy"
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{00B47D63-91BF-4EE3-91BA-8C3364006BB0}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{16FACB6B-1268-4014-932F-0A7B3C43F9F4}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{29FDA4EE-C07E-46A6-884F-DB0975D8892B}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{412623D3-FF1D-458C-B038-59B5DFC126D0}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{5C48886D-90AE-46DB-9E44-896E1EE69C26}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{7C2A5550-1CD6-492E-B2E5-C5F1E474589E}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{82C7B96D-EA78-4C45-B316-BD488EE4477F}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{BD19F727-610C-40C2-A1B9-0350EF714F4F}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{C8882280-95FC-4A53-AC5F-05BDAB7CE831}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{CD3AA251-D2BC-42ED-9A8A-03FFD9AB4786}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{E0D7C6B2-61AC-4DDE-A1F1-13D58286ED9E}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{EE94C051-FD92-4553-A11E-48A572F5E434}
    Successfully deleted: [Empty Folder] C:\Users\Jon Lowry\appdata\local\{FCADB128-224B-4B40-9C72-340353575F52}
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 02/18/2015 at 21:45:02.69
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
    Ran by Jon Lowry (administrator) on CARLAGROETZMEIE on 18-02-2015 21:47:14
    Running from C:\Users\Jon Lowry\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2011-02-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-02-05] (Crawler Group)
    HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-02-05] (Crawler Group)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {CB469F30-480D-4846-B7EB-63F186F828BD} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-538650268-2924358156-1730836174-1000 -> DefaultScope {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA} URL = 
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default
    FF NewTab: hxxp://www.findamo.com?&cid=4301ch=2
    FF Homepage: hxxp://www.findamo.com?&cid=4301ch=2
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jon Lowry\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
    FF Extension: Slick Savings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-02-13]
    FF Extension: Start Page - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-02-13]
    FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2015-02-13]
    FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
    FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-26]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
    FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
    FF HKU\.DEFAULT\...\Firefox\Extensions: [{20A9B678-3351-236B-717C-D84680F6C4F5}] - C:\Program Files (x86)\ver0SpeeditUp\181.xpi
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ggfc_15_05&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtC0CtDyCyD0Czy0FtBtCtN0D0Tzu0StCtCtBtCtN1L2XzutAtFyBtFtAtFyEtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyDzzzyyC0EyB0AyDtG0E0FtByBtGtAyC0EtCtGtD0D0B0AtGtCtBtAyCzyzzzytA0C0C0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0DzzyEyEtCyE0BtGyE0CtCzytGyEzz0DtBtGzyyByC0AtG0D0A0CtC0A0DzytA0AyB0FtB2Q&cr=1153401321&ir=", "hxxp://Vosteran.com/?f=7&a=vst_ggbc_15_1_other&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtC0CtDyCyD0Czy0FtBtCtN0D0Tzu0StCtDzytBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCzzyCzyzztAtC0CtG0B0DtC0BtGyC0EtCzytGzzyBtBtAtGyBtBtB0A0E0C0EtC0BtDtC0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0DzzyEyEtCyE0BtGyE0CtCzytGyEzz0DtBtGzyyByC0AtG0D0A0CtC0A0DzytA0AyB0FtB2Q&cr=1892657414&ir="
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]
    CHR Extension: (YouTube) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-08]
    CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-08]
    CHR Extension: (Avast Online Security) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-08]
    CHR Extension: (Google Wallet) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
    CHR Extension: (Gmail) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-08]
    CHR HKU\S-1-5-21-538650268-2924358156-1730836174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-07]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-02-09] (Perfect World Entertainment Inc)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S2 DSAO; C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe [1684944 2015-01-21] (PC Drivers HeadQuarters LP)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-01-28] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent) [File not signed]
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [534824 2013-04-12] (Aventail Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-26] (Enigma Software Group USA, LLC.)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
    R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
    R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-26] (Enigma Software Group USA, LLC.)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
    S2 MCSTRM; No ImagePath
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2013-04-12] (Aventail Corporation)
    R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2013-04-12] (Aventail Corporation)
    R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2013-04-12] (Aventail Corporation)
    R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2013-04-12] (Aventail Corporation)
    R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) [File not signed]
    R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-02-02] ()
    S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
    S1 SydexFDD; system32\drives\sydexfdd.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:47 - 2015-02-18 21:48 - 00028714 _____ () C:\Users\Jon Lowry\Desktop\FRST.txt
    2015-02-18 21:45 - 2015-02-18 21:45 - 00004716 _____ () C:\Users\Jon Lowry\Desktop\JRT.txt
    2015-02-18 21:44 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-18 21:44 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-18 21:30 - 2015-02-18 21:30 - 02087424 _____ (Farbar) C:\Users\Jon Lowry\Desktop\FRST64.exe
    2015-02-18 21:29 - 2015-02-18 21:29 - 01388274 _____ (Thisisu) C:\Users\Jon Lowry\Desktop\JRT.exe
    2015-02-18 21:26 - 2015-02-18 21:26 - 02126848 _____ () C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    2015-02-13 12:17 - 2015-02-18 21:25 - 00000000 ____D () C:\ProgramData\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
    2015-02-13 12:16 - 2015-02-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
    2015-02-13 11:57 - 2015-02-18 21:18 - 00002016 _____ () C:\Windows\setupact.log
    2015-02-13 11:57 - 2015-02-13 11:57 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-12 16:28 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-12 16:28 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-12 16:28 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-12 16:28 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-12 16:28 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-12 16:28 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-12 16:28 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-12 16:28 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-12 16:28 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-12 16:28 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-12 16:28 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-12 16:28 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-12 16:28 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-12 16:28 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-12 16:28 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-12 16:27 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-12 16:27 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-12 16:27 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-12 16:27 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-12 16:27 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-12 16:27 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-12 16:27 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-12 16:27 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-12 16:27 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-12 16:27 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-12 16:27 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-12 16:27 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-12 16:27 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-12 16:27 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-12 16:27 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-12 16:27 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-12 16:27 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-02-12 16:26 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-12 16:26 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-12 16:26 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-12 16:26 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-12 16:26 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-12 16:25 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-12 16:25 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-12 16:24 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-10 12:45 - 2015-02-13 11:58 - 00000000 ____D () C:\Program Files (x86)\Star Trek Online_en
    2015-02-10 12:42 - 2015-02-10 12:45 - 00000000 ___HD () C:\ArcTemp
    2015-02-10 12:39 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Arc
    2015-02-10 12:39 - 2015-02-10 12:39 - 00000000 ____D () C:\Users\Public\Documents\Arc
    2015-02-10 12:37 - 2015-02-12 16:11 - 00000000 ____D () C:\Program Files (x86)\Arc
    2015-02-10 12:37 - 2015-02-10 12:45 - 00001873 _____ () C:\Users\Public\Desktop\Star Trek Online.lnk
    2015-02-10 12:37 - 2015-02-10 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2015-02-10 12:37 - 2015-02-10 12:37 - 00001588 _____ () C:\Users\Public\Desktop\Arc.lnk
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Jon Lowry\Downloads\Log
    2015-02-10 12:33 - 2015-02-10 12:33 - 01294088 _____ (Mojang) C:\Users\Jon Lowry\Desktop\Minecraft.exe
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Program Files\Microsoft Research
    2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-06 12:13 - 2015-02-06 12:13 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-06 11:45 - 2015-02-06 11:45 - 00000000 __SHD () C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
    2015-01-28 10:16 - 2015-01-28 10:16 - 00614645 _____ () C:\Users\Jon Lowry\Downloads\cartoon-bones.zip
    2015-01-28 10:16 - 2015-01-28 10:16 - 00153772 _____ () C:\Users\Jon Lowry\Downloads\caligraf-1435.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00439345 _____ () C:\Users\Jon Lowry\Downloads\booter.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00010105 _____ () C:\Users\Jon Lowry\Downloads\treasure.zip
    2015-01-28 10:14 - 2015-01-28 10:14 - 00037376 _____ () C:\Users\Jon Lowry\Downloads\GEP 2014 Dues breakdown.xls
    2015-01-28 10:14 - 2015-01-28 10:14 - 00015974 _____ () C:\Users\Jon Lowry\Downloads\arrr-matey-bb.zip
    2015-01-26 22:04 - 2015-01-26 21:05 - 00000000 ____D () C:\f8e8ddfd1a907b9ad5
    2015-01-26 21:10 - 2015-02-18 21:29 - 01215757 _____ () C:\Windows\WindowsUpdate.log
    2015-01-26 13:24 - 2015-01-26 13:24 - 00001164 _____ () C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
    2015-01-26 13:19 - 2015-02-18 21:25 - 00000306 _____ () C:\Windows\Tasks\WSE_Vosteran.job
    2015-01-26 13:19 - 2015-01-26 13:25 - 00003264 _____ () C:\Windows\System32\Tasks\WSE_Vosteran
    2015-01-26 13:18 - 2015-02-18 21:19 - 00000306 _____ () C:\Windows\Tasks\Digital Sites.job
    2015-01-26 13:18 - 2015-01-26 13:19 - 00002672 _____ () C:\Windows\System32\Tasks\Digital Sites
    2015-01-26 13:12 - 2015-01-26 21:33 - 00000000 ____D () C:\Users\Jon Lowry\Documents\My Kindle Content
    2015-01-26 13:12 - 2015-01-26 13:17 - 00002254 _____ () C:\Users\Jon Lowry\Desktop\Kindle.lnk
    2015-01-26 13:12 - 2015-01-26 13:16 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Amazon
    2015-01-26 13:12 - 2015-01-26 13:12 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:48 - 2013-04-13 13:35 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Carla's stuff
    2015-02-18 21:47 - 2013-12-10 19:06 - 00000000 ____D () C:\FRST
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spotify
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Spotify
    2015-02-18 21:41 - 2011-06-10 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-18 21:37 - 2013-08-21 12:56 - 00000000 ____D () C:\AdwCleaner
    2015-02-18 21:35 - 2013-09-26 17:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-02-18 21:35 - 2011-02-14 16:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-02-18 21:34 - 2011-07-05 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-18 21:32 - 2011-03-28 14:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Azureus
    2015-02-18 21:30 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:30 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:24 - 2013-09-06 14:42 - 00000000 ___RD () C:\Users\Jon Lowry\Dropbox
    2015-02-18 21:24 - 2013-09-05 00:05 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Dropbox
    2015-02-18 21:19 - 2014-07-28 17:49 - 00000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2015-02-18 21:19 - 2014-04-24 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-18 21:18 - 2014-10-27 18:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-18 21:18 - 2009-07-13 21:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-02-18 21:18 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-18 21:17 - 2014-12-11 12:46 - 00005002 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier
    2015-02-13 12:18 - 2014-04-28 11:21 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Geeks To Go
    2015-02-13 12:13 - 2013-01-15 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003860 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMScan
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003822 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMUpdater
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003808 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMRules
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003644 _____ () C:\Windows\System32\Tasks\Driver Detective
    2015-02-13 12:02 - 2014-11-16 00:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-13 12:00 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Kraken's Revenge
    2015-02-13 12:00 - 2014-12-12 10:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions
    2015-02-13 11:59 - 2009-07-13 20:45 - 05043504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-13 11:57 - 2014-12-18 11:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-13 11:57 - 2014-05-10 23:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-13 11:38 - 2009-07-13 18:34 - 00000615 _____ () C:\Windows\win.ini
    2015-02-13 11:29 - 2013-07-11 03:13 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-13 11:27 - 2012-08-10 13:22 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA.job
    2015-02-13 11:13 - 2011-02-02 11:59 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-12 16:41 - 2014-12-22 14:07 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job
    2015-02-12 16:19 - 2013-06-07 11:46 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\HpUpdate
    2015-02-10 12:37 - 2010-07-15 11:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-10 12:26 - 2013-09-06 14:41 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-10 12:26 - 2012-03-01 13:57 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Calibre Library
    2015-02-09 12:41 - 2011-11-22 06:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2015-02-08 12:59 - 2012-03-01 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2015-02-08 12:53 - 2012-03-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Calibre2
    2015-02-07 15:35 - 2014-12-28 20:46 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-06 12:13 - 2013-01-15 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-06 12:13 - 2013-01-15 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-06 12:13 - 2011-05-18 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-06 11:42 - 2013-11-01 22:17 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Outlook Files
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-04 21:59 - 2014-12-28 20:40 - 00000374 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry).job
    2015-02-02 13:31 - 2014-12-28 20:45 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2015-02-02 13:15 - 2014-12-28 20:46 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-01-30 17:46 - 2009-07-13 21:13 - 00006774 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-28 10:11 - 2011-01-23 02:26 - 00134176 _____ () C:\Users\Jon Lowry\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-26 13:21 - 2014-12-28 20:45 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2015-01-23 11:47 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-20 14:27 - 2012-08-10 13:22 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core.job
    2015-01-19 10:41 - 2014-12-22 14:07 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJon Lowry
     
    ==================== Files in the root of some directories =======
     
    2015-01-07 13:27 - 2015-01-07 13:27 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2012-03-18 15:06 - 2014-12-27 02:54 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2011-05-16 19:50 - 2011-10-31 21:18 - 0001854 _____ () C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
    2012-05-19 07:48 - 2013-01-24 06:08 - 0870128 _____ () C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
    2012-12-22 19:20 - 2013-07-12 23:19 - 0007859 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
    2012-12-22 19:20 - 2013-07-12 23:19 - 0001167 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
    2012-12-22 19:20 - 2013-07-12 23:19 - 0000055 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.log
    2012-12-22 19:20 - 2013-07-12 23:19 - 0082816 _____ (VSO Software) C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
    2014-07-28 17:49 - 2015-02-18 21:19 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2013-08-10 21:39 - 2013-08-12 05:44 - 0031644 _____ () C:\Users\Jon Lowry\AppData\Local\av.log
    2014-12-12 10:37 - 2014-12-12 10:37 - 0000064 _____ () C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
    2013-01-04 20:12 - 2013-08-07 02:07 - 0006144 _____ () C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-28 20:44 - 2014-12-28 20:44 - 0234679 _____ () C:\Users\Jon Lowry\AppData\Local\dsi1.dat
    2014-12-28 20:44 - 2014-12-28 20:44 - 0161916 _____ () C:\Users\Jon Lowry\AppData\Local\dsi2.dat
    2011-12-23 15:12 - 2011-12-23 15:12 - 0000097 _____ () C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
    2011-03-28 14:38 - 2011-03-28 14:38 - 0000032 _____ () C:\Users\Jon Lowry\AppData\Local\xobni_installer_updater.log
    2011-01-29 10:50 - 2014-05-19 20:55 - 0000124 ___SH () C:\ProgramData\.zreglib
    2011-01-24 11:22 - 2014-09-13 11:07 - 0027386 _____ () C:\ProgramData\hpzinstall.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-15 13:11 - 2010-07-15 13:12 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-15 13:07 - 2010-07-15 13:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-15 13:06 - 2010-07-15 13:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-15 13:07 - 2010-07-15 13:11 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
     
    Some content of TEMP:
    ====================
    C:\Users\Jon Lowry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj81da.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel0.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel1.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\Quarantine.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-02-13 11:06
     
    ==================== End Of Log ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
    Ran by Jon Lowry at 2015-02-18 21:49:26
    Running from C:\Users\Jon Lowry\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    3D Home Architect Home Design Deluxe 6 (HKLM-x32\...\InstallShield_{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}) (Version: 6.00.0000 - Broderbund)
    3D Home Architect Home Design Deluxe 6 (x32 Version: 6.00.0000 - Broderbund) Hidden
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
    Akamai NetSession Interface (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.9.0 - SlySoft)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.62.196 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.62.196 - SonicWALL Inc) Hidden
    Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.320 - SonicWALL Aventail)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
    Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Browser Extensions (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    calibre (HKLM-x32\...\{7C1B7566-C44C-4436-B08D-636337C7C665}) (Version: 2.19.0 - Kovid Goyal)
    Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support Active Optimization (HKLM-x32\...\{63801EFF-1F3D-4D53-A9B4-25A2061CF3E2}) (Version: 1.0.4.7818 - PC Drivers HeadQuarters LP)
    Dropbox (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Extended Update (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
    Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
    Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
    Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    Image Composite Editor (HKLM\...\{380B7D01-4411-4D5D-AB9A-2A12FA315481}) (Version: 2.0.2 - Microsoft Corporation)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
    MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
    Mplayer 0.6.9 (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nidesoft DVD to AVI Converter Platinum v5.0 (HKLM-x32\...\Nidesoft DVD to AVI Converter Platinum_is1) (Version:  - Nidesoft Studio)
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
    QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spotify (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Stitch Era Universal (HKLM-x32\...\{117221E4-6B20-4595-BCF8-286468364B57}) (Version: 11.30 - Sierra Technology Group SA)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Unity Web Player (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
    WinImage (HKLM-x32\...\WinImage) (Version:  - )
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
    WinX DVD Author 6.3 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
    WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{8b2299d9-a6ce-4697-954f-718188b26cf6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{cd203956-34d7-406f-978b-3ff3c677708c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Restore Points  =========================
     
    13-02-2015 12:09:27 Windows Update
    13-02-2015 12:22:47 Removed service pack backup files
    13-02-2015 12:53:21 Installed DirectX
    18-02-2015 21:31:48 Windows Update
    18-02-2015 21:33:16 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-02-07 00:31 - 2014-11-12 08:13 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {01B68D5A-8E09-4A29-9387-DA754C41BD4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {0A441A4F-538D-4DF5-8D2C-E31743217147} - System32\Tasks\Check Updates => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1B2F0572-5416-4647-94DE-4DE76EBA27BF} - System32\Tasks\Validate Installation => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1F09685D-CAD9-4E68-946B-B50B5A191459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {317133E5-92BA-4435-ACF8-7AFC526A2A78} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Users\Jon Lowry\AppData\Local\GeniusBox\client.exe"
    Task: {336ED6BE-4CA7-405E-B340-D5A07F858C97} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {43F7265C-490F-4AA9-8B69-02F9F833D97A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {49F735B7-D4AC-47E8-A64B-6E89A93969E8} - System32\Tasks\{7B76C20D-C73E-4650-908C-05C9FA248705} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65900
    Task: {4F5A0FE5-2186-4857-AAE6-91B0862813D9} - System32\Tasks\AdobeAAMUpdater-1.0-JonLowry-HP-Jon Lowry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {67093662-96A7-4B6D-83C3-0615B59B03F6} - \{C55B795D-1FC1-4A36-AB96-FF25D4E08F54} No Task File <==== ATTENTION
    Task: {70A3A76A-8A55-492C-9AC2-01CCE7F4FE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {73C09C2B-B3BE-4A72-AB85-EA3D923BB7CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
    Task: {7FB07DDB-2792-4DE2-9210-A87BA1C86AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {80DD6408-0D37-46CE-8C61-7DE2E8E6433A} - System32\Tasks\WSE_Vosteran => C:\Users\JONLOW~1\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {837D8611-791E-4150-9C7D-732943BD4ACA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
    Task: {8D2F19A0-A67B-45B9-894A-53C6BB12C94F} - System32\Tasks\Driver Detective => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {96EDDD3A-636A-4EB1-9F08-205AFDA11119} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {A3E483DF-5EE2-495D-B541-F69C269639DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {A986945B-2301-4B1D-A825-A862F3670DD8} - System32\Tasks\{F967C586-0347-4CC0-A8D0-5FFDB5547DF0} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B57B8587-1A4E-4B67-A4C8-33074EE6FC52} - System32\Tasks\{295CD046-BB03-4242-9AC9-352599CCE0B9} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B6E7EFA2-2AE6-447E-99D7-F9D59574A01A} - System32\Tasks\Digital Sites => C:\Users\JONLOW~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {B9E77F31-4A63-4B57-826B-D176A282D2F2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
    Task: {CAD644F0-F30D-4FC3-AAB5-2B883CB6B5EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {CB34AF4D-833E-4E58-A665-4B1B5308AB05} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {D621DF4F-A224-4B17-A4BB-9D0185802320} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {DDCBFF31-CDF9-4CDD-87A6-37B4606ADA41} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
    Task: {E038FBBD-C5A9-4CC0-9E27-461A3131A519} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {E582A659-33D1-442B-9A8A-78D1F4079EFD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
    Task: {F21DAA86-822C-41EC-BEAA-E66E67DE2F16} - System32\Tasks\HPCeeScheduleForJon Lowry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {F3BA2ECB-51CD-4D63-9876-9E4500693B5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {F438A944-39F2-4DB5-9518-08D8D99EA88B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F800B797-8F84-4A00-A941-01C35959EC2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
    Task: {FA93F109-BB75-4A50-871F-313583F9CDB2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WOLFLING => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\JONLOW~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE/Check
    Jon Lowry0Ò¥< <==== ATTENTION
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core.job => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA.job => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: C:\Windows\Tasks\WSE_Vosteran.job => C:\Users\JONLOW~1\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE/Check
    Jon Lowry0Ö ¥< <==== ATTENTION
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2013-04-12 10:31 - 2013-04-12 10:31 - 00234280 _____ () C:\Windows\ngmsi.dll
    2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2011-02-08 15:31 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2015-02-18 21:25 - 2015-02-18 21:25 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15022100\algo.dll
    2015-02-18 21:23 - 2015-02-18 21:23 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15022201\algo.dll
    2014-12-02 16:34 - 2014-12-02 16:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-24 11:20 - 2014-10-24 11:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\da40cdf070dc5174aa4c9319ddc006da\IsdiInterop.ni.dll
    2010-12-27 14:13 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 68.105.28.12 - 68.105.29.12
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: (default) => 
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-538650268-2924358156-1730836174-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-538650268-2924358156-1730836174-1005 - Limited - Enabled)
    Guest (S-1-5-21-538650268-2924358156-1730836174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-538650268-2924358156-1730836174-1002 - Limited - Enabled)
    Jon Lowry (S-1-5-21-538650268-2924358156-1730836174-1000 - Administrator - Enabled) => C:\Users\Jon Lowry
    Mcx1-WOLFLING (S-1-5-21-538650268-2924358156-1730836174-1009 - Limited - Enabled) => C:\Users\Mcx1-WOLFLING.WOLFLING
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Deskjet F4500 series
    Description: Deskjet F4500 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
     
    Microsoft Office Sessions:
    =========================
     
    CodeIntegrity Errors:
    ===================================
      Date: 2013-12-06 15:01:19.260
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.949
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.621
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.279
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.642
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.455
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.284
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.680
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.508
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 42%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 2254.84 MB
    Total Pagefile: 7785.91 MB
    Available Pagefile: 5824.48 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:465.46 GB) (Free:122.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 1D505CB8)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=103 MB) - (Type=0C)
     
    ==================== End Of Log ============================
    02/18/2015 21:18
    Scan of all local drives
     
    File C:\$RECYCLE.BIN\S-1-5-21-538650268-2924358156-1730836174-1000\$R5IGQCH.exe is infected by Win32:Malware-gen, Moved to chest
    File C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze\bunndle.zip.vir|>Bunndle.exe Error 42125 {ZIP archive is corrupted.}
    File C:\AdwCleaner\Quarantine\C\Users\Jon Lowry\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir|>classes.dex is infected by Android:Mobserv-E [PUP], Moved to chest
    File C:\AdwCleaner\Quarantine\C\Users\Jon Lowry\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.35.zip.vir|>Mobogenie\MUServer.apk|>classes.dex is infected by Android:Mobserv-E [PUP], Moved to chest
    File C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp|>groove-x-none.msp|>01MsiPatchSequence Error 42144 {OLE archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp|>groove-x-none.msp|>PATCH_CAB|>GROOVEINTLRESOURCE.DLL.x64.1025 Error 42127 {CAB archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp|>groove-x-none.msp|>PATCH_CAB Error 42144 {OLE archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp|>groove-x-none.msp|>01_StringData Error 42144 {OLE archive is corrupted.}
    File C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp|>groove-x-none.msp Error 42127 {CAB archive is corrupted.}
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\fmCACV4H8C.js is infected by JS:Redirector-BWW [Adw]
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[1].js is infected by JS:Redirector-BWW [Adw]
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[2].js is infected by JS:Redirector-BWW [Adw]
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[3].js is infected by JS:Redirector-BWW [Adw], Moved to chest
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch is infected by Win32:IBryte-JX [PUP]
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch is infected by Win32:IBryte-JX [PUP]
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.5556.534397 is infected by Win32:IBryte-JX [PUP]
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.6660.147404283 is infected by Win32:IBryte-JX [PUP]
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.5556.534397 is infected by Win32:IBryte-JX [PUP]
    File C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.6660.147404283 is infected by Win32:IBryte-JX [PUP]
    File C:\_OTL\MovedFiles\12082013_173134\C_Users\Jon Lowry\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk|>classes.dex is infected by Android:Mobserv-E [PUP], Moved to chest
    File C:\_OTL\MovedFiles\12082013_173134\C_Users\Jon Lowry\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip|>Mobogenie\MUServer.apk|>classes.dex is infected by Android:Mobserv-E [PUP], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}
    File C:\Program Files\Common Files\System\SysMenu.dll is infected by Win32:Adware-CDO [PUP], Move to chest: Error 0xC000007F {An operation failed because the disk was full.}
    File C:\Program Files\Common Files\System\SysMenu64.dll is infected by Win32:Adware-CDO [PUP]
     
     
    The boot scan also stopped moving things to the chest due to disk drive full error message.  But I show 122GB free on the drive.
     
     

     


    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    What Avast meant is that its chest was full.  It only allocates a certain amount of memory for the chest.  I will have FRST take care of the things that Avast didn't.  You probably need to empty the chest.

     

    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
     

    • 0

    #5
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    Here are the logs:

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-02-2015
    Ran by Jon Lowry at 2015-02-18 21:27:43 Run:4
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF HKU\.DEFAULT\...\Firefox\Extensions: [{20A9B678-3351-236B-717C-D84680F6C4F5}] - C:\Program Files (x86)\ver0SpeeditUp\181.xpi
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ggfc_15_05&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtC0CtDyCyD0Czy0FtBtCtN0D0Tzu0StCtCtBtCtN1L2XzutAtFyBtFtAtFyEtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyDzzzyyC0EyB0AyDtG0E0FtByBtGtAyC0EtCtGtD0D0B0AtGtCtBtAyCzyzzzytA0C0C0Bzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0DzzyEyEtCyE0BtGyE0CtCzytGyEzz0DtBtGzyyByC0AtG0D0A0CtC0A0DzytA0AyB0FtB2Q&cr=1153401321&ir=", "hxxp://Vosteran.com/?f=7&a=vst_ggbc_15_1_other&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtC0CtDyCyD0Czy0FtBtCtN0D0Tzu0StCtDzytBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCzzyCzyzztAtC0CtG0B0DtC0BtGyC0EtCzytGzzyBtBtAtGyBtBtB0A0E0C0EtC0BtDtC0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0DzzyEyEtCyE0BtGyE0CtCzytGyEzz0DtBtGzyyByC0AtG0D0A0CtC0A0DzytA0AyB0FtB2Q&cr=1892657414&ir="
    S2 DSAO; C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe [1684944 2015-01-21] (PC Drivers HeadQuarters LP)
    S2 MCSTRM; No ImagePath
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-02-02] ()
    S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
    S1 SydexFDD; system32\drives\sydexfdd.sys [X]
    2015-01-26 13:19 - 2015-02-18 21:25 - 00000306 _____ () C:\Windows\Tasks\WSE_Vosteran.job
    2015-01-26 13:19 - 2015-01-26 13:25 - 00003264 _____ () C:\Windows\System32\Tasks\WSE_Vosteran
    2015-01-26 13:18 - 2015-02-18 21:19 - 00000306 _____ () C:\Windows\Tasks\Digital Sites.job
    2015-01-26 13:18 - 2015-01-26 13:19 - 00002672 _____ () C:\Windows\System32\Tasks\Digital Sites
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel0.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel1.exe
    Task: {67093662-96A7-4B6D-83C3-0615B59B03F6} - \{C55B795D-1FC1-4A36-AB96-FF25D4E08F54} No Task File <==== ATTENTION
    Task: {80DD6408-0D37-46CE-8C61-7DE2E8E6433A} - System32\Tasks\WSE_Vosteran => C:\Users\JONLOW~1\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\JONLOW~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE/Check
    Jon Lowry0Ò¥< <==== ATTENTION
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: C:\Windows\Tasks\WSE_Vosteran.job => C:\Users\JONLOW~1\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE/Check
    Jon Lowry0Ö ¥< <==== ATTENTION
    C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp
    C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\fmCACV4H8C.js
    C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[1].js 
    C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[2].js 
    C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[3].js
    C:\Program Files\Common Files\System\SysMenu.dll
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core.job => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA.job => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {DDCBFF31-CDF9-4CDD-87A6-37B4606ADA41} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
    Task: {B9E77F31-4A63-4B57-826B-D176A282D2F2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA => C:\Users\Jon Lowry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
     
    *****************
     
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
    HKU\.DEFAULT\Software\Mozilla\Firefox\Extensions\\{20A9B678-3351-236B-717C-D84680F6C4F5} => value deleted successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] not found.
    Chrome StartupUrls deleted successfully.
    DSAO => Service stopped successfully.
    DSAO => Service deleted successfully.
    MCSTRM => Service deleted successfully.
    SWDUMon => Service deleted successfully.
    MREMP50a64 => Service deleted successfully.
    MREMPR5 => Service deleted successfully.
    MRENDIS5 => Service deleted successfully.
    MRESP50a64 => Service deleted successfully.
    SydexFDD => Service deleted successfully.
    C:\Windows\Tasks\WSE_Vosteran.job => Moved successfully.
    C:\Windows\System32\Tasks\WSE_Vosteran => Moved successfully.
    C:\Windows\Tasks\Digital Sites.job => Moved successfully.
    C:\Windows\System32\Tasks\Digital Sites => Moved successfully.
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
    C:\Users\Jon Lowry\AppData\Local\Temp\i4jdel1.exe => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67093662-96A7-4B6D-83C3-0615B59B03F6}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67093662-96A7-4B6D-83C3-0615B59B03F6}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C55B795D-1FC1-4A36-AB96-FF25D4E08F54}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80DD6408-0D37-46CE-8C61-7DE2E8E6433A}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80DD6408-0D37-46CE-8C61-7DE2E8E6433A}" => Key deleted successfully.
    C:\Windows\System32\Tasks\WSE_Vosteran not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Vosteran" => Key deleted successfully.
    C:\Windows\Tasks\Digital Sites.job not found.
    Jon Lowry0Ò¥< <==== ATTENTION => Error: No automatic fix found for this entry.
    C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry).job => Moved successfully.
    C:\Windows\Tasks\WSE_Vosteran.job not found.
    Jon Lowry0Ö ¥< <==== ATTENTION => Error: No automatic fix found for this entry.
    C:\Windows\SoftwareDistribution\Download\4876161437432c48a1a22b993a2f9f53\BIT48C.tmp => Moved successfully.
    "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\fmCACV4H8C.js" => File/Directory not found.
    "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[1].js" => File/Directory not found.
    "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[2].js" => File/Directory not found.
    "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\pop[3].js" => File/Directory not found.
    C:\Program Files\Common Files\System\SysMenu.dll => Moved successfully.
    C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core.job => Moved successfully.
    C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA.job => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDCBFF31-CDF9-4CDD-87A6-37B4606ADA41}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDCBFF31-CDF9-4CDD-87A6-37B4606ADA41}" => Key deleted successfully.
    C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000Core" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9E77F31-4A63-4B57-826B-D176A282D2F2}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9E77F31-4A63-4B57-826B-D176A282D2F2}" => Key deleted successfully.
    C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-538650268-2924358156-1730836174-1000UA" => Key deleted successfully.
     
    ==== End of Fixlog 21:27:47 ====
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
    Ran by Jon Lowry (administrator) on CARLAGROETZMEIE on 18-02-2015 21:23:30
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2011-02-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-02-05] (Crawler Group)
    HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-02-05] (Crawler Group)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {CB469F30-480D-4846-B7EB-63F186F828BD} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-538650268-2924358156-1730836174-1000 -> DefaultScope {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA} URL = 
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default
    FF NewTab: hxxp://www.findamo.com?&cid=4301ch=2
    FF Homepage: hxxp://www.findamo.com?&cid=4301ch=2
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jon Lowry\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
    FF Extension: Slick Savings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-02-13]
    FF Extension: Start Page - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-02-13]
    FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2015-02-13]
    FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
    FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-26]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
    FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]
    CHR Extension: (YouTube) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-08]
    CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-08]
    CHR Extension: (Avast Online Security) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-08]
    CHR Extension: (Google Wallet) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
    CHR Extension: (Gmail) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-08]
    CHR HKU\S-1-5-21-538650268-2924358156-1730836174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-07]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-02-09] (Perfect World Entertainment Inc)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-01-28] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent) [File not signed]
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [534824 2013-04-12] (Aventail Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    S2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-26] (Enigma Software Group USA, LLC.)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
    R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
    R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-26] (Enigma Software Group USA, LLC.)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2013-04-12] (Aventail Corporation)
    R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2013-04-12] (Aventail Corporation)
    R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2013-04-12] (Aventail Corporation)
    R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2013-04-12] (Aventail Corporation)
    R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) [File not signed]
    R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:44 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-18 21:44 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-18 21:30 - 2015-02-18 21:31 - 00042188 _____ () C:\Users\Jon Lowry\Desktop\Addition.txt
    2015-02-18 21:30 - 2015-02-18 21:30 - 02087424 _____ (Farbar) C:\Users\Jon Lowry\Desktop\FRST64.exe
    2015-02-18 21:29 - 2015-02-18 21:29 - 01388274 _____ (Thisisu) C:\Users\Jon Lowry\Desktop\JRT.exe
    2015-02-18 21:28 - 2015-02-18 21:23 - 00027656 _____ () C:\Users\Jon Lowry\Desktop\FRST.txt
    2015-02-18 21:26 - 2015-02-18 21:26 - 02126848 _____ () C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    2015-02-18 21:23 - 2015-02-18 21:23 - 00010142 _____ () C:\Users\Jon Lowry\Downloads\fixlist (1).txt
    2015-02-13 12:17 - 2015-02-18 21:23 - 00000000 ____D () C:\ProgramData\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
    2015-02-13 12:16 - 2015-02-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
    2015-02-13 11:57 - 2015-02-18 21:18 - 00002240 _____ () C:\Windows\setupact.log
    2015-02-13 11:57 - 2015-02-13 11:57 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-12 16:28 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-12 16:28 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-12 16:28 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-12 16:28 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-12 16:28 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-12 16:28 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-12 16:28 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-12 16:28 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-12 16:28 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-12 16:28 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-12 16:28 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-12 16:28 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-12 16:28 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-12 16:28 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-12 16:28 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-12 16:27 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-12 16:27 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-12 16:27 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-12 16:27 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-12 16:27 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-12 16:27 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-12 16:27 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-12 16:27 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-12 16:27 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-12 16:27 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-12 16:27 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-12 16:27 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-12 16:27 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-12 16:27 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-12 16:27 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-12 16:27 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-12 16:27 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-02-12 16:26 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-12 16:26 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-12 16:26 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-12 16:26 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-12 16:26 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-12 16:25 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-12 16:25 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-12 16:24 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-10 12:45 - 2015-02-13 11:58 - 00000000 ____D () C:\Program Files (x86)\Star Trek Online_en
    2015-02-10 12:42 - 2015-02-10 12:45 - 00000000 ___HD () C:\ArcTemp
    2015-02-10 12:39 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Arc
    2015-02-10 12:39 - 2015-02-10 12:39 - 00000000 ____D () C:\Users\Public\Documents\Arc
    2015-02-10 12:37 - 2015-02-12 16:11 - 00000000 ____D () C:\Program Files (x86)\Arc
    2015-02-10 12:37 - 2015-02-10 12:45 - 00001873 _____ () C:\Users\Public\Desktop\Star Trek Online.lnk
    2015-02-10 12:37 - 2015-02-10 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2015-02-10 12:37 - 2015-02-10 12:37 - 00001588 _____ () C:\Users\Public\Desktop\Arc.lnk
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Jon Lowry\Downloads\Log
    2015-02-10 12:33 - 2015-02-10 12:33 - 01294088 _____ (Mojang) C:\Users\Jon Lowry\Desktop\Minecraft.exe
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Program Files\Microsoft Research
    2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-06 12:13 - 2015-02-06 12:13 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-06 11:45 - 2015-02-06 11:45 - 00000000 __SHD () C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
    2015-01-28 10:16 - 2015-01-28 10:16 - 00614645 _____ () C:\Users\Jon Lowry\Downloads\cartoon-bones.zip
    2015-01-28 10:16 - 2015-01-28 10:16 - 00153772 _____ () C:\Users\Jon Lowry\Downloads\caligraf-1435.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00439345 _____ () C:\Users\Jon Lowry\Downloads\booter.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00010105 _____ () C:\Users\Jon Lowry\Downloads\treasure.zip
    2015-01-28 10:14 - 2015-01-28 10:14 - 00037376 _____ () C:\Users\Jon Lowry\Downloads\GEP 2014 Dues breakdown.xls
    2015-01-28 10:14 - 2015-01-28 10:14 - 00015974 _____ () C:\Users\Jon Lowry\Downloads\arrr-matey-bb.zip
    2015-01-26 22:04 - 2015-01-26 21:05 - 00000000 ____D () C:\f8e8ddfd1a907b9ad5
    2015-01-26 21:10 - 2015-02-18 21:28 - 01236819 _____ () C:\Windows\WindowsUpdate.log
    2015-01-26 13:24 - 2015-01-26 13:24 - 00001164 _____ () C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
    2015-01-26 13:12 - 2015-01-26 21:33 - 00000000 ____D () C:\Users\Jon Lowry\Documents\My Kindle Content
    2015-01-26 13:12 - 2015-01-26 13:17 - 00002254 _____ () C:\Users\Jon Lowry\Desktop\Kindle.lnk
    2015-01-26 13:12 - 2015-01-26 13:16 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Amazon
    2015-01-26 13:12 - 2015-01-26 13:12 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:50 - 2014-12-02 16:35 - 00002166 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-02-18 21:48 - 2013-04-13 13:35 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Carla's stuff
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spotify
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Spotify
    2015-02-18 21:41 - 2011-06-10 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-18 21:37 - 2013-08-21 12:56 - 00000000 ____D () C:\AdwCleaner
    2015-02-18 21:35 - 2013-09-26 17:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-02-18 21:35 - 2011-02-14 16:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-02-18 21:34 - 2011-07-05 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-18 21:32 - 2011-03-28 14:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Azureus
    2015-02-18 21:32 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:32 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:27 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2015-02-18 21:24 - 2014-04-28 11:21 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Geeks To Go
    2015-02-18 21:24 - 2013-09-06 14:42 - 00000000 ___RD () C:\Users\Jon Lowry\Dropbox
    2015-02-18 21:24 - 2013-09-05 00:05 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Dropbox
    2015-02-18 21:23 - 2013-12-10 19:06 - 00000000 ____D () C:\FRST
    2015-02-18 21:22 - 2014-04-24 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-18 21:19 - 2014-07-28 17:49 - 00000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2015-02-18 21:18 - 2014-10-27 18:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-18 21:18 - 2009-07-13 21:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-02-18 21:18 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-18 21:17 - 2014-12-11 12:46 - 00005002 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier
    2015-02-13 12:13 - 2013-01-15 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003860 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMScan
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003822 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMUpdater
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003808 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMRules
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003644 _____ () C:\Windows\System32\Tasks\Driver Detective
    2015-02-13 12:02 - 2014-11-16 00:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-13 12:00 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Kraken's Revenge
    2015-02-13 12:00 - 2014-12-12 10:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions
    2015-02-13 11:59 - 2009-07-13 20:45 - 05043504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-13 11:57 - 2014-12-18 11:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-13 11:57 - 2014-05-10 23:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-13 11:38 - 2009-07-13 18:34 - 00000615 _____ () C:\Windows\win.ini
    2015-02-13 11:29 - 2013-07-11 03:13 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-13 11:13 - 2011-02-02 11:59 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-12 16:41 - 2014-12-22 14:07 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job
    2015-02-12 16:19 - 2013-06-07 11:46 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\HpUpdate
    2015-02-10 12:37 - 2010-07-15 11:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-10 12:26 - 2013-09-06 14:41 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-10 12:26 - 2012-03-01 13:57 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Calibre Library
    2015-02-09 12:41 - 2011-11-22 06:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2015-02-08 12:59 - 2012-03-01 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2015-02-08 12:53 - 2012-03-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Calibre2
    2015-02-07 15:35 - 2014-12-28 20:46 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-06 12:13 - 2013-01-15 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-06 12:13 - 2013-01-15 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-06 12:13 - 2011-05-18 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-06 11:42 - 2013-11-01 22:17 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Outlook Files
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-02 13:31 - 2014-12-28 20:45 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2015-02-02 13:15 - 2014-12-28 20:46 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-01-30 17:46 - 2009-07-13 21:13 - 00006774 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-28 10:11 - 2011-01-23 02:26 - 00134176 _____ () C:\Users\Jon Lowry\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-26 13:21 - 2014-12-28 20:45 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2015-01-23 11:47 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-19 10:41 - 2014-12-22 14:07 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJon Lowry
     
    ==================== Files in the root of some directories =======
     
    2015-01-07 13:27 - 2015-01-07 13:27 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2012-03-18 15:06 - 2014-12-27 02:54 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2011-05-16 19:50 - 2011-10-31 21:18 - 0001854 _____ () C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
    2012-05-19 07:48 - 2013-01-24 06:08 - 0870128 _____ () C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
    2012-12-22 19:20 - 2013-07-12 23:19 - 0007859 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
    2012-12-22 19:20 - 2013-07-12 23:19 - 0001167 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
    2012-12-22 19:20 - 2013-07-12 23:19 - 0000055 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.log
    2012-12-22 19:20 - 2013-07-12 23:19 - 0082816 _____ (VSO Software) C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
    2014-07-28 17:49 - 2015-02-18 21:19 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2013-08-10 21:39 - 2013-08-12 05:44 - 0031644 _____ () C:\Users\Jon Lowry\AppData\Local\av.log
    2014-12-12 10:37 - 2014-12-12 10:37 - 0000064 _____ () C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
    2013-01-04 20:12 - 2013-08-07 02:07 - 0006144 _____ () C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-28 20:44 - 2014-12-28 20:44 - 0234679 _____ () C:\Users\Jon Lowry\AppData\Local\dsi1.dat
    2014-12-28 20:44 - 2014-12-28 20:44 - 0161916 _____ () C:\Users\Jon Lowry\AppData\Local\dsi2.dat
    2011-12-23 15:12 - 2011-12-23 15:12 - 0000097 _____ () C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
    2011-03-28 14:38 - 2011-03-28 14:38 - 0000032 _____ () C:\Users\Jon Lowry\AppData\Local\xobni_installer_updater.log
    2011-01-29 10:50 - 2014-05-19 20:55 - 0000124 ___SH () C:\ProgramData\.zreglib
    2011-01-24 11:22 - 2014-09-13 11:07 - 0027386 _____ () C:\ProgramData\hpzinstall.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-15 13:11 - 2010-07-15 13:12 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-15 13:07 - 2010-07-15 13:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-15 13:06 - 2010-07-15 13:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-15 13:07 - 2010-07-15 13:11 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
     
    Some content of TEMP:
    ====================
    C:\Users\Jon Lowry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj81da.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\Quarantine.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-02-13 11:06
     
    ==================== End Of Log ============================
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
    Ran by Jon Lowry at 2015-02-18 21:30:29
    Running from C:\Users\JON LOWRY\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    3D Home Architect Home Design Deluxe 6 (HKLM-x32\...\InstallShield_{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}) (Version: 6.00.0000 - Broderbund)
    3D Home Architect Home Design Deluxe 6 (x32 Version: 6.00.0000 - Broderbund) Hidden
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
    Akamai NetSession Interface (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.9.0 - SlySoft)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.62.196 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.62.196 - SonicWALL Inc) Hidden
    Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.320 - SonicWALL Aventail)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
    Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Browser Extensions (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    calibre (HKLM-x32\...\{7C1B7566-C44C-4436-B08D-636337C7C665}) (Version: 2.19.0 - Kovid Goyal)
    Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support Active Optimization (HKLM-x32\...\{63801EFF-1F3D-4D53-A9B4-25A2061CF3E2}) (Version: 1.0.4.7818 - PC Drivers HeadQuarters LP)
    Dropbox (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Extended Update (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
    Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
    Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
    Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    Image Composite Editor (HKLM\...\{380B7D01-4411-4D5D-AB9A-2A12FA315481}) (Version: 2.0.2 - Microsoft Corporation)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
    MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
    Mplayer 0.6.9 (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nidesoft DVD to AVI Converter Platinum v5.0 (HKLM-x32\...\Nidesoft DVD to AVI Converter Platinum_is1) (Version:  - Nidesoft Studio)
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
    QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spotify (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Stitch Era Universal (HKLM-x32\...\{117221E4-6B20-4595-BCF8-286468364B57}) (Version: 11.30 - Sierra Technology Group SA)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Unity Web Player (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
    WinImage (HKLM-x32\...\WinImage) (Version:  - )
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
    WinX DVD Author 6.3 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
    WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{8b2299d9-a6ce-4697-954f-718188b26cf6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{cd203956-34d7-406f-978b-3ff3c677708c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Restore Points  =========================
     
    13-02-2015 12:09:27 Windows Update
    13-02-2015 12:22:47 Removed service pack backup files
    13-02-2015 12:53:21 Installed DirectX
    18-02-2015 21:31:48 Windows Update
    18-02-2015 21:33:16 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-02-07 00:31 - 2014-11-12 08:13 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {01B68D5A-8E09-4A29-9387-DA754C41BD4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {0A441A4F-538D-4DF5-8D2C-E31743217147} - System32\Tasks\Check Updates => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1B2F0572-5416-4647-94DE-4DE76EBA27BF} - System32\Tasks\Validate Installation => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1F09685D-CAD9-4E68-946B-B50B5A191459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {317133E5-92BA-4435-ACF8-7AFC526A2A78} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Users\Jon Lowry\AppData\Local\GeniusBox\client.exe"
    Task: {336ED6BE-4CA7-405E-B340-D5A07F858C97} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {43F7265C-490F-4AA9-8B69-02F9F833D97A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {49F735B7-D4AC-47E8-A64B-6E89A93969E8} - System32\Tasks\{7B76C20D-C73E-4650-908C-05C9FA248705} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65900
    Task: {4F5A0FE5-2186-4857-AAE6-91B0862813D9} - System32\Tasks\AdobeAAMUpdater-1.0-JonLowry-HP-Jon Lowry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {70A3A76A-8A55-492C-9AC2-01CCE7F4FE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {73C09C2B-B3BE-4A72-AB85-EA3D923BB7CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
    Task: {7FB07DDB-2792-4DE2-9210-A87BA1C86AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {837D8611-791E-4150-9C7D-732943BD4ACA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
    Task: {8D2F19A0-A67B-45B9-894A-53C6BB12C94F} - System32\Tasks\Driver Detective => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {96EDDD3A-636A-4EB1-9F08-205AFDA11119} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {A3E483DF-5EE2-495D-B541-F69C269639DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {A986945B-2301-4B1D-A825-A862F3670DD8} - System32\Tasks\{F967C586-0347-4CC0-A8D0-5FFDB5547DF0} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B57B8587-1A4E-4B67-A4C8-33074EE6FC52} - System32\Tasks\{295CD046-BB03-4242-9AC9-352599CCE0B9} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B6E7EFA2-2AE6-447E-99D7-F9D59574A01A} - \Digital Sites No Task File <==== ATTENTION
    Task: {CAD644F0-F30D-4FC3-AAB5-2B883CB6B5EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {CB34AF4D-833E-4E58-A665-4B1B5308AB05} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {D621DF4F-A224-4B17-A4BB-9D0185802320} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {E038FBBD-C5A9-4CC0-9E27-461A3131A519} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {E582A659-33D1-442B-9A8A-78D1F4079EFD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
    Task: {F21DAA86-822C-41EC-BEAA-E66E67DE2F16} - System32\Tasks\HPCeeScheduleForJon Lowry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {F3BA2ECB-51CD-4D63-9876-9E4500693B5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {F438A944-39F2-4DB5-9518-08D8D99EA88B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F800B797-8F84-4A00-A941-01C35959EC2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
    Task: {FA93F109-BB75-4A50-871F-313583F9CDB2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WOLFLING => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2013-04-12 10:31 - 2013-04-12 10:31 - 00234280 _____ () C:\Windows\ngmsi.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2011-02-08 15:31 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
    2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2015-02-18 21:25 - 2015-02-18 21:25 - 02911232 _____ () C:\Program Files\AVAST Software\Avast\defs\15022301\algo.dll
    2015-02-18 21:25 - 2015-02-18 21:25 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15022401\algo.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2011-03-21 10:57 - 2011-03-21 10:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-12-02 16:34 - 2014-12-02 16:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-24 11:20 - 2014-10-24 11:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\da40cdf070dc5174aa4c9319ddc006da\IsdiInterop.ni.dll
    2010-12-27 14:13 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 68.105.28.12 - 68.105.29.12
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: (default) => 
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-538650268-2924358156-1730836174-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-538650268-2924358156-1730836174-1005 - Limited - Enabled)
    Guest (S-1-5-21-538650268-2924358156-1730836174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-538650268-2924358156-1730836174-1002 - Limited - Enabled)
    Jon Lowry (S-1-5-21-538650268-2924358156-1730836174-1000 - Administrator - Enabled) => C:\Users\Jon Lowry
    Mcx1-WOLFLING (S-1-5-21-538650268-2924358156-1730836174-1009 - Limited - Enabled) => C:\Users\Mcx1-WOLFLING.WOLFLING
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Deskjet F4500 series
    Description: Deskjet F4500 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
    Error: (02/18/2015 09:21:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
    SydexFDD
     
    Error: (02/18/2015 09:21:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:20:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
    %%1053
     
    Error: (02/18/2015 09:20:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
     
    Error: (02/18/2015 09:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The MCSTRM service failed to start due to the following error: 
    %%2
     
    Error: (02/18/2015 09:18:52 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 10:08:10 PM on ‎2/‎18/‎2015 was unexpected.
     
    Error: (02/18/2015 09:18:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:21:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
    SydexFDD
     
    Error: (02/18/2015 09:20:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:20:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
    %%1053
     
     
    Microsoft Office Sessions:
    =========================
     
    CodeIntegrity Errors:
    ===================================
      Date: 2013-12-06 15:01:19.260
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.949
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.621
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.279
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.642
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.455
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.284
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.680
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.508
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 47%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 2042.91 MB
    Total Pagefile: 7785.91 MB
    Available Pagefile: 5695.74 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB
     
    ==================== Drives ================================
     
     

    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    Uninstall:

     

    McAfee Security Scan Plus  (Foistware)
    Skype Click to Call (Annoying add-on to a browser to turn random 10 digit numbers into telephone numbers -  Not really part of Skype)
     
    I missed a few last time:
     
     
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
     
     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
    sfc  /scannow
     
    (This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
     
    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 
     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.
     
    Ron

    • 0

    #7
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    Just a quick update.  I am still running through these last steps.  The computer is freezing at 68% of the verification process for the SFC command.


    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    See if you can do this after the sfc freezes:

     

    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 
     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

    • 0

    #9
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    SFC completed with no errors. Here are the logs:

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
    Ran by Jon Lowry (administrator) on CARLAGROETZMEIE on 18-02-2015 21:34:44
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2011-02-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-02-05] (Crawler Group)
    HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-02-05] (Crawler Group)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {CB469F30-480D-4846-B7EB-63F186F828BD} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-538650268-2924358156-1730836174-1000 -> DefaultScope {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA} URL = 
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default
    FF NewTab: hxxp://www.findamo.com?&cid=4301ch=2
    FF Homepage: hxxp://www.findamo.com?&cid=4301ch=2
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jon Lowry\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
    FF Extension: Slick Savings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-02-13]
    FF Extension: Start Page - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-02-13]
    FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2015-02-13]
    FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
    FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-26]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
    FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]
    CHR Extension: (YouTube) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-08]
    CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-08]
    CHR Extension: (Avast Online Security) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-08]
    CHR Extension: (Google Wallet) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
    CHR Extension: (Gmail) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-08]
    CHR HKU\S-1-5-21-538650268-2924358156-1730836174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-07]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-02-09] (Perfect World Entertainment Inc)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-01-28] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent) [File not signed]
    R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [534824 2013-04-12] (Aventail Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-26] (Enigma Software Group USA, LLC.)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
    R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
    R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-26] (Enigma Software Group USA, LLC.)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2013-04-12] (Aventail Corporation)
    R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2013-04-12] (Aventail Corporation)
    R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2013-04-12] (Aventail Corporation)
    R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2013-04-12] (Aventail Corporation)
    R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) [File not signed]
    R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:44 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-18 21:44 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-18 21:34 - 2015-02-18 21:35 - 00027964 _____ () C:\Users\Jon Lowry\Desktop\FRST.txt
    2015-02-18 21:34 - 2015-02-18 21:34 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\FRST-OlderVersion
    2015-02-18 21:33 - 2015-02-18 21:34 - 00002956 _____ () C:\Users\Jon Lowry\Desktop\fixlist.txt
    2015-02-18 21:30 - 2015-02-18 21:34 - 02087936 _____ (Farbar) C:\Users\Jon Lowry\Desktop\FRST64.exe
    2015-02-18 21:29 - 2015-02-18 21:29 - 01388274 _____ (Thisisu) C:\Users\Jon Lowry\Desktop\JRT.exe
    2015-02-18 21:26 - 2015-02-18 21:26 - 02126848 _____ () C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    2015-02-13 12:17 - 2015-02-18 21:24 - 00000000 ____D () C:\ProgramData\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
    2015-02-13 12:16 - 2015-02-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
    2015-02-13 11:57 - 2015-02-18 21:18 - 00002352 _____ () C:\Windows\setupact.log
    2015-02-13 11:57 - 2015-02-13 11:57 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-12 16:28 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-12 16:28 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-12 16:28 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-12 16:28 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-12 16:28 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-12 16:28 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-12 16:28 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-12 16:28 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-12 16:28 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-12 16:28 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-12 16:28 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-12 16:28 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-12 16:28 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-12 16:28 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-12 16:28 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-12 16:27 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-12 16:27 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-12 16:27 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-12 16:27 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-12 16:27 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-12 16:27 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-12 16:27 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-12 16:27 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-12 16:27 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-12 16:27 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-12 16:27 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-12 16:27 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-12 16:27 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-12 16:27 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-12 16:27 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-12 16:27 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-12 16:27 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-02-12 16:26 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-12 16:26 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-12 16:26 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-12 16:26 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-12 16:26 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-12 16:25 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-12 16:25 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-12 16:24 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-10 12:45 - 2015-02-13 11:58 - 00000000 ____D () C:\Program Files (x86)\Star Trek Online_en
    2015-02-10 12:42 - 2015-02-10 12:45 - 00000000 ___HD () C:\ArcTemp
    2015-02-10 12:39 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Arc
    2015-02-10 12:39 - 2015-02-10 12:39 - 00000000 ____D () C:\Users\Public\Documents\Arc
    2015-02-10 12:37 - 2015-02-12 16:11 - 00000000 ____D () C:\Program Files (x86)\Arc
    2015-02-10 12:37 - 2015-02-10 12:45 - 00001873 _____ () C:\Users\Public\Desktop\Star Trek Online.lnk
    2015-02-10 12:37 - 2015-02-10 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2015-02-10 12:37 - 2015-02-10 12:37 - 00001588 _____ () C:\Users\Public\Desktop\Arc.lnk
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Jon Lowry\Downloads\Log
    2015-02-10 12:33 - 2015-02-10 12:33 - 01294088 _____ (Mojang) C:\Users\Jon Lowry\Desktop\Minecraft.exe
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Program Files\Microsoft Research
    2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-06 12:13 - 2015-02-06 12:13 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-06 11:45 - 2015-02-06 11:45 - 00000000 __SHD () C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
    2015-01-28 10:16 - 2015-01-28 10:16 - 00614645 _____ () C:\Users\Jon Lowry\Downloads\cartoon-bones.zip
    2015-01-28 10:16 - 2015-01-28 10:16 - 00153772 _____ () C:\Users\Jon Lowry\Downloads\caligraf-1435.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00439345 _____ () C:\Users\Jon Lowry\Downloads\booter.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00010105 _____ () C:\Users\Jon Lowry\Downloads\treasure.zip
    2015-01-28 10:14 - 2015-01-28 10:14 - 00037376 _____ () C:\Users\Jon Lowry\Downloads\GEP 2014 Dues breakdown.xls
    2015-01-28 10:14 - 2015-01-28 10:14 - 00015974 _____ () C:\Users\Jon Lowry\Downloads\arrr-matey-bb.zip
    2015-01-26 22:04 - 2015-01-26 21:05 - 00000000 ____D () C:\f8e8ddfd1a907b9ad5
    2015-01-26 21:10 - 2015-02-18 21:31 - 01255270 _____ () C:\Windows\WindowsUpdate.log
    2015-01-26 13:24 - 2015-01-26 13:24 - 00001164 _____ () C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
    2015-01-26 13:12 - 2015-01-26 21:33 - 00000000 ____D () C:\Users\Jon Lowry\Documents\My Kindle Content
    2015-01-26 13:12 - 2015-01-26 13:17 - 00002254 _____ () C:\Users\Jon Lowry\Desktop\Kindle.lnk
    2015-01-26 13:12 - 2015-01-26 13:16 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Amazon
    2015-01-26 13:12 - 2015-01-26 13:12 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 21:50 - 2014-12-02 16:35 - 00002166 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-02-18 21:48 - 2013-04-13 13:35 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Carla's stuff
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spotify
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Spotify
    2015-02-18 21:41 - 2011-06-10 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-18 21:37 - 2013-08-21 12:56 - 00000000 ____D () C:\AdwCleaner
    2015-02-18 21:35 - 2013-09-26 17:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-02-18 21:35 - 2011-02-14 16:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-02-18 21:34 - 2013-12-10 19:06 - 00000000 ____D () C:\FRST
    2015-02-18 21:34 - 2011-07-05 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-18 21:32 - 2011-03-28 14:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Azureus
    2015-02-18 21:29 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:29 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:27 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2015-02-18 21:24 - 2013-09-06 14:42 - 00000000 ___RD () C:\Users\Jon Lowry\Dropbox
    2015-02-18 21:24 - 2013-09-05 00:05 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Dropbox
    2015-02-18 21:20 - 2014-04-28 11:21 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Geeks To Go
    2015-02-18 21:19 - 2014-07-28 17:49 - 00000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2015-02-18 21:19 - 2014-04-24 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-18 21:18 - 2014-10-27 18:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-18 21:18 - 2009-07-13 21:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-02-18 21:18 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-18 21:17 - 2014-12-11 12:46 - 00005002 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier
    2015-02-13 12:13 - 2013-01-15 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003860 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMScan
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003822 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMUpdater
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003808 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMRules
    2015-02-13 12:04 - 2014-12-27 02:50 - 00003644 _____ () C:\Windows\System32\Tasks\Driver Detective
    2015-02-13 12:02 - 2014-11-16 00:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-13 12:00 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Kraken's Revenge
    2015-02-13 12:00 - 2014-12-12 10:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions
    2015-02-13 11:59 - 2009-07-13 20:45 - 05043504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-13 11:57 - 2014-12-18 11:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-13 11:57 - 2014-05-10 23:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-13 11:38 - 2009-07-13 18:34 - 00000615 _____ () C:\Windows\win.ini
    2015-02-13 11:29 - 2013-07-11 03:13 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-13 11:13 - 2011-02-02 11:59 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-12 16:41 - 2014-12-22 14:07 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job
    2015-02-12 16:19 - 2013-06-07 11:46 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\HpUpdate
    2015-02-10 12:37 - 2010-07-15 11:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-10 12:26 - 2013-09-06 14:41 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-10 12:26 - 2012-03-01 13:57 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Calibre Library
    2015-02-09 12:41 - 2011-11-22 06:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2015-02-08 12:59 - 2012-03-01 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2015-02-08 12:53 - 2012-03-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Calibre2
    2015-02-07 15:35 - 2014-12-28 20:46 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-06 12:13 - 2013-01-15 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-06 12:13 - 2013-01-15 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-06 12:13 - 2011-05-18 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-06 11:42 - 2013-11-01 22:17 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Outlook Files
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-02 13:31 - 2014-12-28 20:45 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2015-02-02 13:15 - 2014-12-28 20:46 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-01-30 17:46 - 2009-07-13 21:13 - 00006774 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-28 10:11 - 2011-01-23 02:26 - 00134176 _____ () C:\Users\Jon Lowry\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-26 13:21 - 2014-12-28 20:45 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2015-01-23 11:47 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-19 10:41 - 2014-12-22 14:07 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJon Lowry
     
    ==================== Files in the root of some directories =======
     
    2015-01-07 13:27 - 2015-01-07 13:27 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2012-03-18 15:06 - 2014-12-27 02:54 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2011-05-16 19:50 - 2011-10-31 21:18 - 0001854 _____ () C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
    2012-05-19 07:48 - 2013-01-24 06:08 - 0870128 _____ () C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
    2012-12-22 19:20 - 2013-07-12 23:19 - 0007859 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
    2012-12-22 19:20 - 2013-07-12 23:19 - 0001167 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
    2012-12-22 19:20 - 2013-07-12 23:19 - 0000055 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.log
    2012-12-22 19:20 - 2013-07-12 23:19 - 0082816 _____ (VSO Software) C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
    2014-07-28 17:49 - 2015-02-18 21:19 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2013-08-10 21:39 - 2013-08-12 05:44 - 0031644 _____ () C:\Users\Jon Lowry\AppData\Local\av.log
    2014-12-12 10:37 - 2014-12-12 10:37 - 0000064 _____ () C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
    2013-01-04 20:12 - 2013-08-07 02:07 - 0006144 _____ () C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-28 20:44 - 2014-12-28 20:44 - 0234679 _____ () C:\Users\Jon Lowry\AppData\Local\dsi1.dat
    2014-12-28 20:44 - 2014-12-28 20:44 - 0161916 _____ () C:\Users\Jon Lowry\AppData\Local\dsi2.dat
    2011-12-23 15:12 - 2011-12-23 15:12 - 0000097 _____ () C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
    2011-03-28 14:38 - 2011-03-28 14:38 - 0000032 _____ () C:\Users\Jon Lowry\AppData\Local\xobni_installer_updater.log
    2011-01-29 10:50 - 2014-05-19 20:55 - 0000124 ___SH () C:\ProgramData\.zreglib
    2011-01-24 11:22 - 2014-09-13 11:07 - 0027386 _____ () C:\ProgramData\hpzinstall.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-15 13:11 - 2010-07-15 13:12 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-15 13:07 - 2010-07-15 13:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-15 13:06 - 2010-07-15 13:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-15 13:07 - 2010-07-15 13:11 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
     
    Some content of TEMP:
    ====================
    C:\Users\Jon Lowry\AppData\Local\Temp\certutil.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj81da.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\msvcr71.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nspr4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nss3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plc4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plds4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\Quarantine.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\smime3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\softokn3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
    Ran by Jon Lowry at 2015-02-18 21:36:20
    Running from C:\Users\JON LOWRY\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    3D Home Architect Home Design Deluxe 6 (HKLM-x32\...\InstallShield_{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}) (Version: 6.00.0000 - Broderbund)
    3D Home Architect Home Design Deluxe 6 (x32 Version: 6.00.0000 - Broderbund) Hidden
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
    Akamai NetSession Interface (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.9.0 - SlySoft)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.62.196 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.62.196 - SonicWALL Inc) Hidden
    Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.320 - SonicWALL Aventail)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
    Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Browser Extensions (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    calibre (HKLM-x32\...\{7C1B7566-C44C-4436-B08D-636337C7C665}) (Version: 2.19.0 - Kovid Goyal)
    Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support Active Optimization (HKLM-x32\...\{63801EFF-1F3D-4D53-A9B4-25A2061CF3E2}) (Version: 1.0.4.7818 - PC Drivers HeadQuarters LP)
    Dropbox (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Extended Update (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
    Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
    Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
    Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    Image Composite Editor (HKLM\...\{380B7D01-4411-4D5D-AB9A-2A12FA315481}) (Version: 2.0.2 - Microsoft Corporation)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
    MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
    Mplayer 0.6.9 (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nidesoft DVD to AVI Converter Platinum v5.0 (HKLM-x32\...\Nidesoft DVD to AVI Converter Platinum_is1) (Version:  - Nidesoft Studio)
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
    QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spotify (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Stitch Era Universal (HKLM-x32\...\{117221E4-6B20-4595-BCF8-286468364B57}) (Version: 11.30 - Sierra Technology Group SA)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Unity Web Player (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
    WinImage (HKLM-x32\...\WinImage) (Version:  - )
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
    WinX DVD Author 6.3 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
    WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{8b2299d9-a6ce-4697-954f-718188b26cf6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{cd203956-34d7-406f-978b-3ff3c677708c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Restore Points  =========================
     
    13-02-2015 12:09:27 Windows Update
    13-02-2015 12:22:47 Removed service pack backup files
    18-02-2015 21:31:41 Removed Skype Click to Call
    18-02-2015 21:31:48 Windows Update
    18-02-2015 21:33:16 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-02-07 00:31 - 2014-11-12 08:13 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {01B68D5A-8E09-4A29-9387-DA754C41BD4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {0A441A4F-538D-4DF5-8D2C-E31743217147} - System32\Tasks\Check Updates => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1B2F0572-5416-4647-94DE-4DE76EBA27BF} - System32\Tasks\Validate Installation => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1F09685D-CAD9-4E68-946B-B50B5A191459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {317133E5-92BA-4435-ACF8-7AFC526A2A78} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Users\Jon Lowry\AppData\Local\GeniusBox\client.exe"
    Task: {336ED6BE-4CA7-405E-B340-D5A07F858C97} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {43F7265C-490F-4AA9-8B69-02F9F833D97A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {49F735B7-D4AC-47E8-A64B-6E89A93969E8} - System32\Tasks\{7B76C20D-C73E-4650-908C-05C9FA248705} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65900
    Task: {4F5A0FE5-2186-4857-AAE6-91B0862813D9} - System32\Tasks\AdobeAAMUpdater-1.0-JonLowry-HP-Jon Lowry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {70A3A76A-8A55-492C-9AC2-01CCE7F4FE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {73C09C2B-B3BE-4A72-AB85-EA3D923BB7CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
    Task: {7FB07DDB-2792-4DE2-9210-A87BA1C86AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {837D8611-791E-4150-9C7D-732943BD4ACA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
    Task: {8D2F19A0-A67B-45B9-894A-53C6BB12C94F} - System32\Tasks\Driver Detective => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {96EDDD3A-636A-4EB1-9F08-205AFDA11119} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {A3E483DF-5EE2-495D-B541-F69C269639DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {A986945B-2301-4B1D-A825-A862F3670DD8} - System32\Tasks\{F967C586-0347-4CC0-A8D0-5FFDB5547DF0} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B57B8587-1A4E-4B67-A4C8-33074EE6FC52} - System32\Tasks\{295CD046-BB03-4242-9AC9-352599CCE0B9} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B6E7EFA2-2AE6-447E-99D7-F9D59574A01A} - \Digital Sites No Task File <==== ATTENTION
    Task: {CAD644F0-F30D-4FC3-AAB5-2B883CB6B5EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {CB34AF4D-833E-4E58-A665-4B1B5308AB05} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {D621DF4F-A224-4B17-A4BB-9D0185802320} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {E038FBBD-C5A9-4CC0-9E27-461A3131A519} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {E582A659-33D1-442B-9A8A-78D1F4079EFD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
    Task: {F21DAA86-822C-41EC-BEAA-E66E67DE2F16} - System32\Tasks\HPCeeScheduleForJon Lowry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {F3BA2ECB-51CD-4D63-9876-9E4500693B5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {F438A944-39F2-4DB5-9518-08D8D99EA88B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F800B797-8F84-4A00-A941-01C35959EC2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
    Task: {FA93F109-BB75-4A50-871F-313583F9CDB2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WOLFLING => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2013-04-12 10:31 - 2013-04-12 10:31 - 00234280 _____ () C:\Windows\ngmsi.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2011-02-08 15:31 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
    2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2015-02-18 21:25 - 2015-02-18 21:25 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15022401\algo.dll
    2015-02-18 21:20 - 2015-02-18 21:20 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15022503\algo.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2011-03-21 10:57 - 2011-03-21 10:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-12-02 16:34 - 2014-12-02 16:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2015-02-06 10:44 - 2015-02-04 01:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
    2014-10-24 11:20 - 2014-10-24 11:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\da40cdf070dc5174aa4c9319ddc006da\IsdiInterop.ni.dll
    2010-12-27 14:13 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 68.105.28.12 - 68.105.29.12
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: (default) => 
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-538650268-2924358156-1730836174-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-538650268-2924358156-1730836174-1005 - Limited - Enabled)
    Guest (S-1-5-21-538650268-2924358156-1730836174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-538650268-2924358156-1730836174-1002 - Limited - Enabled)
    Jon Lowry (S-1-5-21-538650268-2924358156-1730836174-1000 - Administrator - Enabled) => C:\Users\Jon Lowry
    Mcx1-WOLFLING (S-1-5-21-538650268-2924358156-1730836174-1009 - Limited - Enabled) => C:\Users\Mcx1-WOLFLING.WOLFLING
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Deskjet F4500 series
    Description: Deskjet F4500 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/18/2015 09:33:23 PM) (Source: MsiInstaller) (EventID: 11402) (User: CARLAGROETZMEIE)
    Description: Product: Skype Click to Call -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\Software\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.
     
     
    System errors:
    =============
    Error: (02/18/2015 09:20:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:19:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:18:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:20:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:19:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error: 
    %%1053
     
    Error: (02/18/2015 09:19:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
     
    Error: (02/18/2015 09:19:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:18:16 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 10:02:48 PM on ‎2/‎18/‎2015 was unexpected.
     
    Error: (02/18/2015 09:18:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:22:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
     
    Microsoft Office Sessions:
    =========================
    Error: (02/18/2015 09:33:23 PM) (Source: MsiInstaller) (EventID: 11402) (User: CARLAGROETZMEIE)
    Description: Product: Skype Click to Call -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\Software\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2013-12-06 15:01:19.260
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.949
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.621
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.279
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.642
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.455
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.284
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.680
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.508
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 56%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 1711.57 MB
    Total Pagefile: 7785.91 MB
    Available Pagefile: 5355.57 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 18/02/2015 10:11:03 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:18:02 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
     
    Log: 'System' Date/Time: 19/02/2015 5:20:31 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:43 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Log: 'System' Date/Time: 19/02/2015 5:38:18 AM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:04 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:19:31 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The SQL Server (SQLEXPRESS) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:30 AM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:29 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:16 AM
    Type: Error Category: 0
    Event: 6008 Source: EventLog
    The previous system shutdown at 9:54:16 PM on ?2/?18/?2015 was unexpected.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:02 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Log: 'System' Date/Time: 19/02/2015 5:23:02 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:58 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:34:10 AM
    Type: Warning Category: 7
    Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
    The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
     
    Log: 'System' Date/Time: 19/02/2015 5:34:07 AM
    Type: Warning Category: 7
    Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
    The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:28 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:38:58 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:38:58 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     
    Log: 'System' Date/Time: 19/02/2015 5:23:25 AM
    Type: Warning Category: 0
    Event: 16393 Source: Microsoft-Windows-Bits-Client
    BITS has encountered an error communicating with an Internet Gateway Device.  Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80040216.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:24 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:22 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:41:52 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:41:52 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     
     
    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 18/02/2015 10:11:03 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:18:02 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:40 AM
    Type: Error Category: 0
    Event: 10005 Source: Microsoft-Windows-DistributedCOM
    DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
     
    Log: 'System' Date/Time: 19/02/2015 5:20:31 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:43 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Log: 'System' Date/Time: 19/02/2015 5:38:18 AM
    Type: Error Category: 1
    Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
    Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition.
     
    Log: 'System' Date/Time: 19/02/2015 5:20:04 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:19:31 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The SQL Server (SQLEXPRESS) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:30 AM
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
     
    Log: 'System' Date/Time: 19/02/2015 5:19:29 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:16 AM
    Type: Error Category: 0
    Event: 6008 Source: EventLog
    The previous system shutdown at 9:54:16 PM on ?2/?18/?2015 was unexpected.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:02 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Log: 'System' Date/Time: 19/02/2015 5:23:02 AM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:58 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:34:10 AM
    Type: Warning Category: 7
    Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
    The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
     
    Log: 'System' Date/Time: 19/02/2015 5:34:07 AM
    Type: Warning Category: 7
    Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
    The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:28 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:38:58 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:38:58 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     
    Log: 'System' Date/Time: 19/02/2015 5:23:25 AM
    Type: Warning Category: 0
    Event: 16393 Source: Microsoft-Windows-Bits-Client
    BITS has encountered an error communicating with an Internet Gateway Device.  Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80040216.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:24 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:18:22 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:41:52 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:41:52 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     

     


    • 0

    #10
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.
     
    Ron

     


    • 0

    Advertisements


    #11
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    Here are the new logs:

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
    Ran by Jon Lowry at 2015-02-18 21:23:41 Run:5
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    FF NewTab: hxxp://www.findamo.com?&cid=4301ch=2
    FF Homepage: hxxp://www.findamo.com?&cid=4301ch=2
    FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
    FF Extension: Slick Savings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-02-13]
    FF Extension: Start Page - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-02-13]
    FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2015-02-13]
    FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
    FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-26]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    Task: {0A441A4F-538D-4DF5-8D2C-E31743217147} - System32\Tasks\Check Updates => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {1B2F0572-5416-4647-94DE-4DE76EBA27BF} - System32\Tasks\Validate Installation => C:\Users\Jon Lowry\AppData\Local\GeniusBox\updater.exe
    Task: {317133E5-92BA-4435-ACF8-7AFC526A2A78} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Users\Jon Lowry\AppData\Local\GeniusBox\client.exe"
    Task: {B6E7EFA2-2AE6-447E-99D7-F9D59574A01A} - \Digital Sites No Task File <==== ATTENTION
    Task: {336ED6BE-4CA7-405E-B340-D5A07F858C97} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {8D2F19A0-A67B-45B9-894A-53C6BB12C94F} - System32\Tasks\Driver Detective => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
    Task: {96EDDD3A-636A-4EB1-9F08-205AFDA11119} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe
     
     
    *****************
     
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" => Key deleted successfully.
    "HKCR\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
    "HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
    Firefox newtab deleted successfully.
    Firefox homepage deleted successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml => Moved successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} => Moved successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} => Moved successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} => Moved successfully.
    HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e} => value deleted successfully.
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension => Moved successfully.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com not found.
    C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] not found.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key Deleted successfully.
    c2cautoupdatesvc => Service stopped successfully.
    c2cautoupdatesvc => Service deleted successfully.
    c2cpnrsvc => Service stopped successfully.
    c2cpnrsvc => Service deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A441A4F-538D-4DF5-8D2C-E31743217147}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A441A4F-538D-4DF5-8D2C-E31743217147}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Check Updates => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Check Updates" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B2F0572-5416-4647-94DE-4DE76EBA27BF}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B2F0572-5416-4647-94DE-4DE76EBA27BF}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Validate Installation => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Validate Installation" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{317133E5-92BA-4435-ACF8-7AFC526A2A78}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{317133E5-92BA-4435-ACF8-7AFC526A2A78}" => Key deleted successfully.
    C:\Windows\System32\Tasks\GeniusBox => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GeniusBox" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E7EFA2-2AE6-447E-99D7-F9D59574A01A}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E7EFA2-2AE6-447E-99D7-F9D59574A01A}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{336ED6BE-4CA7-405E-B340-D5A07F858C97}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{336ED6BE-4CA7-405E-B340-D5A07F858C97}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Detective-RTMScan => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Detective-RTMScan" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44DD8A89-D8A1-4A3C-9750-AFC69F38D4EE}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Detective-RTMUpdater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Detective-RTMUpdater" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8D2F19A0-A67B-45B9-894A-53C6BB12C94F}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D2F19A0-A67B-45B9-894A-53C6BB12C94F}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Detective => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Detective" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96EDDD3A-636A-4EB1-9F08-205AFDA11119}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96EDDD3A-636A-4EB1-9F08-205AFDA11119}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Driver Detective-RTMRules => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Detective-RTMRules" => Key deleted successfully.
     
    ==== End of Fixlog 21:23:48 ====
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
    Ran by Jon Lowry (administrator) on CARLAGROETZMEIE on 18-02-2015 21:24:21
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2011-02-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-02-05] (Crawler Group)
    HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-02-05] (Crawler Group)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {CB469F30-480D-4846-B7EB-63F186F828BD} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-538650268-2924358156-1730836174-1000 -> DefaultScope {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA} URL = 
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jon Lowry\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
    FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]
    CHR Extension: (YouTube) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-08]
    CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-08]
    CHR Extension: (Avast Online Security) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-08]
    CHR Extension: (Google Wallet) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
    CHR Extension: (Gmail) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-08]
    CHR HKU\S-1-5-21-538650268-2924358156-1730836174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-07]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-02-09] (Perfect World Entertainment Inc)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-01-28] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent) [File not signed]
    R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [534824 2013-04-12] (Aventail Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-26] (Enigma Software Group USA, LLC.)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
    R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
    R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-26] (Enigma Software Group USA, LLC.)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2013-04-12] (Aventail Corporation)
    R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2013-04-12] (Aventail Corporation)
    R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2013-04-12] (Aventail Corporation)
    R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2013-04-12] (Aventail Corporation)
    R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) [File not signed]
    R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 22:11 - 2015-02-18 22:12 - 00003660 _____ () C:\VEW.txt
    2015-02-18 22:08 - 2015-02-18 22:08 - 00061440 _____ ( ) C:\Users\Jon Lowry\Desktop\VEW.exe
    2015-02-18 21:44 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-18 21:44 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-18 21:34 - 2015-02-18 21:34 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\FRST-OlderVersion
    2015-02-18 21:31 - 2015-01-08 19:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2015-02-18 21:31 - 2015-01-08 19:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2015-02-18 21:31 - 2015-01-08 19:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2015-02-18 21:31 - 2015-01-08 18:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
    2015-02-18 21:30 - 2015-02-18 21:34 - 02087936 _____ (Farbar) C:\Users\Jon Lowry\Desktop\FRST64.exe
    2015-02-18 21:29 - 2015-02-18 21:29 - 01388274 _____ (Thisisu) C:\Users\Jon Lowry\Desktop\JRT.exe
    2015-02-18 21:26 - 2015-02-18 21:26 - 02126848 _____ () C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    2015-02-18 21:24 - 2015-02-18 21:26 - 00025416 _____ () C:\Users\Jon Lowry\Desktop\FRST.txt
    2015-02-18 21:18 - 2015-02-18 21:18 - 00000580 _____ () C:\Windows\PFRO.log
    2015-02-13 12:17 - 2015-02-18 21:25 - 00000000 ____D () C:\ProgramData\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
    2015-02-13 12:16 - 2015-02-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
    2015-02-13 11:57 - 2015-02-18 21:18 - 00002632 _____ () C:\Windows\setupact.log
    2015-02-13 11:57 - 2015-02-13 11:57 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-12 16:28 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-12 16:28 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-12 16:28 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-12 16:28 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-12 16:28 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-12 16:28 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-12 16:28 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-12 16:28 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-12 16:28 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-12 16:28 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-12 16:28 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-12 16:28 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-12 16:28 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-12 16:28 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-12 16:28 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-12 16:27 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-12 16:27 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-12 16:27 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-12 16:27 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-12 16:27 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-12 16:27 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-12 16:27 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-12 16:27 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-12 16:27 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-12 16:27 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-12 16:27 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-12 16:27 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-12 16:27 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-12 16:27 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-12 16:27 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-12 16:27 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-12 16:27 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-02-12 16:26 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-12 16:26 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-12 16:26 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-12 16:26 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-12 16:26 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-12 16:25 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-12 16:25 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-12 16:24 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-10 12:45 - 2015-02-13 11:58 - 00000000 ____D () C:\Program Files (x86)\Star Trek Online_en
    2015-02-10 12:42 - 2015-02-10 12:45 - 00000000 ___HD () C:\ArcTemp
    2015-02-10 12:39 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Arc
    2015-02-10 12:39 - 2015-02-10 12:39 - 00000000 ____D () C:\Users\Public\Documents\Arc
    2015-02-10 12:37 - 2015-02-12 16:11 - 00000000 ____D () C:\Program Files (x86)\Arc
    2015-02-10 12:37 - 2015-02-10 12:45 - 00001873 _____ () C:\Users\Public\Desktop\Star Trek Online.lnk
    2015-02-10 12:37 - 2015-02-10 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2015-02-10 12:37 - 2015-02-10 12:37 - 00001588 _____ () C:\Users\Public\Desktop\Arc.lnk
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Jon Lowry\Downloads\Log
    2015-02-10 12:33 - 2015-02-10 12:33 - 01294088 _____ (Mojang) C:\Users\Jon Lowry\Desktop\Minecraft.exe
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Program Files\Microsoft Research
    2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-06 12:13 - 2015-02-06 12:13 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-06 11:45 - 2015-02-06 11:45 - 00000000 __SHD () C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
    2015-01-28 10:16 - 2015-01-28 10:16 - 00614645 _____ () C:\Users\Jon Lowry\Downloads\cartoon-bones.zip
    2015-01-28 10:16 - 2015-01-28 10:16 - 00153772 _____ () C:\Users\Jon Lowry\Downloads\caligraf-1435.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00439345 _____ () C:\Users\Jon Lowry\Downloads\booter.zip
    2015-01-28 10:15 - 2015-01-28 10:15 - 00010105 _____ () C:\Users\Jon Lowry\Downloads\treasure.zip
    2015-01-28 10:14 - 2015-01-28 10:14 - 00037376 _____ () C:\Users\Jon Lowry\Downloads\GEP 2014 Dues breakdown.xls
    2015-01-28 10:14 - 2015-01-28 10:14 - 00015974 _____ () C:\Users\Jon Lowry\Downloads\arrr-matey-bb.zip
    2015-01-26 22:04 - 2015-01-26 21:05 - 00000000 ____D () C:\f8e8ddfd1a907b9ad5
    2015-01-26 21:10 - 2015-02-18 21:25 - 01321663 _____ () C:\Windows\WindowsUpdate.log
    2015-01-26 13:24 - 2015-01-26 13:24 - 00001164 _____ () C:\Users\Jon Lowry\Desktop\Continue File Opener Installation.lnk
    2015-01-26 13:12 - 2015-01-26 21:33 - 00000000 ____D () C:\Users\Jon Lowry\Documents\My Kindle Content
    2015-01-26 13:12 - 2015-01-26 13:17 - 00002254 _____ () C:\Users\Jon Lowry\Desktop\Kindle.lnk
    2015-01-26 13:12 - 2015-01-26 13:16 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Amazon
    2015-01-26 13:12 - 2015-01-26 13:12 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-18 22:16 - 2014-04-28 11:21 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Geeks To Go
    2015-02-18 22:13 - 2013-01-15 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-18 21:50 - 2014-12-02 16:35 - 00002166 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-02-18 21:48 - 2013-04-13 13:35 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Carla's stuff
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spotify
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Spotify
    2015-02-18 21:41 - 2011-06-10 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-18 21:37 - 2013-08-21 12:56 - 00000000 ____D () C:\AdwCleaner
    2015-02-18 21:35 - 2011-02-14 16:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-02-18 21:34 - 2011-07-05 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-18 21:32 - 2011-03-28 14:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Azureus
    2015-02-18 21:29 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:29 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:27 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2015-02-18 21:24 - 2013-12-10 19:06 - 00000000 ____D () C:\FRST
    2015-02-18 21:24 - 2013-09-06 14:42 - 00000000 ___RD () C:\Users\Jon Lowry\Dropbox
    2015-02-18 21:24 - 2013-09-05 00:05 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Dropbox
    2015-02-18 21:21 - 2013-09-26 17:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-02-18 21:20 - 2014-04-24 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-18 21:19 - 2014-07-28 17:49 - 00000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2015-02-18 21:18 - 2014-10-27 18:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-18 21:18 - 2009-07-13 21:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-02-18 21:18 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-18 21:18 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
    2015-02-18 21:17 - 2014-12-11 12:46 - 00005002 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier
    2015-02-13 12:02 - 2014-11-16 00:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-13 12:00 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Kraken's Revenge
    2015-02-13 12:00 - 2014-12-12 10:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions
    2015-02-13 11:59 - 2009-07-13 20:45 - 05043504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-13 11:57 - 2014-12-18 11:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-13 11:57 - 2014-05-10 23:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-13 11:38 - 2009-07-13 18:34 - 00000615 _____ () C:\Windows\win.ini
    2015-02-13 11:29 - 2013-07-11 03:13 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-13 11:13 - 2011-02-02 11:59 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-12 16:41 - 2014-12-22 14:07 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job
    2015-02-12 16:19 - 2013-06-07 11:46 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\HpUpdate
    2015-02-10 12:37 - 2010-07-15 11:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-10 12:26 - 2013-09-06 14:41 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-10 12:26 - 2012-03-01 13:57 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Calibre Library
    2015-02-09 12:41 - 2011-11-22 06:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2015-02-08 12:59 - 2012-03-01 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2015-02-08 12:53 - 2012-03-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Calibre2
    2015-02-07 15:35 - 2014-12-28 20:46 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-06 12:13 - 2013-01-15 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-06 12:13 - 2013-01-15 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-06 12:13 - 2011-05-18 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-06 11:42 - 2013-11-01 22:17 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Outlook Files
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-02 13:31 - 2014-12-28 20:45 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2015-02-02 13:15 - 2014-12-28 20:46 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-01-30 17:46 - 2009-07-13 21:13 - 00006774 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-28 10:11 - 2011-01-23 02:26 - 00134176 _____ () C:\Users\Jon Lowry\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-26 13:21 - 2014-12-28 20:45 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2015-01-23 11:47 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-01-19 10:41 - 2014-12-22 14:07 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJon Lowry
     
    ==================== Files in the root of some directories =======
     
    2015-01-07 13:27 - 2015-01-07 13:27 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2012-03-18 15:06 - 2014-12-27 02:54 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2011-05-16 19:50 - 2011-10-31 21:18 - 0001854 _____ () C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
    2012-05-19 07:48 - 2013-01-24 06:08 - 0870128 _____ () C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
    2012-12-22 19:20 - 2013-07-12 23:19 - 0007859 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
    2012-12-22 19:20 - 2013-07-12 23:19 - 0001167 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
    2012-12-22 19:20 - 2013-07-12 23:19 - 0000055 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.log
    2012-12-22 19:20 - 2013-07-12 23:19 - 0082816 _____ (VSO Software) C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
    2014-07-28 17:49 - 2015-02-18 21:19 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2013-08-10 21:39 - 2013-08-12 05:44 - 0031644 _____ () C:\Users\Jon Lowry\AppData\Local\av.log
    2014-12-12 10:37 - 2014-12-12 10:37 - 0000064 _____ () C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
    2013-01-04 20:12 - 2013-08-07 02:07 - 0006144 _____ () C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-28 20:44 - 2014-12-28 20:44 - 0234679 _____ () C:\Users\Jon Lowry\AppData\Local\dsi1.dat
    2014-12-28 20:44 - 2014-12-28 20:44 - 0161916 _____ () C:\Users\Jon Lowry\AppData\Local\dsi2.dat
    2011-12-23 15:12 - 2011-12-23 15:12 - 0000097 _____ () C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
    2011-03-28 14:38 - 2011-03-28 14:38 - 0000032 _____ () C:\Users\Jon Lowry\AppData\Local\xobni_installer_updater.log
    2011-01-29 10:50 - 2014-05-19 20:55 - 0000124 ___SH () C:\ProgramData\.zreglib
    2011-01-24 11:22 - 2014-09-13 11:07 - 0027386 _____ () C:\ProgramData\hpzinstall.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-15 13:11 - 2010-07-15 13:12 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-15 13:07 - 2010-07-15 13:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-15 13:06 - 2010-07-15 13:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-15 13:07 - 2010-07-15 13:11 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
     
    Some content of TEMP:
    ====================
    C:\Users\Jon Lowry\AppData\Local\Temp\certutil.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj81da.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\msvcr71.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nspr4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nss3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plc4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plds4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\Quarantine.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\smime3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\softokn3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
    Ran by Jon Lowry at 2015-02-18 21:27:24
    Running from C:\Users\JON LOWRY\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    3D Home Architect Home Design Deluxe 6 (HKLM-x32\...\InstallShield_{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}) (Version: 6.00.0000 - Broderbund)
    3D Home Architect Home Design Deluxe 6 (x32 Version: 6.00.0000 - Broderbund) Hidden
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
    Akamai NetSession Interface (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.9.0 - SlySoft)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.62.196 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.62.196 - SonicWALL Inc) Hidden
    Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.320 - SonicWALL Aventail)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
    Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Browser Extensions (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    calibre (HKLM-x32\...\{7C1B7566-C44C-4436-B08D-636337C7C665}) (Version: 2.19.0 - Kovid Goyal)
    Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support Active Optimization (HKLM-x32\...\{63801EFF-1F3D-4D53-A9B4-25A2061CF3E2}) (Version: 1.0.4.7818 - PC Drivers HeadQuarters LP)
    Dropbox (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Extended Update (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
    Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
    Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
    Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    Image Composite Editor (HKLM\...\{380B7D01-4411-4D5D-AB9A-2A12FA315481}) (Version: 2.0.2 - Microsoft Corporation)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
    MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
    Mplayer 0.6.9 (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nidesoft DVD to AVI Converter Platinum v5.0 (HKLM-x32\...\Nidesoft DVD to AVI Converter Platinum_is1) (Version:  - Nidesoft Studio)
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
    QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spotify (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Stitch Era Universal (HKLM-x32\...\{117221E4-6B20-4595-BCF8-286468364B57}) (Version: 11.30 - Sierra Technology Group SA)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Unity Web Player (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
    WinImage (HKLM-x32\...\WinImage) (Version:  - )
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
    WinX DVD Author 6.3 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
    WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{8b2299d9-a6ce-4697-954f-718188b26cf6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{cd203956-34d7-406f-978b-3ff3c677708c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Restore Points  =========================
     
    13-02-2015 12:09:27 Windows Update
    13-02-2015 12:22:47 Removed service pack backup files
    18-02-2015 21:19:13 Windows Update
    18-02-2015 21:31:41 Removed Skype Click to Call
    18-02-2015 21:31:48 Windows Update
    18-02-2015 21:33:16 Windows Update
    18-02-2015 21:35:48 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-02-07 00:31 - 2014-11-12 08:13 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {01B68D5A-8E09-4A29-9387-DA754C41BD4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {1F09685D-CAD9-4E68-946B-B50B5A191459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {43F7265C-490F-4AA9-8B69-02F9F833D97A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {49F735B7-D4AC-47E8-A64B-6E89A93969E8} - System32\Tasks\{7B76C20D-C73E-4650-908C-05C9FA248705} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65900
    Task: {4F5A0FE5-2186-4857-AAE6-91B0862813D9} - System32\Tasks\AdobeAAMUpdater-1.0-JonLowry-HP-Jon Lowry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {70A3A76A-8A55-492C-9AC2-01CCE7F4FE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {73C09C2B-B3BE-4A72-AB85-EA3D923BB7CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
    Task: {7FB07DDB-2792-4DE2-9210-A87BA1C86AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {837D8611-791E-4150-9C7D-732943BD4ACA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
    Task: {A3E483DF-5EE2-495D-B541-F69C269639DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {A986945B-2301-4B1D-A825-A862F3670DD8} - System32\Tasks\{F967C586-0347-4CC0-A8D0-5FFDB5547DF0} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B57B8587-1A4E-4B67-A4C8-33074EE6FC52} - System32\Tasks\{295CD046-BB03-4242-9AC9-352599CCE0B9} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {CAD644F0-F30D-4FC3-AAB5-2B883CB6B5EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {CB34AF4D-833E-4E58-A665-4B1B5308AB05} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {D621DF4F-A224-4B17-A4BB-9D0185802320} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {E038FBBD-C5A9-4CC0-9E27-461A3131A519} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {E582A659-33D1-442B-9A8A-78D1F4079EFD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
    Task: {F21DAA86-822C-41EC-BEAA-E66E67DE2F16} - System32\Tasks\HPCeeScheduleForJon Lowry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {F3BA2ECB-51CD-4D63-9876-9E4500693B5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {F438A944-39F2-4DB5-9518-08D8D99EA88B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F800B797-8F84-4A00-A941-01C35959EC2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
    Task: {FA93F109-BB75-4A50-871F-313583F9CDB2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WOLFLING => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2013-04-12 10:31 - 2013-04-12 10:31 - 00234280 _____ () C:\Windows\ngmsi.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2011-02-08 15:31 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
    2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2015-02-18 21:23 - 2015-02-18 21:23 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15022700\algo.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2011-03-21 10:57 - 2011-03-21 10:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-12-02 16:34 - 2014-12-02 16:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-24 11:20 - 2014-10-24 11:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\da40cdf070dc5174aa4c9319ddc006da\IsdiInterop.ni.dll
    2010-12-27 14:13 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 68.105.28.12 - 68.105.29.12
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: (default) => 
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-538650268-2924358156-1730836174-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-538650268-2924358156-1730836174-1005 - Limited - Enabled)
    Guest (S-1-5-21-538650268-2924358156-1730836174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-538650268-2924358156-1730836174-1002 - Limited - Enabled)
    Jon Lowry (S-1-5-21-538650268-2924358156-1730836174-1000 - Administrator - Enabled) => C:\Users\Jon Lowry
    Mcx1-WOLFLING (S-1-5-21-538650268-2924358156-1730836174-1009 - Limited - Enabled) => C:\Users\Mcx1-WOLFLING.WOLFLING
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Deskjet F4500 series
    Description: Deskjet F4500 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/18/2015 09:22:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program RUNDLL32.EXE version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
     
    Process ID: 8c8
     
    Start Time: 01d04c03baf9406a
     
    Termination Time: 16
     
    Application Path: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
     
    Report Id:
     
    Error: (02/18/2015 09:21:54 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 - Update 'Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
     
    Error: (02/18/2015 09:21:32 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE32\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.
     
    Error: (02/18/2015 09:38:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 - Update 'Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
     
    Error: (02/18/2015 09:38:01 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE32\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.
     
     
    System errors:
    =============
    Error: (02/18/2015 09:21:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:20:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:18:18 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 9:53:01 PM on ‎2/‎18/‎2015 was unexpected.
     
    Error: (02/18/2015 09:18:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:19:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:19:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:19:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 
    %%1053
     
    Error: (02/18/2015 09:19:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
     
    Error: (02/18/2015 09:18:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:21:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (02/18/2015 09:22:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: RUNDLL32.EXE6.1.7600.163858c801d04c03baf9406a16C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
     
    Error: (02/18/2015 09:21:54 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
    Description: Microsoft Office Professional Plus 2013Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition1603(NULL)(NULL)(NULL)
     
    Error: (02/18/2015 09:21:32 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE32\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)
     
    Error: (02/18/2015 09:38:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
    Description: Microsoft Office Professional Plus 2013Update for Microsoft Lync 2013 (KB2920744) 64-Bit Edition1603(NULL)(NULL)(NULL)
     
    Error: (02/18/2015 09:38:01 PM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
    Description: Product: Microsoft Office Professional Plus 2013 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE32\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2013-12-06 15:01:19.260
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.949
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.621
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.279
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.642
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.455
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.284
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.680
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.508
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 43%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 2198.8 MB
    Total Pagefile: 7785.91 MB
    Available Pagefile: 5854.35 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
     
    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 18/02/2015 9:23:10 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:20:06 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:02 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Log: 'System' Date/Time: 19/02/2015 5:23:06 AM
    Type: Error Category: 0
    Event: 7023 Source: Service Control Manager
    The Intel® Management & Security Application User Notification Service service terminated with the following error:  %%-2147467243
     
    Log: 'System' Date/Time: 19/02/2015 5:19:56 AM
    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 19/02/2015 5:18:22 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:22:58 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:22:58 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     
    Log: 'System' Date/Time: 19/02/2015 5:18:23 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
     
    Log: 'System' Date/Time: 19/02/2015 5:41:12 AM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped. 
     
    Log: 'System' Date/Time: 19/02/2015 5:41:12 AM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll 
     
    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 18/02/2015 9:24:46 PM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 19/02/2015 5:22:51 AM
    Type: Warning Category: 0
    Event: 1530 Source: Microsoft-Windows-User Profiles Service
    Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-538650268-2924358156-1730836174-1000_Classes:
    Process 3644 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\avastui.exe) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000_CLASSES
     
     
    Log: 'Application' Date/Time: 19/02/2015 5:22:51 AM
    Type: Warning Category: 0
    Event: 1530 Source: Microsoft-Windows-User Profiles Service
    Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   5 user registry handles leaked from \Registry\User\S-1-5-21-538650268-2924358156-1730836174-1000:
    Process 3644 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\avastui.exe) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000
    Process 528 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\SystemCertificates\My
    Process 528 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\SystemCertificates\My
    Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\SystemCertificates\My
    Process 3000 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\SystemCertificates\My
     
     
     

     


    • 0

    #12
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    Look in the bottom right of your desktop.  You should see the clock.  Are the time and date correct?  Your last post shows a date of a week ago on the log so something odd is going on.


    • 0

    #13
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts

    the date won't stay set because the CMOS battery is dead.


    • 0

    #14
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    You need to get that fixed or remember to always set the time and date when you run it.  The time is very important when you try to connect to a secure website.

     

    Also do you know what this file is supposed to be for?

     

    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)

     

    Adaptec seems to install it for EZ-SCSI but your version is hopelessly out of date and I can't see why you should have it.  It's not working anyway.  

     

    Log: 'System' Date/Time: 19/02/2015 5:19:56 AM

    Type: Error Category: 0
    Event: 7026 Source: Service Control Manager
    The following boot-start or system-start driver(s) failed to load:  ASPI32
     
    Log: 'System' Date/Time: 19/02/2015 5:18:01 AM
    Type: Error Category: 0
    Event: 1060 Source: Application Popup
    \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     

     

     
     
    Let's uninstall it with FRST.
     
     
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

    • 0

    #15
    skandranon1971

    skandranon1971

      Member

    • Topic Starter
    • Member
    • PipPip
    • 64 posts
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
    Ran by Jon Lowry at 2015-02-18 21:24:59 Run:6
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
     
     
     
    *****************
     
    ASPI32 => Service deleted successfully.
     
    ==== End of Fixlog 21:24:59 ====
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
    Ran by Jon Lowry (administrator) on CARLAGROETZMEIE on 01-03-2015 09:41:11
    Running from C:\Users\JON LOWRY\Desktop
    Loaded Profiles: Jon Lowry (Available profiles: Jon Lowry & Mcx1-WOLFLING)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\sdclt.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2011-02-22] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-02-05] (Crawler Group)
    HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-02-05] (Crawler Group)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
    HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {CB469F30-480D-4846-B7EB-63F186F828BD} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-538650268-2924358156-1730836174-1000 -> DefaultScope {89E5D4A6-A38F-4D4C-87DF-EE09063A18EA} URL = 
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jon Lowry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKU\S-1-5-21-538650268-2924358156-1730836174-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jon Lowry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jon Lowry\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
    FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-06-04]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected]936311db9.com [Not Found]
    FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\[email protected] [Not Found]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://google.com/
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-08]
    CHR Extension: (YouTube) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-08]
    CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-08]
    CHR Extension: (Avast Online Security) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-08]
    CHR Extension: (Google Wallet) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
    CHR Extension: (Gmail) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-08]
    CHR HKU\S-1-5-21-538650268-2924358156-1730836174-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-07]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-02-09] (Perfect World Entertainment Inc)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-01-28] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent) [File not signed]
    R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [534824 2013-04-12] (Aventail Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-26] (Enigma Software Group USA, LLC.)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
    R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125512 2010-12-01] (SlySoft, Inc.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-02] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-02] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-02] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-02] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-02] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-02] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-02] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-02] ()
    R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-26] (Enigma Software Group USA, LLC.)
    S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-13] (Malwarebytes Corporation)
    S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2013-04-12] (Aventail Corporation)
    R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2013-04-12] (Aventail Corporation)
    R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2013-04-12] (Aventail Corporation)
    R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2013-04-12] (Aventail Corporation)
    R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) [File not signed]
    R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-01 09:41 - 2015-03-01 09:43 - 00025504 _____ () C:\Users\Jon Lowry\Desktop\FRST.txt
    2015-02-18 22:11 - 2015-02-18 21:24 - 00002569 _____ () C:\VEW.txt
    2015-02-18 22:08 - 2015-02-18 22:08 - 00061440 _____ ( ) C:\Users\Jon Lowry\Desktop\VEW.exe
    2015-02-18 21:44 - 2015-01-22 20:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-02-18 21:44 - 2015-01-22 19:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-02-18 21:44 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-02-18 21:34 - 2015-02-18 21:24 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\FRST-OlderVersion
    2015-02-18 21:31 - 2015-01-08 19:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2015-02-18 21:31 - 2015-01-08 19:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2015-02-18 21:31 - 2015-01-08 19:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2015-02-18 21:31 - 2015-01-08 18:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
    2015-02-18 21:30 - 2015-02-18 21:24 - 02092544 _____ (Farbar) C:\Users\Jon Lowry\Desktop\FRST64.exe
    2015-02-18 21:29 - 2015-02-18 21:29 - 01388274 _____ (Thisisu) C:\Users\Jon Lowry\Desktop\JRT.exe
    2015-02-18 21:26 - 2015-02-18 21:26 - 02126848 _____ () C:\Users\Jon Lowry\Desktop\AdwCleaner.exe
    2015-02-18 21:25 - 2015-02-18 21:25 - 00002569 _____ () C:\Users\Jon Lowry\Desktop\VEW_app.txt
    2015-02-18 21:24 - 2015-02-18 21:24 - 00003130 _____ () C:\Users\Jon Lowry\Desktop\VEW_sys.txt
    2015-02-18 21:18 - 2015-02-18 21:18 - 00000580 _____ () C:\Windows\PFRO.log
    2015-02-13 12:17 - 2015-02-18 21:25 - 00000000 ____D () C:\ProgramData\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spyware Terminator
    2015-02-13 12:17 - 2015-02-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
    2015-02-13 12:16 - 2015-02-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
    2015-02-13 11:57 - 2015-02-18 21:18 - 00002856 _____ () C:\Windows\setupact.log
    2015-02-13 11:57 - 2015-02-13 11:57 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-12 16:28 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-12 16:28 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-12 16:28 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-12 16:28 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-12 16:28 - 2015-01-13 21:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-13 21:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-02-12 16:28 - 2015-01-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-02-12 16:28 - 2015-01-11 18:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 18:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-02-12 16:28 - 2015-01-11 18:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 18:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-02-12 16:28 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-02-12 16:28 - 2015-01-11 18:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-02-12 16:28 - 2015-01-11 18:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-02-12 16:28 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-02-12 16:28 - 2015-01-11 18:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-02-12 16:28 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-02-12 16:28 - 2015-01-11 18:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-02-12 16:28 - 2015-01-11 18:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-02-12 16:28 - 2015-01-11 17:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-02-12 16:28 - 2015-01-11 17:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-02-12 16:28 - 2015-01-11 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-02-12 16:28 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-02-12 16:28 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-02-12 16:28 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-02-12 16:28 - 2015-01-11 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-02-12 16:28 - 2015-01-11 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-02-12 16:28 - 2015-01-11 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-02-12 16:28 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-02-12 16:28 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-02-12 16:28 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-02-12 16:28 - 2015-01-11 17:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-02-12 16:28 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-02-12 16:28 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-02-12 16:28 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-02-12 16:28 - 2015-01-09 22:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-02-12 16:27 - 2015-01-15 00:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-02-12 16:27 - 2015-01-15 00:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-02-12 16:27 - 2015-01-15 00:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-02-12 16:27 - 2015-01-15 00:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-02-12 16:27 - 2015-01-15 00:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-02-12 16:27 - 2015-01-15 00:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-02-12 16:27 - 2015-01-15 00:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-02-12 16:27 - 2015-01-15 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-02-12 16:27 - 2015-01-15 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 23:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-02-12 16:27 - 2015-01-14 23:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-02-12 16:27 - 2015-01-14 23:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-02-12 16:27 - 2015-01-14 23:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-02-12 16:27 - 2015-01-14 23:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-02-12 16:27 - 2015-01-14 20:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-02-12 16:27 - 2015-01-12 19:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-12 18:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-02-12 16:27 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-02-12 16:27 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-02-12 16:27 - 2015-01-11 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-02-12 16:27 - 2014-12-11 21:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-02-12 16:27 - 2014-12-11 21:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-02-12 16:27 - 2014-07-06 18:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 18:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-02-12 16:27 - 2014-07-06 17:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-02-12 16:26 - 2015-01-13 22:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-12 16:26 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2015-02-12 16:26 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2015-02-12 16:26 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2015-02-12 16:26 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-02-12 16:25 - 2015-01-13 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-02-12 16:25 - 2015-01-13 22:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-12 16:25 - 2015-01-13 21:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-12 16:25 - 2015-01-13 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-02-12 16:24 - 2015-01-08 18:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-10 12:45 - 2015-02-13 11:58 - 00000000 ____D () C:\Program Files (x86)\Star Trek Online_en
    2015-02-10 12:42 - 2015-02-10 12:45 - 00000000 ___HD () C:\ArcTemp
    2015-02-10 12:39 - 2015-02-10 12:42 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Arc
    2015-02-10 12:39 - 2015-02-10 12:39 - 00000000 ____D () C:\Users\Public\Documents\Arc
    2015-02-10 12:37 - 2015-02-12 16:11 - 00000000 ____D () C:\Program Files (x86)\Arc
    2015-02-10 12:37 - 2015-02-10 12:45 - 00001873 _____ () C:\Users\Public\Desktop\Star Trek Online.lnk
    2015-02-10 12:37 - 2015-02-10 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
    2015-02-10 12:37 - 2015-02-10 12:37 - 00001588 _____ () C:\Users\Public\Desktop\Arc.lnk
    2015-02-10 12:35 - 2015-02-10 12:35 - 00000000 ____D () C:\Users\Jon Lowry\Downloads\Log
    2015-02-10 12:33 - 2015-02-10 12:33 - 01294088 _____ (Mojang) C:\Users\Jon Lowry\Desktop\Minecraft.exe
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2015-02-10 12:17 - 2015-02-10 12:17 - 00000000 ____D () C:\Program Files\Microsoft Research
    2015-02-10 12:13 - 2015-02-10 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-06 12:13 - 2015-02-06 12:13 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2015-02-06 11:45 - 2015-02-06 11:45 - 00000000 __SHD () C:\Users\Jon Lowry\AppData\Local\EmieBrowserModeList
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-01 09:41 - 2015-01-26 21:10 - 01341477 _____ () C:\Windows\WindowsUpdate.log
    2015-03-01 09:41 - 2013-12-10 19:06 - 00000000 ____D () C:\FRST
    2015-02-18 22:13 - 2013-01-15 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-18 21:50 - 2014-12-02 16:35 - 00002166 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-02-18 21:48 - 2013-04-13 13:35 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Carla's stuff
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Spotify
    2015-02-18 21:46 - 2013-04-23 20:07 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\Spotify
    2015-02-18 21:41 - 2011-06-10 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-18 21:37 - 2013-08-21 12:56 - 00000000 ____D () C:\AdwCleaner
    2015-02-18 21:35 - 2011-02-14 16:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-02-18 21:34 - 2011-07-05 00:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-02-18 21:32 - 2011-03-28 14:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Azureus
    2015-02-18 21:31 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:31 - 2009-07-13 20:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-18 21:27 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2015-02-18 21:24 - 2013-09-06 14:42 - 00000000 ___RD () C:\Users\Jon Lowry\Dropbox
    2015-02-18 21:24 - 2013-09-05 00:05 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Dropbox
    2015-02-18 21:22 - 2014-04-28 11:21 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Geeks To Go
    2015-02-18 21:21 - 2014-04-24 17:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-02-18 21:21 - 2013-09-26 17:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-02-18 21:19 - 2014-10-27 18:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-18 21:19 - 2014-07-28 17:49 - 00000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2015-02-18 21:18 - 2009-07-13 21:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-02-18 21:18 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-18 21:18 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
    2015-02-18 21:17 - 2014-12-11 12:46 - 00005002 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier
    2015-02-13 12:02 - 2014-11-16 00:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-13 12:00 - 2014-12-28 20:42 - 00000000 ____D () C:\Users\Jon Lowry\Desktop\Kraken's Revenge
    2015-02-13 12:00 - 2014-12-12 10:36 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\BrowserExtensions
    2015-02-13 11:59 - 2009-07-13 20:45 - 05043504 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-13 11:57 - 2014-12-18 11:37 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-13 11:57 - 2014-05-10 23:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-13 11:38 - 2009-07-13 18:34 - 00000615 _____ () C:\Windows\win.ini
    2015-02-13 11:29 - 2013-07-11 03:13 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-13 11:13 - 2011-02-02 11:59 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-12 16:41 - 2014-12-22 14:07 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job
    2015-02-12 16:19 - 2013-06-07 11:46 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\HpUpdate
    2015-02-10 12:37 - 2010-07-15 11:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-10 12:26 - 2013-09-06 14:41 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-10 12:26 - 2012-03-01 13:57 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Calibre Library
    2015-02-09 12:41 - 2011-11-22 06:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2015-02-08 12:59 - 2012-03-01 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2015-02-08 12:53 - 2012-03-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Calibre2
    2015-02-07 15:35 - 2014-12-28 20:46 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-06 12:13 - 2013-01-15 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-06 12:13 - 2013-01-15 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-06 12:13 - 2011-05-18 04:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-06 11:42 - 2013-11-01 22:17 - 00000000 ____D () C:\Users\Jon Lowry\Documents\Outlook Files
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-06 10:36 - 2011-06-10 17:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-02 13:31 - 2014-12-28 20:45 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
    2015-02-02 13:15 - 2014-12-28 20:46 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-01-30 17:46 - 2009-07-13 21:13 - 00006774 _____ () C:\Windows\system32\PerfStringBackup.INI
     
    ==================== Files in the root of some directories =======
     
    2015-01-07 13:27 - 2015-01-07 13:27 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe GIF Format CS5 Prefs
    2012-03-18 15:06 - 2014-12-27 02:54 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2011-05-16 19:50 - 2011-10-31 21:18 - 0001854 _____ () C:\Users\Jon Lowry\AppData\Roaming\GhostObjGAFix.xml
    2012-05-19 07:48 - 2013-01-24 06:08 - 0870128 _____ () C:\Users\Jon Lowry\AppData\Roaming\mcs.rma
    2012-12-22 19:20 - 2013-07-12 23:19 - 0007859 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.cat
    2012-12-22 19:20 - 2013-07-12 23:19 - 0001167 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.inf
    2012-12-22 19:20 - 2013-07-12 23:19 - 0000055 _____ () C:\Users\Jon Lowry\AppData\Roaming\pcouffin.log
    2012-12-22 19:20 - 2013-07-12 23:19 - 0082816 _____ (VSO Software) C:\Users\Jon Lowry\AppData\Roaming\pcouffin.sys
    2014-07-28 17:49 - 2015-02-18 21:19 - 0000132 _____ () C:\Users\Jon Lowry\AppData\Roaming\WB.CFG
    2013-08-10 21:39 - 2013-08-12 05:44 - 0031644 _____ () C:\Users\Jon Lowry\AppData\Local\av.log
    2014-12-12 10:37 - 2014-12-12 10:37 - 0000064 _____ () C:\Users\Jon Lowry\AppData\Local\c843f8600d3401143928086522c2304b
    2013-01-04 20:12 - 2013-08-07 02:07 - 0006144 _____ () C:\Users\Jon Lowry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-28 20:44 - 2014-12-28 20:44 - 0234679 _____ () C:\Users\Jon Lowry\AppData\Local\dsi1.dat
    2014-12-28 20:44 - 2014-12-28 20:44 - 0161916 _____ () C:\Users\Jon Lowry\AppData\Local\dsi2.dat
    2011-12-23 15:12 - 2011-12-23 15:12 - 0000097 _____ () C:\Users\Jon Lowry\AppData\Local\fusioncache.dat
    2011-03-28 14:38 - 2011-03-28 14:38 - 0000032 _____ () C:\Users\Jon Lowry\AppData\Local\xobni_installer_updater.log
    2011-01-29 10:50 - 2014-05-19 20:55 - 0000124 ___SH () C:\ProgramData\.zreglib
    2011-01-24 11:22 - 2014-09-13 11:07 - 0027386 _____ () C:\ProgramData\hpzinstall.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-15 13:11 - 2010-07-15 13:12 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-15 13:07 - 2010-07-15 13:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-12-27 14:22 - 2010-12-27 14:22 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-15 13:06 - 2010-07-15 13:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-15 13:07 - 2010-07-15 13:11 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-12-27 14:23 - 2010-12-27 14:23 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
     
    Some content of TEMP:
    ====================
    C:\Users\Jon Lowry\AppData\Local\Temp\certutil.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj81da.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\msvcr71.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nspr4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\nss3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plc4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\plds4.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\Quarantine.exe
    C:\Users\Jon Lowry\AppData\Local\Temp\smime3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\softokn3.dll
    C:\Users\Jon Lowry\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
    Ran by Jon Lowry at 2015-03-01 09:46:24
    Running from C:\Users\JON LOWRY\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    3D Home Architect Home Design Deluxe 6 (HKLM-x32\...\InstallShield_{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}) (Version: 6.00.0000 - Broderbund)
    3D Home Architect Home Design Deluxe 6 (x32 Version: 6.00.0000 - Broderbund) Hidden
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Aimersoft DRM Media Converter(Build 1.4.7.2) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)
    Akamai NetSession Interface (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.9.0 - SlySoft)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.62.196 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.62.196 - SonicWALL Inc) Hidden
    Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.62.320 - SonicWALL Aventail)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
    Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Browser Extensions (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    calibre (HKLM-x32\...\{7C1B7566-C44C-4436-B08D-636337C7C665}) (Version: 2.19.0 - Kovid Goyal)
    Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support Active Optimization (HKLM-x32\...\{63801EFF-1F3D-4D53-A9B4-25A2061CF3E2}) (Version: 1.0.4.7818 - PC Drivers HeadQuarters LP)
    Dropbox (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Extended Update (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Family Tree Maker 2011 (HKLM-x32\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
    Family Tree Maker 2011 (x32 Version: 20.0.368 - Ancestry.com) Hidden
    Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
    Family Tree Maker 2012 (x32 Version: 21.0.388 - Ancestry.com, Inc.) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    Image Composite Editor (HKLM\...\{380B7D01-4411-4D5D-AB9A-2A12FA315481}) (Version: 2.0.2 - Microsoft Corporation)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
    MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
    Mplayer 0.6.9 (HKLM-x32\...\Mplayer) (Version: 0.6.9 - )
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nidesoft DVD to AVI Converter Platinum v5.0 (HKLM-x32\...\Nidesoft DVD to AVI Converter Platinum_is1) (Version:  - Nidesoft Studio)
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
    QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
    Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RIFT (HKLM-x32\...\Glyph RIFT) (Version:  - Trion Worlds, Inc.)
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spotify (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
    Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    Stitch Era Universal (HKLM-x32\...\{117221E4-6B20-4595-BCF8-286468364B57}) (Version: 11.30 - Sierra Technology Group SA)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Unity Web Player (HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
    WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
    WinImage (HKLM-x32\...\WinImage) (Version:  - )
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
    WinX DVD Author 6.3 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
    WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jon Lowry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{8b2299d9-a6ce-4697-954f-718188b26cf6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-538650268-2924358156-1730836174-1000_Classes\CLSID\{cd203956-34d7-406f-978b-3ff3c677708c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Restore Points  =========================
     
    13-02-2015 12:09:27 Windows Update
    13-02-2015 12:22:47 Removed service pack backup files
    18-02-2015 21:19:13 Windows Update
    18-02-2015 21:31:41 Removed Skype Click to Call
    18-02-2015 21:31:48 Windows Update
    18-02-2015 21:33:16 Windows Update
    18-02-2015 21:35:48 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-02-07 00:31 - 2014-11-12 08:13 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {01B68D5A-8E09-4A29-9387-DA754C41BD4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {1F09685D-CAD9-4E68-946B-B50B5A191459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {43F7265C-490F-4AA9-8B69-02F9F833D97A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {49F735B7-D4AC-47E8-A64B-6E89A93969E8} - System32\Tasks\{7B76C20D-C73E-4650-908C-05C9FA248705} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/65900
    Task: {4F5A0FE5-2186-4857-AAE6-91B0862813D9} - System32\Tasks\AdobeAAMUpdater-1.0-JonLowry-HP-Jon Lowry => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {70A3A76A-8A55-492C-9AC2-01CCE7F4FE56} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {73C09C2B-B3BE-4A72-AB85-EA3D923BB7CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
    Task: {7FB07DDB-2792-4DE2-9210-A87BA1C86AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {837D8611-791E-4150-9C7D-732943BD4ACA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
    Task: {A3E483DF-5EE2-495D-B541-F69C269639DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {A986945B-2301-4B1D-A825-A862F3670DD8} - System32\Tasks\{F967C586-0347-4CC0-A8D0-5FFDB5547DF0} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {B57B8587-1A4E-4B67-A4C8-33074EE6FC52} - System32\Tasks\{295CD046-BB03-4242-9AC9-352599CCE0B9} => C:\Program Files (x86)\NetDragon\ZeroOnline\play.exe
    Task: {CAD644F0-F30D-4FC3-AAB5-2B883CB6B5EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {CB34AF4D-833E-4E58-A665-4B1B5308AB05} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jon Lowry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {D621DF4F-A224-4B17-A4BB-9D0185802320} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {E038FBBD-C5A9-4CC0-9E27-461A3131A519} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {E582A659-33D1-442B-9A8A-78D1F4079EFD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CARLAGROETZMEIE-Jon Lowry CarlaGroetzmeier => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
    Task: {F21DAA86-822C-41EC-BEAA-E66E67DE2F16} - System32\Tasks\HPCeeScheduleForJon Lowry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {F3BA2ECB-51CD-4D63-9876-9E4500693B5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {F438A944-39F2-4DB5-9518-08D8D99EA88B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F800B797-8F84-4A00-A941-01C35959EC2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
    Task: {FA93F109-BB75-4A50-871F-313583F9CDB2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WOLFLING => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJon Lowry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2013-04-12 10:31 - 2013-04-12 10:31 - 00234280 _____ () C:\Windows\ngmsi.dll
    2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2011-02-08 15:31 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\PROGRAM FILES (X86)\DIVX\DIVX UPDATE\DIVXUPDATE.EXE
    2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2015-02-18 21:24 - 2015-02-18 21:24 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15022801\algo.dll
    2015-02-18 21:23 - 2015-02-18 21:23 - 02913792 _____ () C:\Program Files\AVAST Software\Avast\defs\15030101\algo.dll
    2011-03-21 10:56 - 2011-03-21 10:56 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2011-03-21 10:57 - 2011-03-21 10:57 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-12-02 16:34 - 2014-12-02 16:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-10-24 11:20 - 2014-10-24 11:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\da40cdf070dc5174aa4c9319ddc006da\IsdiInterop.ni.dll
    2010-12-27 14:13 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-538650268-2924358156-1730836174-1000\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 68.105.28.12 - 68.105.29.12
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: (default) => 
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-538650268-2924358156-1730836174-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-538650268-2924358156-1730836174-1005 - Limited - Enabled)
    Guest (S-1-5-21-538650268-2924358156-1730836174-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-538650268-2924358156-1730836174-1002 - Limited - Enabled)
    Jon Lowry (S-1-5-21-538650268-2924358156-1730836174-1000 - Administrator - Enabled) => C:\Users\Jon Lowry
    Mcx1-WOLFLING (S-1-5-21-538650268-2924358156-1730836174-1009 - Limited - Enabled) => C:\Users\Mcx1-WOLFLING.WOLFLING
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Deskjet F4500 series
    Description: Deskjet F4500 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service: 
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
    Error: (02/18/2015 09:20:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:20:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:18:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:18:35 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 9:43:16 PM on ‎2/‎18/‎2015 was unexpected.
     
    Error: (02/18/2015 09:21:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:21:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
     
    Error: (02/18/2015 09:18:53 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 9:45:14 PM on ‎2/‎18/‎2015 was unexpected.
     
    Error: (02/18/2015 09:18:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
    Error: (02/18/2015 09:20:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load: 
    ASPI32
     
    Error: (02/18/2015 09:18:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
     
     
    Microsoft Office Sessions:
    =========================
     
    CodeIntegrity Errors:
    ===================================
      Date: 2013-12-06 15:01:19.260
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.949
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.621
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-12-06 15:01:18.279
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.642
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.455
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 17:07:34.284
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.680
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2013-09-01 16:55:57.508
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 47%
    Total physical RAM: 3893.86 MB
    Available physical RAM: 2034.51 MB
    Total Pagefile: 7785.91 MB
    Available Pagefile: 5223.08 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
     
     

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP