Thanks essexboy, here are the attachments
FRST.txt 52.79KB
128 downloads
Addition.txt 64.88KB
265 downloadsScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by sheryl29 (administrator) on SHERYL29-NERD on 22-02-2015 18:21:38
Running from C:\Users\sheryl29\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8G9N5KN
Loaded Profiles: sheryl29 (Available profiles: sheryl29 & Administrator & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
(Sony Corporation) C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
() C:\Users\sheryl29\AppData\Roaming\VOPackage\VOsrv.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
() C:\Program Files (x86)\grassmow\updategrassmow.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\SONY\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sony Corporation) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files\SONY\VAIO Care\ESRV\esrv_svc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Care\VCAdmin.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Care\VCAgent.exe
(BitTorrent, Inc.) C:\Users\sheryl29\Desktop\utorrent.exe
(Sony Corporation) C:\Program Files\SONY\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\SONY\VCM Manager Settings\VcmMgrNotification64.exe
() C:\Program Files (x86)\SweepTools PC Cleaner\PC Cleaner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Avanquest Software) C:\Program Files (x86)\SONY\Sony PC Companion\PCCService.exe
(Sony) C:\Program Files (x86)\SONY\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\SONY\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [fst_au_214] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Run: [uTorrent] => C:\Users\sheryl29\Desktop\utorrent.exe [399736 2011-05-02] (BitTorrent, Inc.)
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Run: [SpeedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Run: [AVG-Secure-Search-Update_1214avt] => C:\Users\sheryl29\AppData\Roaming\Avg_Update_1214avt\AVG-Secure-Search-Update_1214avt.exe /PROMPT /mid=2ddac6bead6347cdb3b021328d0cb64c-eda72383ce33b8c02cbe9c1b1aef95043567e879 /CMPID=1214avt
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Policies\system: [NoDispCPL] 0
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {115774c3-b48e-11df-bd54-f07bcbe85fbf} - G:\AutoRun.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {115774cf-b48e-11df-bd54-f07bcbe85fbf} - H:\AutoRun.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {12e2f86d-52a0-11e3-96da-544249609db6} - H:\Startme.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {73c9a46c-a203-11e2-9224-f07bcbe85fbf} - H:\Startme.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {a9e79584-c221-11df-813d-f07bcbe85fbf} - G:\AutoRun.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {a9e79588-c221-11df-813d-f07bcbe85fbf} - G:\AutoRun.exe
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {e5df9549-b8ab-11e0-9b40-f07bcbe85fbf} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\MountPoints2: {efcb0e1a-bf5e-11e2-ae9f-f07bcbe85fbf} - G:\Startme.exe
HKU\S-1-5-18\...\Run: [RegistryBooster] => "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs: C:\Users\sheryl29\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\sheryl29\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" File Not Found
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
ShortcutTarget: LimeWire On Startup.lnk -> C:\Program Files (x86)\LimeWire\LimeWire.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54653;https=127.0.0.1:54653
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.SearchAss...&m=639&c=d&s=spHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.SearchAss...&m=639&c=d&s=spHKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.istartsur...q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://www.istartsur...q={searchTerms}HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.SearchAss...&m=639&c=d&s=spHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.istartsur...6EQSXX50S5S6EQSHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.istartsur...q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.istartsur...q={searchTerms}HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.istartsur...q={searchTerms}HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.SearchAss...&m=639&c=d&s=spSearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =
http://www.SearchAss...&m=639&c=d&s=spSearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.searchass...sm=639&c=d&s=spSearchScopes: HKLM -> {BA1BE292-1D15-488B-934D-008742212380} URL =
http://www.SearchAss...&m=639&c=d&s=spSearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =
http://www.SearchAss...&m=639&c=d&s=spSearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
http://www.trovi.com...rchTerms}&SSPV=SearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.searchass...sm=639&c=d&s=spSearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
http://www.istartsur...q={searchTerms}SearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> {7E4BF3FD-0038-469C-94A7-EDF285CE18C1} URL =
https://www.google.c...q={searchTerms}SearchScopes: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> {BA1BE292-1D15-488B-934D-008742212380} URL =
http://www.SearchAss...&m=639&c=d&s=spBHO: No Name -> {11111111-1111-1111-1111-110611171187} -> No File
BHO: No Name -> {283E6CFC-946C-A505-85D0-F04CADB49E66} -> No File
BHO: SearchAssist -> {8DDAC7C3-2592-4D84-A7A7-AA7865E53875} -> C:\Program Files\SearchAssist\ie\adxloader64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: BlockAndSurf -> {F9785F77-9BA1-A18F-2700-08002077A974} -> C:\Program Files (x86)\ver8BlockAndSurf\183_x64.dll ()
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: grassmow -> {12ef4f7f-6c80-4ac9-976b-a4ee342815c5} -> C:\Program Files (x86)\grassmow\grassmowbho.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: SearchAssist -> {8DDAC7C3-2592-4D84-A7A7-AA7865E53875} -> C:\Program Files\SearchAssist\ie\adxloader.dll ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FlowSurf -> {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} -> C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
BHO-x32: BlockAndSurf -> {F9785F77-9BA1-A18F-2700-08002077A974} -> C:\Program Files (x86)\ver8BlockAndSurf\183.dll No File
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File
Toolbar: HKU\S-1-5-21-1155007634-2346187462-1659951187-1001 -> No Name - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...n/ieawsdc32.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-13]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-01]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF Extension: RelevantKnowledge - C:\Program Files (x86)\RelevantKnowledge\firefox [2015-01-25]
FF HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1155007634-2346187462-1659951187-1001\...\Firefox\Extensions: [{1937A7D0-0325-2FF8-6987-A8EB0E6B5E1D}] - C:\Program Files (x86)\ver8BlockAndSurf\183.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver8BlockAndSurf\183.xpi [2014-11-17]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jlndcojbknbodbijmihgihhgmlkplnbo] - C:\Program Files\SearchAssist\chrome\searchassist.crx [2014-11-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2010-10-18] (Apache Software Foundation) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [341296 2011-01-14] (Nitro PDF Software)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [213784 2014-11-01] (TMRG, Inc.) <==== ATTENTION
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
R2 servervo; C:\Users\sheryl29\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-09-22] () [File not signed] <==== ATTENTION
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-19] (ArcSoft, Inc.)
R2 Update grassmow; C:\Program Files (x86)\grassmow\updategrassmow.exe [323360 2014-08-28] ()
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\SONY\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-27] (ArcSoft, Inc.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-02-21] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-25] (Glarysoft Ltd)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7778176 2009-12-17] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-12-17] (Intel® Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-02-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-13] ()
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S1 netfilter64; system32\drivers\netfilter64.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 18:20 - 2015-02-22 18:21 - 00000000 ____D () C:\FRST
2015-02-21 16:27 - 2015-02-21 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2015-02-21 11:22 - 2015-02-21 11:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2015-02-21 11:22 - 2015-02-21 11:22 - 00000000 ____D () C:\Windows\LastGood
2015-02-21 10:51 - 2015-02-21 10:51 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2015-02-21 10:51 - 2015-02-21 10:51 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2015-02-21 09:42 - 2015-02-21 10:44 - 00000000 ____D () C:\Users\sheryl29\Desktop\sheryl phone pic feb2015
2015-02-20 10:26 - 2015-02-20 10:26 - 00000000 ____D () C:\Users\sheryl29\AppData\Local\Nero_AG
2015-02-20 10:25 - 2015-02-20 10:26 - 00000000 ____D () C:\Users\sheryl29\AppData\Local\Nero
2015-02-18 22:13 - 2015-02-18 22:16 - 00000000 ____D () C:\Users\sheryl29\Desktop\evo
2015-02-13 13:31 - 2015-01-23 13:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 13:30 - 2015-01-23 14:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 13:30 - 2015-01-23 14:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 13:30 - 2015-01-23 13:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 19:38 - 2015-02-04 13:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-12 19:38 - 2015-02-04 13:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 19:38 - 2015-01-28 09:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-12 19:38 - 2015-01-10 16:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 19:38 - 2015-01-10 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 19:38 - 2015-01-10 16:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 19:38 - 2015-01-09 12:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 19:37 - 2015-01-14 15:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 19:37 - 2015-01-14 15:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 19:37 - 2015-01-13 13:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 19:37 - 2015-01-13 12:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 19:37 - 2015-01-12 13:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 19:37 - 2015-01-12 13:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 19:37 - 2015-01-12 13:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 19:37 - 2015-01-12 12:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 19:37 - 2015-01-12 12:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 19:37 - 2015-01-12 12:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 19:37 - 2015-01-12 12:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 19:37 - 2015-01-12 12:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 19:37 - 2015-01-12 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 19:37 - 2015-01-12 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 19:37 - 2015-01-12 12:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 19:37 - 2015-01-12 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 19:37 - 2015-01-12 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 19:37 - 2015-01-12 12:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 19:37 - 2015-01-12 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 19:37 - 2015-01-12 12:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 19:37 - 2015-01-12 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 19:37 - 2015-01-12 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 19:37 - 2015-01-12 12:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 19:37 - 2015-01-12 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 19:37 - 2015-01-12 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 19:37 - 2015-01-12 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 19:37 - 2015-01-12 12:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 19:37 - 2015-01-12 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 19:37 - 2015-01-12 12:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 19:37 - 2015-01-12 12:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 19:37 - 2015-01-12 12:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 19:37 - 2015-01-12 11:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 19:37 - 2015-01-12 11:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 19:37 - 2015-01-12 11:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 19:37 - 2015-01-12 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 19:37 - 2015-01-12 11:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 19:37 - 2015-01-12 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 19:37 - 2015-01-12 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 19:37 - 2015-01-12 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 19:37 - 2015-01-12 11:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 19:37 - 2015-01-12 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 19:37 - 2015-01-12 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 19:37 - 2015-01-12 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 19:37 - 2015-01-12 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 19:37 - 2015-01-12 11:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 19:37 - 2015-01-12 11:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 19:37 - 2015-01-12 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 19:37 - 2015-01-12 11:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 19:37 - 2015-01-12 11:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 19:37 - 2015-01-12 11:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 19:37 - 2015-01-12 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 19:37 - 2015-01-12 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 19:37 - 2015-01-12 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 19:37 - 2015-01-12 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 19:36 - 2015-01-15 18:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 19:36 - 2015-01-15 18:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 19:36 - 2015-01-15 18:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 19:36 - 2015-01-15 18:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 19:36 - 2015-01-15 18:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 19:36 - 2015-01-15 18:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 19:36 - 2015-01-15 18:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 19:36 - 2015-01-15 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 19:36 - 2015-01-15 18:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 19:36 - 2015-01-15 18:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 19:36 - 2015-01-15 18:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 19:36 - 2015-01-15 17:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 19:36 - 2015-01-15 17:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 19:36 - 2015-01-15 17:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 19:36 - 2015-01-15 17:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 19:36 - 2015-01-15 17:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 19:36 - 2015-01-15 17:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 19:36 - 2015-01-15 14:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 19:36 - 2014-12-12 15:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 19:36 - 2014-12-12 15:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 19:36 - 2014-11-26 13:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 19:36 - 2014-11-26 13:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 19:36 - 2014-07-07 12:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-12 19:36 - 2014-07-07 12:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-12 19:36 - 2014-07-07 11:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-12 19:36 - 2014-07-07 11:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-12 19:35 - 2015-01-14 16:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 19:35 - 2015-01-14 16:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 19:35 - 2015-01-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 19:35 - 2015-01-14 16:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 19:35 - 2015-01-14 15:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 19:35 - 2015-01-14 15:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 19:35 - 2015-01-14 15:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 19:34 - 2014-12-08 13:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 19:34 - 2014-12-08 12:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 19:14 - 2015-02-12 19:15 - 39316824 _____ (NETGEAR Inc.) C:\Users\sheryl29\Downloads\NETGEARGenie-install.exe
2015-02-01 07:41 - 2015-01-31 19:16 - 11287302 ____N () C:\Users\sheryl29\Desktop\UPG_Wizard_v7210.zip
2015-01-25 09:59 - 2014-11-01 03:08 - 00971032 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dl_
2015-01-25 09:59 - 2014-11-01 03:08 - 00661272 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dl_
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 18:23 - 2011-04-17 09:04 - 00000000 ____D () C:\Users\sheryl29\AppData\Roaming\uTorrent
2015-02-22 18:10 - 2014-11-11 10:10 - 00000304 _____ () C:\Windows\Tasks\PennyBee.job
2015-02-22 18:08 - 2010-08-27 19:29 - 01926114 _____ () C:\Windows\WindowsUpdate.log
2015-02-22 18:07 - 2014-10-25 16:46 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-02-22 17:58 - 2014-09-14 19:10 - 00000000 ____D () C:\Users\sheryl29\Desktop\movies feb 2015
2015-02-22 17:54 - 2015-01-15 09:05 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2015-02-22 17:52 - 2010-08-27 04:58 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31A47D8A-CF28-4F56-875C-754DE280825B}
2015-02-22 09:27 - 2014-11-13 14:45 - 00000386 _____ () C:\Windows\Tasks\AmiUpdXp.job
2015-02-22 09:02 - 2014-12-04 12:55 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-22 09:00 - 2014-09-02 12:18 - 00001342 _____ () C:\Windows\Tasks\HK.job
2015-02-22 05:32 - 2009-07-14 14:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-22 05:32 - 2009-07-14 14:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 11:22 - 2014-09-29 05:22 - 00006580 _____ () C:\Windows\setupact.log
2015-02-21 10:50 - 2013-11-22 10:02 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2015-02-21 10:45 - 2014-11-17 10:55 - 00000430 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2015-02-21 10:32 - 2012-03-09 18:49 - 00000000 ____D () C:\Users\sheryl29\AppData\Roaming\vlc
2015-02-21 08:07 - 2009-07-14 15:13 - 00786662 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-17 18:53 - 2014-11-25 14:17 - 00000424 _____ () C:\Windows\Tasks\DriverUpdate Startup.job
2015-02-17 14:17 - 2014-11-25 14:17 - 00000478 _____ () C:\Windows\Tasks\DriverUpdate Scan.job
2015-02-14 18:54 - 2014-09-27 12:26 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2015-02-14 18:53 - 2014-11-25 19:50 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-02-14 18:53 - 2014-11-25 14:17 - 00002856 _____ () C:\Windows\System32\Tasks\DriverUpdate Startup
2015-02-14 18:53 - 2014-10-25 11:33 - 00000338 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-02-14 04:14 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 04:04 - 2014-09-02 14:52 - 00000546 ____H () C:\Windows\Tasks\Norton Product InstallerIdle.job
2015-02-14 03:24 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-13 07:47 - 2009-07-14 14:45 - 00408496 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 07:41 - 2014-12-12 03:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 07:41 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 03:11 - 2014-09-01 14:24 - 00002008 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-13 03:11 - 2014-09-01 14:24 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-02-13 03:10 - 2014-09-01 14:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-13 03:10 - 2014-09-01 14:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-13 03:10 - 2013-07-26 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 03:03 - 2010-11-24 09:40 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-12 19:07 - 2014-11-27 18:49 - 26440352 _____ () C:\Windows\SysWOW64\debug.log
2015-02-12 13:45 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-28 19:07 - 2014-11-19 14:47 - 00000000 ____D () C:\Program Files (x86)\f552dd4c52e3
2015-01-28 19:07 - 2014-09-27 12:28 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2015-01-28 19:07 - 2006-10-27 14:26 - 00000000 ____D () C:\I386
2015-01-28 19:06 - 2015-01-10 13:43 - 00000000 ____D () C:\Users\sheryl29\AppData\Local\Bingoliner
2015-01-28 19:06 - 2014-12-01 20:27 - 00000000 ____D () C:\Users\sheryl29\AppData\Local\ConvertAd
2015-01-28 19:06 - 2014-09-22 13:02 - 00000000 ____D () C:\Users\sheryl29\AppData\Roaming\VOPackage
2015-01-28 19:06 - 2014-01-09 19:23 - 00000000 ____D () C:\Users\sheryl29\Downloads\Nero 2014 Platinum 15.0.07100 Final [ChingLiu]
2015-01-28 19:06 - 2011-11-11 19:05 - 00000000 ____D () C:\Users\sheryl29\AppData\Local\Akamai
2015-01-28 19:06 - 2010-12-04 15:50 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-01-28 19:06 - 2010-05-14 12:46 - 00000000 ___HD () C:\SPLASH.SYS
2015-01-28 19:06 - 2009-08-31 23:53 - 00000000 ____D () C:\Users\sheryl29\Documents\DVDVideoSoft
2015-01-28 19:06 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\registration
2015-01-25 13:08 - 2014-11-25 08:41 - 00045986 _____ () C:\Windows\DPINST.LOG
2015-01-25 13:08 - 2014-06-25 18:32 - 00001905 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-01-25 13:08 - 2013-04-13 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-01-25 13:07 - 2010-05-08 10:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-25 09:53 - 2014-11-13 14:45 - 00000000 ____D () C:\Program Files (x86)\61B895DB-510E-45B8-8975-A9C6B941421C
2015-01-25 09:53 - 2014-11-11 10:10 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2015-01-25 09:51 - 2012-05-22 21:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 09:50 - 2014-10-10 09:58 - 00088690 _____ () C:\Windows\PFRO.log
==================== Files in the root of some directories =======
2014-09-22 13:45 - 2014-10-11 20:17 - 0000320 _____ () C:\Users\sheryl29\AppData\Roaming\aps.uninstall.scan.results
2014-09-01 18:18 - 2014-09-01 18:18 - 0001248 _____ () C:\Users\sheryl29\AppData\Roaming\EKEK
2014-09-01 18:18 - 2014-09-01 18:18 - 0002086 _____ () C:\Users\sheryl29\AppData\Roaming\HK
2012-06-07 14:40 - 2012-06-18 12:10 - 0002048 _____ () C:\Users\sheryl29\AppData\Roaming\PhotobookShop.com.au Prefs
2014-11-11 17:10 - 2014-12-04 09:15 - 0000091 _____ () C:\Users\sheryl29\AppData\Roaming\WB.CFG
2010-12-11 08:35 - 2011-04-12 18:28 - 0006656 _____ () C:\Users\sheryl29\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-01 15:19 - 2014-09-01 15:19 - 0575544 _____ (ClickMeIn Limited) C:\Users\sheryl29\AppData\Local\nsa637.tmp
2014-09-03 12:47 - 2014-09-03 12:46 - 0631728 _____ (ClickMeIn Limited) C:\Users\sheryl29\AppData\Local\nsgEE3E.tmp
2014-09-22 14:14 - 2014-09-22 14:14 - 0627504 _____ (ClickMeIn Limited) C:\Users\sheryl29\AppData\Local\nsi308A.tmp
2014-09-01 13:24 - 2014-09-01 13:24 - 0631680 _____ (ClickMeIn Limited) C:\Users\sheryl29\AppData\Local\nslF71D.tmp
2014-12-01 20:28 - 2014-12-01 20:28 - 0613057 _____ (CMI Limited) C:\Users\sheryl29\AppData\Local\nsvDB85.tmp
2014-11-17 10:58 - 2014-11-17 10:58 - 0613012 _____ (CMI Limited) C:\Users\sheryl29\AppData\Local\nsvF109.tmp
2014-09-22 13:44 - 2014-09-22 13:44 - 0612072 _____ (ClickMeIn Limited) C:\Users\sheryl29\AppData\Local\nsw2C36.tmp
2011-01-10 21:56 - 2011-01-10 21:56 - 0000600 _____ () C:\Users\sheryl29\AppData\Local\PUTTY.RND
2011-11-23 18:16 - 2011-11-23 18:16 - 2529622 _____ () C:\Users\sheryl29\AppData\Local\[j0024]-[p01].bmp
2011-11-23 18:16 - 2011-11-23 18:16 - 2529622 _____ () C:\Users\sheryl29\AppData\Local\[j0024]-[p02].bmp
2011-11-23 18:16 - 2011-11-23 18:16 - 2529622 _____ () C:\Users\sheryl29\AppData\Local\[j0024]-[p03].bmp
2011-11-23 18:16 - 2011-11-23 18:16 - 2529622 _____ () C:\Users\sheryl29\AppData\Local\[j0024]-[p04].bmp
2011-11-23 18:16 - 2011-11-23 18:16 - 2529622 _____ () C:\Users\sheryl29\AppData\Local\[j0024]-[p05].bmp
2011-01-26 14:03 - 2011-03-10 14:14 - 0000040 ___SH () C:\ProgramData\.zreglib
2013-08-04 16:23 - 2013-08-04 16:23 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-12-04 15:41 - 2012-02-11 13:04 - 0012016 _____ () C:\ProgramData\hpzinstall.log
2010-08-28 19:20 - 2010-08-28 19:20 - 0000221 _____ () C:\ProgramData\MusicStation.xml
2014-11-11 10:09 - 2014-11-11 10:09 - 0000000 _____ () C:\ProgramData\spds90.txt
2010-09-01 11:06 - 2010-09-01 11:06 - 0000112 _____ () C:\ProgramData\wrWin.ini
Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\jna1878020501641523289.dll
C:\Users\Guest\AppData\Local\Temp\jna2887264982279649027.dll
C:\Users\Guest\AppData\Local\Temp\jna519945761266641714.dll
C:\Users\sheryl29\AppData\Local\Temp\97F35973-DBEB-0CC0-BEB2-28AD317E62A7.dll
C:\Users\sheryl29\AppData\Local\Temp\Adobe-Flash-Player1500152.exe
C:\Users\sheryl29\AppData\Local\Temp\BingoLinerInstaller.exe
C:\Users\sheryl29\AppData\Local\Temp\CBvA7.dll
C:\Users\sheryl29\AppData\Local\Temp\CBvA7.exe
C:\Users\sheryl29\AppData\Local\Temp\drv75393.exe
C:\Users\sheryl29\AppData\Local\Temp\GLFE130.tmp.exe
C:\Users\sheryl29\AppData\Local\Temp\Launcher.exe
C:\Users\sheryl29\AppData\Local\Temp\qt-mt332.dll
C:\Users\sheryl29\AppData\Local\Temp\qt-mt337.dll
C:\Users\sheryl29\AppData\Local\Temp\scpFDAC.tmp.exe
C:\Users\sheryl29\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\sheryl29\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\sheryl29\AppData\Local\Temp\srv60065.exe
C:\Users\sheryl29\AppData\Local\Temp\srv68358.exe
C:\Users\sheryl29\AppData\Local\Temp\srv89207.exe
C:\Users\sheryl29\AppData\Local\Temp\sSetup.exe
C:\Users\sheryl29\AppData\Local\Temp\stpccSetup.exe
C:\Users\sheryl29\AppData\Local\Temp\uninst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-14 03:00
==================== End Of Log ============================