Thank you for your response. Here are the Frst.txt and additional you asked for
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015 04
Ran by Presbyterian (administrator) on HOME-PC on 15-04-2015 18:53:22
Running from C:\Users\Presbyterian\Desktop
Loaded Profiles: Presbyterian (Available profiles: Presbyterian & Guest)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
() C:\Program Files\pcmax\pcmax.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-03] (Synaptics Incorporated)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2012-05-14] (Analog Devices, Inc.)
HKLM\...\Run: [SaiMfd] => C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [131072 2007-07-12] (Saitek)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79864 2014-05-25] ()
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\...\MountPoints2: {d5a929cc-5917-11e3-a243-806e6f6e6963} - D:\autorun.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
URLSearchHook: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
BHO: bestadblocker -> {06f7303a-9d3a-4f06-9367-f9eb637e416d} -> C:\Program Files\bestadblocker\vDRzk5TWTTCsea.dll [2015-04-08] ()
Handler: AutorunsDisabled\belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File []
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll [2014-01-28] (Adobe Systems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 ->
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-04]
CHR Profile: C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14]
CHR Extension: (Google Drive) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14]
CHR Extension: (YouTube) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14]
CHR Extension: (Google Search) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-14]
CHR Extension: (Ripple Emulator ) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geelfhphabnejjhdalkjhgipohgpdnoc [2015-04-08]
CHR Extension: (dregol New Tab) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2015-04-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-14]
CHR Extension: (Gmail) - C:\Users\Presbyterian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-01-29] (SUPERAntiSpyware.com)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [249024 2014-05-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 2310_00; C:\Windows\system32\drivers\2310_00.sys [135200 2009-06-12] (HighPoint Technologies, Inc.)
S3 272x_1x; C:\Windows\system32\drivers\272x_1x.sys [557888 2012-04-24] (HighPoint Technologies, Inc.)
S3 274x_3x; C:\Windows\system32\drivers\274x_3x.sys [196928 2012-04-24] (HighPoint Technologies, Inc.)
S3 ahcix86; C:\Windows\system32\drivers\ahcix86.sys [214096 2010-09-23] (Advanced Micro Devices, Inc)
S3 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [184120 2009-07-07] (Advanced Micro Devices, Inc)
S3 amd_sata; C:\Windows\system32\drivers\amd_sata.sys [70784 2011-12-12] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [34944 2011-12-12] (Advanced Micro Devices)
S3 arcm_x86; C:\Windows\system32\drivers\arcm_x86.sys [43552 2009-11-08] (ARECA Technology Corporation)
S3 asahci32; C:\Windows\system32\drivers\asahci32.sys [43104 2012-01-06] (Asmedia Technology)
S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [75816 2012-03-08] (Broadcom Corporation)
S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.)
S3 BFNVis32; C:\Windows\system32\drivers\XenoVx86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [150568 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [435240 2012-02-22] (Broadcom Corporation)
S3 DC133; C:\Windows\system32\drivers\DC133.sys [36328 2011-05-02] (Dawicontrol GmbH)
S3 DC150; C:\Windows\system32\drivers\DC150.sys [36824 2011-05-02] (Dawicontrol GmbH)
S3 DC154; C:\Windows\system32\drivers\DC154.sys [44376 2011-05-02] (Dawicontrol GmbH)
S3 DC300e; C:\Windows\system32\drivers\DC300e.sys [37272 2011-05-02] (Dawicontrol GmbH)
R0 DC324e; C:\Windows\System32\drivers\DC324e.sys [45816 2011-05-02] (Dawicontrol GmbH)
S3 DC3410; C:\Windows\system32\drivers\DC3410.sys [44360 2011-05-02] (Dawicontrol GmbH)
R0 DC4300; C:\Windows\System32\drivers\DC4300.sys [44392 2011-05-02] (Dawicontrol GmbH)
S3 DC600e; C:\Windows\system32\drivers\DC600e.sys [37752 2011-05-02] (Dawicontrol GmbH)
S3 hptiop; C:\Windows\system32\drivers\hptiop.sys [15008 2009-04-28] (HighPoint Technologies, Inc.)
S3 hptmv; C:\Windows\system32\drivers\hptmv.sys [71968 2006-09-27] (HighPoint Technologies, Inc.)
S3 hptmv6; C:\Windows\system32\drivers\hptmv6.sys [120352 2007-11-01] (HighPoint Technologies, Inc.)
S3 iaStorA; C:\Windows\system32\drivers\iaStorA.sys [477616 2012-03-15] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [21936 2012-03-31] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [563632 2012-03-31] (Intel Corporation)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x32.sys [300304 2011-11-30] (Intel® Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X32.sys [69392 2011-11-30] (Intel® Corporation)
S3 ioatdma1; C:\Windows\System32\Drivers\qd16032.sys [36552 2009-11-16] (Intel Corporation)
S3 ioatdma2; C:\Windows\System32\Drivers\qd26032.sys [37576 2009-11-16] (Intel Corporation)
S3 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35608 2008-05-14] (ITE Tech. Inc.)
S3 iteraid; C:\Windows\system32\drivers\iteraid.sys [29184 2007-05-01] (ITE Tech. Inc.)
S3 JRAID; C:\Windows\system32\drivers\jraid.sys [103512 2011-05-19] (JMicron Technology Corp.)
S3 m5287; C:\Windows\system32\drivers\m5287.sys [104320 2006-07-20] (ULi Electronics Inc.) [File not signed]
S3 m5288; C:\Windows\system32\drivers\m5288.sys [211072 2006-07-19] (ULi Electronics Inc.) [File not signed]
S3 m5289; C:\Windows\system32\drivers\m5289.sys [52480 2005-07-04] (ULi Electronics Inc.)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [45864 2012-01-17] (LSI Corporation)
S3 MegaSR1; C:\Windows\system32\drivers\MegaSR1.sys [407120 2010-06-14] (LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKsl03559789; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F691F505-783F-493E-9400-8A75FC811162}\MpKsl03559789.sys [39464 2015-04-15] (Microsoft Corporation)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [161072 2011-05-06] (Marvell Semiconductor, Inc.)
S3 mv91cons; C:\Windows\system32\drivers\mv91cons.sys [23344 2011-11-11] (Marvell Semiconductor Inc.)
S3 mv91xx; C:\Windows\system32\drivers\mv91xx.sys [275760 2011-11-11] (Marvell Semiconductor, Inc.)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
S3 rr172x; C:\Windows\system32\drivers\rr172x.sys [101920 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr174x; C:\Windows\system32\drivers\rr174x.sys [126496 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr2210; C:\Windows\system32\drivers\rr2210.sys [122400 2007-11-01] (HighPoint Technologies, Inc.)
S3 rr232x; C:\Windows\system32\drivers\rr232x.sys [120352 2008-05-05] (HighPoint Technologies, Inc.)
S3 rr2340; C:\Windows\system32\drivers\rr2340.sys [128608 2009-12-31] (HighPoint Technologies, Inc.)
S3 rr2522; C:\Windows\system32\drivers\rr2522.sys [132704 2009-12-31] (HighPoint Technologies, Inc.)
S3 rr276x; C:\Windows\system32\drivers\rr276x.sys [196928 2012-04-24] (HighPoint Technologies, Inc.)
S3 rr278x; C:\Windows\system32\drivers\rr278x.sys [196928 2012-04-24] (HighPoint Technologies, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [123488 2010-06-16] (HighPoint Technologies, Inc.)
S3 SaiH0BAC; C:\Windows\System32\DRIVERS\SaiH0BAC.sys [135168 2007-07-12] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [14080 2007-07-12] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [35072 2007-07-12] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SI3112; C:\Windows\system32\drivers\SI3112.sys [69168 2007-01-26] (Silicon Image, Inc.)
S3 SI3112r; C:\Windows\system32\drivers\SI3112r.sys [110128 2007-02-01] (Silicon Image, Inc)
S3 SI3114; C:\Windows\system32\drivers\SI3114.sys [68912 2006-11-10] (Silicon Image, Inc.)
S3 SI3114r; C:\Windows\system32\drivers\SI3114R.sys [110384 2007-04-11] (Silicon Image, Inc)
S3 Si3114r5; C:\Windows\system32\drivers\Si3114r5.sys [209200 2007-02-07] (Silicon Image, Inc)
S3 SI3124; C:\Windows\system32\drivers\SI3124.sys [76208 2006-11-02] (Silicon Image, Inc.)
S3 Si3124r5; C:\Windows\system32\drivers\Si3124r5.sys [207152 2006-09-20] (Silicon Image, Inc)
S3 SI3132; C:\Windows\system32\drivers\SI3132.sys [80424 2007-10-03] (Silicon Image, Inc)
S3 Si3132r5; C:\Windows\system32\drivers\Si3132r5.sys [217128 2008-10-30] (Silicon Image, Inc)
S3 Si3531; C:\Windows\system32\drivers\Si3531.sys [212520 2009-02-05] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [19240 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [15400 2007-10-03] (Silicon Image, Inc)
S3 viamraid; C:\Windows\system32\drivers\viamraid.sys [141424 2010-12-02] (VIA Technologies Inc.,Ltd)
S3 videX32; C:\Windows\system32\drivers\videX32.sys [13976 2010-02-11] (VIA Technologies, Inc.)
S0 xfilt; C:\Windows\System32\drivers\xfilt.sys [23192 2010-02-11] (VIA Technologies, Inc.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 18:53 - 2015-04-15 18:53 - 00019391 _____ () C:\Users\Presbyterian\Desktop\FRST.txt
2015-04-15 18:53 - 2015-04-15 18:53 - 00000000 ____D () C:\FRST
2015-04-15 18:46 - 2015-04-15 18:46 - 02097664 _____ (Farbar) C:\Users\Presbyterian\Desktop\FRST64.exe
2015-04-15 18:46 - 2015-04-15 18:46 - 01137152 _____ (Farbar) C:\Users\Presbyterian\Desktop\FRST.exe
2015-04-15 12:31 - 2015-04-15 12:31 - 00468480 _____ () C:\Users\Presbyterian\Downloads\CKScanner.exe
2015-04-15 06:19 - 2015-04-15 06:25 - 85137315 _____ () C:\Users\Presbyterian\Downloads\480P_600k_28669891.mp4
2015-04-15 04:55 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 04:55 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 04:55 - 2015-03-17 01:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 04:55 - 2015-03-17 01:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 04:55 - 2015-03-17 00:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 04:55 - 2015-03-17 00:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 04:55 - 2015-03-17 00:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 04:55 - 2015-03-17 00:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 04:55 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 04:55 - 2015-03-17 00:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 04:55 - 2015-03-17 00:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 04:55 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 04:55 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 04:55 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 04:55 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 04:55 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 04:55 - 2015-03-05 00:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 04:55 - 2015-03-04 00:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 04:55 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 04:54 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 04:54 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 04:54 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 04:54 - 2015-03-12 23:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 04:54 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 04:54 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 04:54 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 04:54 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 04:54 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 04:54 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 04:54 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 04:54 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 04:54 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 04:54 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 04:54 - 2015-03-12 23:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 04:54 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 04:54 - 2015-03-12 23:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 04:54 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 04:54 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 04:54 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 04:54 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 04:54 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 04:54 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 04:54 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 04:54 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 04:54 - 2015-03-12 22:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 04:54 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 04:54 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 04:54 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 04:54 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 04:54 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 04:53 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 04:53 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 04:53 - 2015-03-24 23:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 04:53 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 04:53 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 04:53 - 2015-02-24 23:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 17:36 - 2015-04-13 17:18 - 00631665 _____ () C:\Users\Presbyterian\Documents\Tyleana diploma.jpeg
2015-04-11 11:30 - 2015-04-11 11:33 - 29301853 _____ () C:\Users\Presbyterian\Downloads\240P_206K_2034850.mp4
2015-04-09 21:27 - 2015-04-09 21:27 - 00000000 ____D () C:\ProgramData\6d7669d100003e8a
2015-04-09 20:53 - 2015-04-09 20:53 - 00000000 ____D () C:\Users\Presbyterian\AppData\Local\Opera Software
2015-04-09 20:52 - 2015-04-09 20:52 - 00000000 ____D () C:\Users\Presbyterian\AppData\Roaming\Opera Software
2015-04-09 20:50 - 2015-04-09 21:23 - 00000000 ____D () C:\Program Files\Opera
2015-04-09 20:49 - 2015-04-09 20:48 - 01055936 _____ (Adobe) C:\Users\Presbyterian\Downloads\install_flash_player_13_plugin.exe
2015-04-09 20:39 - 2015-04-09 20:39 - 00830768 _____ (Software Web App ) C:\Users\Presbyterian\Downloads\adobe_flash_setup.exe
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 __RSH () C:\MSDOS.SYS
2015-04-08 20:38 - 2015-04-08 20:38 - 00000000 __RSH () C:\IO.SYS
2015-04-08 20:36 - 2015-04-08 20:36 - 00000000 ____D () C:\ProgramData\{ebf6967a-fdc6-125f-ebf6-6967afdc59eb}
2015-04-08 20:35 - 2015-04-08 20:35 - 00464384 _____ () C:\Users\Presbyterian\Downloads\ShowBox (1).exe
2015-04-08 20:28 - 2015-04-08 20:28 - 13611736 _____ (BlueStack Systems Inc.) C:\Users\Presbyterian\Downloads\BlueStacks-ThinInstaller (1).exe
2015-04-08 20:25 - 2015-04-08 20:25 - 00000000 ____D () C:\Program Files\Ripple Emulator
2015-04-08 20:25 - 2015-04-08 20:25 - 00000000 ____D () C:\Program Files\bestadblocker
2015-04-08 20:24 - 2015-04-08 20:24 - 00000000 ____D () C:\ProgramData\fjfabpckpmjjdajgmpfdgmecmcgppclp
2015-04-08 20:24 - 2015-04-08 20:24 - 00000000 ____D () C:\ProgramData\12377648289326806371
2015-04-08 20:24 - 2015-04-08 20:24 - 00000000 ____D () C:\Program Files\SealePLUs
2015-04-08 20:22 - 2015-04-08 20:22 - 00464896 _____ () C:\Users\Presbyterian\Downloads\ShowBox.exe
2015-04-08 20:22 - 2015-04-08 20:22 - 00000000 ____D () C:\ProgramData\{091f7b29-1666-6544-091f-f7b29166eca4}
2015-04-08 19:52 - 2015-04-08 19:52 - 02309572 _____ () C:\Users\Presbyterian\Downloads\showbox.apk
2015-04-08 19:36 - 2015-04-08 19:36 - 13611736 _____ (BlueStack Systems Inc.) C:\Users\Presbyterian\Downloads\BlueStacks-ThinInstaller.exe
2015-04-01 05:08 - 2015-04-01 05:08 - 00000000 ____D () C:\Users\Presbyterian\AppData\Roaming\IDM
2015-04-01 05:07 - 2015-04-01 05:07 - 04221480 _____ () C:\Users\Presbyterian\Downloads\WidevineMediaOptimizerChrome.exe
2015-03-27 19:31 - 2015-03-27 19:35 - 34880636 _____ () C:\Users\Presbyterian\Downloads\0506988.mp4
2015-03-20 09:22 - 2015-03-20 09:22 - 00000272 _____ () C:\Users\Presbyterian\Downloads\get_asx_feed.m3u
2015-03-20 09:22 - 2015-03-20 09:22 - 00000236 _____ () C:\Users\Presbyterian\Downloads\get_asx_feed (1).m3u
2015-03-19 16:05 - 2015-03-19 16:07 - 23110745 _____ () C:\Users\Presbyterian\Downloads\240P_352K_2036151.mp4
2015-03-17 22:08 - 2015-03-17 22:09 - 00013552 _____ () C:\Users\Presbyterian\Documents\grieve letter.odt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-15 18:52 - 2013-12-04 00:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-15 18:49 - 2014-05-27 18:50 - 00000000 ____D () C:\Program Files\Speccy
2015-04-15 18:45 - 2009-07-14 00:34 - 00031568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-15 18:45 - 2009-07-14 00:34 - 00031568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-15 18:41 - 2010-11-20 17:01 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 18:40 - 2013-05-02 14:57 - 01837676 _____ () C:\Windows\WindowsUpdate.log
2015-04-15 18:37 - 2014-06-15 04:56 - 00067285 _____ () C:\Windows\setupact.log
2015-04-15 18:37 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 08:52 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 07:06 - 2013-12-03 22:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 06:58 - 2013-06-20 14:06 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 06:21 - 2014-03-01 22:00 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-15 06:20 - 2014-03-01 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-04-09 21:53 - 2014-09-26 09:41 - 00000000 ____D () C:\ProgramData\SparkTrust
2015-04-09 21:22 - 2009-07-13 22:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-06 15:28 - 2009-07-14 00:53 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-04 11:56 - 2013-12-04 00:15 - 00002055 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-20 09:22 - 2009-07-14 00:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-16 01:48 - 2015-03-15 12:39 - 00024628 _____ () C:\Users\Presbyterian\Documents\section letter.odt
==================== Files in the root of some directories =======
2014-02-17 19:33 - 2014-02-17 19:33 - 49940480 _____ () C:\Program Files\GUTA3A0.tmp
2013-12-04 10:38 - 2013-12-04 10:38 - 0000000 _____ () C:\Users\Presbyterian\AppData\Local\AtStart.txt
2013-12-04 10:38 - 2013-12-04 10:38 - 0000000 _____ () C:\Users\Presbyterian\AppData\Local\DSwitch.txt
2014-06-21 00:24 - 2014-06-25 16:10 - 0000003 _____ () C:\Users\Presbyterian\AppData\Local\proxy.log
2013-12-04 10:38 - 2013-12-04 10:38 - 0000000 _____ () C:\Users\Presbyterian\AppData\Local\QSwitch.txt
2015-04-09 21:26 - 2015-04-09 21:26 - 0011422 _____ () C:\Users\Presbyterian\AppData\Local\Temp-log.txt
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-11 16:09
==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-04-2015 04
Ran by Presbyterian at 2015-04-15 18:55:05
Running from C:\Users\Presbyterian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft OneDrive (HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OpenOffice 4.0.1 (HKLM\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Saitek SD6 Programming Software 6.0.7.0 (HKLM\...\{960B5908-CB3C-439A-9BEA-1C920DD81F3C}) (Version: 6.0.7.0 - Saitek)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System Recovery (HKLM\...\System_Recovery) (Version: - )
System Requirements Lab Detection (HKLM\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Presbyterian\Downloads\ShowBox (1).exe ()
CustomCLSID: HKU\S-1-5-21-1798075911-1676469755-1713155969-1004_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Presbyterian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\FileSyncApi.dll (Microsoft Corporation)
==================== Restore Points =========================
03-04-2015 07:49:51 Windows Update
07-04-2015 07:44:01 Windows Update
08-04-2015 20:19:08 Removed BlueStacks Notification Center
09-04-2015 21:21:05 Removed BlueStacks Notification Center
11-04-2015 10:00:03 Windows Update
14-04-2015 23:44:57 Windows Update
15-04-2015 06:54:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {71CBD9DC-7EFF-4C93-970E-9EB3D1D7D7BC} - System32\Tasks\{798D9E9B-4581-48B4-8EED-F40A9C6EB10B} => C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-05-11] (Microsoft Corp.)
Task: {818F7C25-3FEC-4EA1-AAA5-49B6DF24498C} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-25] () <==== ATTENTION
Task: {85AFD589-3F5E-453E-BF2D-550226D70E06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-04] (Google Inc.)
Task: {8686C956-E29A-4870-BDDE-CD13DCB90A0F} - System32\Tasks\{A78CDE5D-65C8-41C5-AB31-C46A1E0C92B9} => C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-05-11] (Microsoft Corp.)
Task: {B728A82B-F99F-4FA7-9DC7-3CEEF6F00407} - System32\Tasks\{B37D8057-F0A1-4C72-8133-52D2DAC89FD1} => C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-05-11] (Microsoft Corp.)
Task: {D3779927-EA8A-40C6-BE28-332F87C76E1A} - System32\Tasks\{1E02A1C5-384A-4048-A003-A5F7E2AFD10C} => pcalua.exe -a C:\Users\Presbyterian\Downloads\wlsetup-web.exe -d C:\Users\Presbyterian\Downloads
Task: {DE1DDCAA-86A0-448A-A08B-241B156348AF} - System32\Tasks\{3C43BEC3-2262-4F08-9264-6A0627A4D87A} => C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-05-11] (Microsoft Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8d0cd3660325.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfedd61718752e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0003439191b8.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d03f2a5a6bea8c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_C89E687D-4582-11E4-881D-002713AC33EC.job => C:\Program Files\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2014-05-25 06:34 - 2014-05-25 06:34 - 00249024 _____ () C:\Program Files\pcmax\pcmax.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-04-04 11:56 - 2015-03-30 17:07 - 01174856 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-04 11:56 - 2015-03-30 17:07 - 00080200 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-04 11:56 - 2015-03-30 17:07 - 09279304 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-04 11:56 - 2015-03-30 17:07 - 14974280 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Presbyterian\Documents\Tyleana diploma.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Presbyterian\Documents\Tyleana diploma.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1798075911-1676469755-1713155969-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Presbyterian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ProfilerU => C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1798075911-1676469755-1713155969-500 - Administrator - Disabled)
Guest (S-1-5-21-1798075911-1676469755-1713155969-501 - Administrator - Enabled) => C:\Users\Guest
Presbyterian (S-1-5-21-1798075911-1676469755-1713155969-1004 - Administrator - Enabled) => C:\Users\Presbyterian
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2015 06:52:01 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 06:39:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/15/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 00:03:49 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 08:52:07 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 08:34:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 41.0.2272.118 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: b98
Start Time: 01d077767323f9e5
Termination Time: 890
Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Report Id: 8bc6e9d2-e36b-11e4-84bf-002713ac33ec
Error: (04/15/2015 08:19:47 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/15/2015 06:52:02 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 05:52:02 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 04:52:20 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
System errors:
=============
Error: (04/15/2015 06:49:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2146893809
Error: (04/15/2015 06:49:15 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x8009000f
Error: (04/15/2015 06:47:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2146893809
Error: (04/15/2015 06:47:40 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x8009000f
Error: (04/15/2015 06:39:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147467259
Error: (04/15/2015 06:39:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147467259
Error: (04/15/2015 06:37:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
xfilt
Error: (04/15/2015 08:36:29 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5
Error: (04/15/2015 08:28:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (04/15/2015 08:20:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Microsoft Office Sessions:
=========================
Error: (04/15/2015 06:52:01 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 06:39:17 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/15/2015 00:52:01 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 00:03:49 PM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 08:52:07 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 08:34:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe41.0.2272.118b9801d077767323f9e5890C:\Program Files\Google\Chrome\Application\chrome.exe8bc6e9d2-e36b-11e4-84bf-002713ac33ec
Error: (04/15/2015 08:19:47 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/15/2015 06:52:02 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 05:52:02 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/15/2015 04:52:20 AM) (Source: MsiInstaller) (EventID: 10015) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Object already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz
Percentage of memory in use: 69%
Total physical RAM: 1912.27 MB
Available physical RAM: 575.42 MB
Total Pagefile: 3824.53 MB
Available Pagefile: 2215.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.33 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:148.95 GB) (Free:95.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: C4F23008)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================