Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer slow, CPU 100% [Solved]


  • This topic is locked This topic is locked

#1
jones082

jones082

    Member

  • Member
  • PipPipPip
  • 253 posts

CPU usage jumps up to 100% very easily and slows my computer.  Task manager is not showing anything in particular with a high percentage, just the percentage, itself, is shown at 100%. It particularly causes a problem when watching instructional videos on Groove 3.

 

Coincidentally, any windows I open (including files and browsers) are larger than before, and extend underneath the task bar. This is different. I did not re-size anything, nor did I change resolution.

 

Windows is always updated and MSE scan is fine. I followed posted instructions from another forum (closed topic) and did remove some malware with RogueKiller and Malwarebytes.  The computer is running a little better, but the CPU percentage is still off the charts.  

 

Any help is much appreciated.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by jones (administrator) on JONES-PC on 13-06-2015 16:00:34
Running from C:\Users\jones\Desktop
Loaded Profiles: jones (Available Profiles: jones & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\jones\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Users\jones\AppData\Local\Samsung Inc\Wireless Multiroom\Wireless Audio - Multiroom for Desktop\DMSSettings.exe
(Microsoft Corporation) C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(The WIndows Club) C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hide Taskbar.exe
(Stoic Joker's Network) C:\Program Files\T-Clock\x64\Clock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Run: [Amazon Music] => C:\Users\jones\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] ()
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Run: [Wireless_Multiroom_DMS] => C:\Users\jones\AppData\Local\Samsung Inc\Wireless Multiroom\Wireless Audio - Multiroom for Desktop\DMSSettings.exe [1792360 2014-08-07] ()
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Run: [OneDrive] => C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
Startup: C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hide Taskbar.exe [2015-06-09] (The WIndows Club)
Startup: C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stoic Joker's T-Clock 2010 x64.lnk [2012-12-06]
ShortcutTarget: Stoic Joker's T-Clock 2010 x64.lnk -> C:\Program Files\T-Clock\x64\Clock.exe (Stoic Joker's Network)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000 -> {ADD8D8BA-ED16-479F-BCA0-F12571E602C6} URL = http://www.google.co...&rlz=1I7ADFA_en
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\m4lsnt0g.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4150059858-4142371535-3419905417-1000: @nds.com/PlayerPlugin -> C:\Users\jones\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)
FF Plugin HKU\S-1-5-21-4150059858-4142371535-3419905417-1000: NDS.com/PlayerPlugin -> C:\Users\jones\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)
FF Extension: Avira Browser Safety - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\m4lsnt0g.default\Extensions\[email protected] [2015-06-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Brushed) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2012-11-24]
CHR Extension: (YouTube) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-24]
CHR Extension: (Google Search) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-24]
CHR Extension: (Google Wallet) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-09-30] (SUPERAntiSpyware.com) [File not signed]
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3084688 2013-01-21] (Emsisoft GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-05-28] (IBM Corp.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-06-26] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2014-07-09] ()
R3 OXYGEN; C:\Windows\System32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)
S3 paeusbaudio; C:\Windows\System32\DRIVERS\paeusbaudio_x64.sys [250728 2012-10-09] ()
S3 paeusbaudiodsp; C:\Windows\System32\DRIVERS\paeusbaudiodsp_x64.sys [69992 2012-10-09] ()
S3 paeusbaudioks; C:\Windows\System32\DRIVERS\paeusbaudioks_x64.sys [51560 2012-10-09] ()
R1 RapportCerberus_1412108; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412108.sys [910872 2015-06-09] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [484088 2015-05-28] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [121208 2015-05-28] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [375128 2015-05-28] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [479320 2015-05-28] (IBM Corp.)
S3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [302336 2011-11-07] (Roland Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-06-13] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-13 16:00 - 2015-06-13 16:01 - 00017788 _____ C:\Users\jones\Desktop\FRST.txt
2015-06-13 15:59 - 2015-06-13 16:00 - 00000000 ____D C:\FRST
2015-06-13 15:58 - 2015-06-13 15:58 - 02109952 _____ (Farbar) C:\Users\jones\Desktop\FRST64.exe
2015-06-13 15:40 - 2015-06-13 15:40 - 00000000 ___HD C:\OneDriveTemp
2015-06-13 15:39 - 2015-06-13 15:39 - 00000000 ____H C:\ProgramData\cm-lock
2015-06-13 15:04 - 2015-06-13 15:04 - 00000340 _____ C:\Windows\PFRO.log
2015-06-13 14:25 - 2015-06-13 14:25 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\jones\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-13 14:19 - 2015-06-13 14:22 - 00000000 ____D C:\AdwCleaner
2015-06-13 14:19 - 2015-06-13 14:19 - 02231296 _____ C:\Users\jones\Desktop\adwcleaner_4.206.exe
2015-06-13 14:00 - 2015-06-13 14:18 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-13 14:00 - 2015-06-13 14:00 - 21426424 _____ C:\Users\jones\Desktop\RogueKillerX64.exe
2015-06-13 14:00 - 2015-06-13 14:00 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-13 13:58 - 2015-06-13 13:58 - 17639160 _____ C:\Users\jones\Desktop\RogueKiller.exe
2015-06-12 14:35 - 2015-06-12 14:35 - 00000000 ____D C:\Users\jones\AppData\Roaming\Avira
2015-06-12 14:26 - 2015-06-12 14:36 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-12 14:26 - 2015-06-12 14:32 - 00000000 ____D C:\ProgramData\Avira
2015-06-12 07:50 - 2015-06-12 07:50 - 00018185 _____ C:\ComboFix.txt
2015-06-12 07:25 - 2015-06-12 07:25 - 00000000 ____D C:\Users\jones\Documents\ProcAlyzer Dumps
2015-06-09 16:48 - 2015-05-28 15:16 - 00121208 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2015-06-09 16:21 - 2015-06-09 16:21 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-09 14:59 - 2015-06-09 15:00 - 00000000 ____D C:\Users\jones\Desktop\Hide-Taskbar
2015-06-07 14:45 - 2015-06-13 15:40 - 00000000 ___RD C:\Users\jones\OneDrive
2015-06-07 14:39 - 2015-06-13 15:38 - 00000728 _____ C:\Windows\setupact.log
2015-06-07 14:39 - 2015-06-07 14:39 - 00000000 _____ C:\Windows\setuperr.log
2015-06-07 14:28 - 2015-05-22 11:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-07 14:28 - 2015-05-22 11:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-07 14:28 - 2015-05-21 06:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-07 11:05 - 2015-06-13 14:25 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-05 07:10 - 2015-05-25 11:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-05 07:10 - 2015-05-25 11:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-05 07:10 - 2015-05-25 11:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-05 07:10 - 2015-05-25 11:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-05 07:10 - 2015-05-25 11:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-05 07:10 - 2015-05-25 11:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-05 07:10 - 2015-05-25 11:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-05 07:10 - 2015-05-25 11:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-05 07:10 - 2015-05-25 11:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-05 07:10 - 2015-05-25 10:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-05 07:10 - 2015-05-25 10:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-05 07:10 - 2015-05-25 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-05 07:10 - 2015-05-25 09:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-05 07:10 - 2015-05-25 09:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-05 07:10 - 2015-05-25 09:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-05 07:09 - 2015-05-08 20:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-05 07:09 - 2015-05-08 20:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-05 07:09 - 2015-05-08 20:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-05 07:09 - 2015-05-08 20:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-05 07:09 - 2015-05-08 20:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 06:54 - 2015-04-10 20:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-04 15:13 - 2015-06-04 15:13 - 00003568 _____ C:\Windows\System32\Tasks\{4053DBB8-2467-4911-AC15-A740352B9504}
2015-06-04 14:51 - 2015-06-04 14:51 - 00000000 ____D C:\Users\jones\Documents\IK Multimedia
2015-06-04 14:47 - 2015-06-04 14:47 - 05626581 _____ C:\Users\jones\Desktop\Authorization_Manager_1.0.12.zip
2015-06-04 12:09 - 2015-06-12 16:34 - 00000000 ____D C:\Program Files (x86)\Steinberg
2015-06-01 08:02 - 2015-06-01 08:02 - 00000000 ____D C:\Users\jones\AppData\Local\GWX
2015-05-25 08:17 - 2015-05-25 08:17 - 00001228 _____ C:\Users\Public\Desktop\Command Center.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-13 16:01 - 2013-12-14 08:49 - 01111747 _____ C:\Windows\WindowsUpdate.log
2015-06-13 15:48 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-13 15:48 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-13 15:39 - 2012-09-27 08:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 15:38 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 15:05 - 2014-08-16 13:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-13 15:04 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup
2015-06-13 14:25 - 2014-08-16 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-13 14:25 - 2014-08-16 13:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-13 13:40 - 2012-02-04 18:33 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-13 13:40 - 2011-06-13 23:57 - 00000000 ____D C:\Users\jones
2015-06-13 13:39 - 2015-04-04 15:17 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-13 13:39 - 2015-01-06 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2015-06-13 13:39 - 2014-04-15 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio
2015-06-13 13:39 - 2014-04-14 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2015-06-13 13:39 - 2013-10-13 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-06-13 13:39 - 2013-08-19 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-06-13 13:39 - 2012-09-27 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-13 13:39 - 2012-05-09 06:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-13 13:39 - 2012-04-25 05:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-13 13:39 - 2011-06-15 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2015-06-13 13:39 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-06-13 13:38 - 2014-03-27 15:47 - 00000000 ____D C:\Cakewalk Projects
2015-06-13 13:38 - 2012-11-27 18:08 - 00000000 ____D C:\ProgramData\Virtualized Applications
2015-06-13 13:38 - 2011-06-14 19:22 - 00000000 ____D C:\Users\jones\AppData\Roaming\SoftGrid Client
2015-06-13 06:41 - 2013-01-27 18:35 - 00045635 _____ C:\Users\jones\Desktop\credit card 2013.xlsx
2015-06-13 06:41 - 2011-01-06 20:06 - 00101376 _____ C:\Users\jones\Desktop\Debit Jan 2011.xls
2015-06-13 06:32 - 2012-11-27 18:08 - 00000000 ____D C:\Users\jones\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}
2015-06-13 06:32 - 2011-06-14 19:22 - 00000000 ____D C:\Users\jones\AppData\Local\SoftGrid Client
2015-06-12 17:37 - 2015-01-06 07:18 - 00000032 _____ C:\Windows\msocreg32.dat
2015-06-12 17:21 - 2012-08-29 21:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-12 17:10 - 2012-09-27 08:29 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 16:37 - 2015-04-04 15:18 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-12 16:37 - 2014-12-10 16:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 16:37 - 2014-04-23 06:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-12 16:37 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-12 16:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-12 16:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-12 16:36 - 2013-10-13 09:16 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-12 16:36 - 2011-10-24 15:45 - 00000000 ____D C:\Windows\system32\Macromed
2015-06-12 16:35 - 2015-04-26 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-12 16:35 - 2015-03-01 16:07 - 00000000 ____D C:\Users\jones\Desktop\VstPlugIns
2015-06-12 16:35 - 2014-04-15 16:22 - 00000000 ____D C:\Program Files\vst plugins
2015-06-12 16:35 - 2014-04-15 07:59 - 00000000 ____D C:\Program Files\XLN Audio
2015-06-12 16:35 - 2014-03-22 14:41 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-06-12 16:35 - 2013-10-13 09:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-12 16:35 - 2012-05-15 06:22 - 00000000 ____D C:\Windows\ERDNT
2015-06-12 16:35 - 2012-05-13 12:19 - 00000000 ___RD C:\Users\jones\SkyDrive
2015-06-12 16:35 - 2012-05-09 06:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Trusteer
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Trusteer
2015-06-12 16:35 - 2011-06-14 22:46 - 00000000 ____D C:\Users\jones\Desktop\security
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-12 16:34 - 2013-10-13 09:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-12 16:34 - 2012-05-09 06:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-12 16:34 - 2011-06-14 19:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-06-12 16:21 - 2014-04-15 08:01 - 00000000 ____D C:\Users\jones\Desktop\Steinberg
2015-06-12 16:21 - 2012-05-15 06:22 - 00000000 ____D C:\Qoobox
2015-06-12 16:21 - 2011-07-24 09:27 - 00000000 ____D C:\Users\jones\.frostwire5
2015-06-12 16:17 - 2014-04-15 08:16 - 00000000 ____D C:\Program Files (x86)\XLN Audio
2015-06-12 16:17 - 2014-03-28 16:03 - 00000000 ____D C:\Program Files\Steinberg
2015-06-12 16:17 - 2014-03-27 15:41 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-12 16:15 - 2015-01-06 07:18 - 00000000 ____D C:\Program Files (x86)\IK Multimedia
2015-06-12 16:15 - 2010-08-30 04:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-12 15:18 - 2014-11-28 07:19 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieBrowserModeList
2015-06-12 15:18 - 2014-04-10 13:05 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieUserList
2015-06-12 15:18 - 2014-04-10 13:05 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieSiteList
2015-06-12 08:04 - 2011-06-16 08:17 - 00007597 _____ C:\Users\jones\AppData\Local\resmon.resmoncfg
2015-06-10 07:00 - 2013-07-12 07:42 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 17:24 - 2015-01-06 07:18 - 00000016 _____ C:\Windows\system32\w3data.vss
2015-06-09 17:24 - 2015-01-06 07:18 - 00000016 _____ C:\Windows\system32\msvcsv60.dll
2015-06-09 17:24 - 2015-01-06 07:18 - 00000016 _____ C:\Users\jones\AppData\Roaming\msregsvv.dll
2015-06-09 17:24 - 2015-01-06 07:18 - 00000016 _____ C:\ProgramData\autobk.inc
2015-06-09 16:21 - 2012-08-29 21:09 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 16:21 - 2012-04-05 06:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 16:21 - 2011-10-25 16:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 15:03 - 2014-03-31 16:28 - 00000000 ____D C:\Users\jones\AppData\Roaming\Celemony Software GmbH
2015-06-09 14:59 - 2010-04-16 22:58 - 00238897 _____ (The WIndows Club) C:\Users\jones\Desktop\Hide Taskbar.exe
2015-06-07 14:49 - 2009-07-13 22:13 - 00783400 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 17:51 - 2013-04-19 06:58 - 00000000 ____D C:\Users\jones\AppData\Local\Adobe
2015-06-04 14:52 - 2015-01-07 16:05 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Miroslav Philharmonik.lnk
2015-06-04 14:39 - 2015-01-07 16:10 - 00000016 _____ C:\Windows\SysWOW64\w3data.vss
2015-06-04 14:39 - 2015-01-07 16:10 - 00000016 _____ C:\Windows\SysWOW64\msvcsv60.dll
2015-05-28 15:16 - 2011-07-25 15:19 - 00375128 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2015-05-22 06:54 - 2014-02-20 08:13 - 00002168 _____ C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-05-18 08:05 - 2012-09-27 08:29 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 08:05 - 2012-09-27 08:29 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 07:46 - 2009-07-13 21:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT
 
==================== Files in the root of some directories =======
 
2015-01-06 07:18 - 2015-06-09 17:24 - 0000016 _____ () C:\Users\jones\AppData\Roaming\msregsvv.dll
2011-07-03 10:24 - 2011-07-03 10:26 - 0009953 _____ () C:\Users\jones\AppData\Local\HWVendorDetection.log
2011-06-16 08:17 - 2015-06-12 08:04 - 0007597 _____ () C:\Users\jones\AppData\Local\resmon.resmoncfg
2015-01-06 07:18 - 2015-06-09 17:24 - 0000016 _____ () C:\ProgramData\autobk.inc
2015-06-13 15:39 - 2015-06-13 15:39 - 0000000 ____H () C:\ProgramData\cm-lock
2011-06-16 18:25 - 2011-06-16 18:26 - 0000303 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\jones\AppData\Local\Temp\avgnt.exe
C:\Users\jones\AppData\Local\Temp\dllnt_dump.dll
C:\Users\jones\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-13 10:52
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by jones at 2015-06-13 16:03:10
Running from C:\Users\jones\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4150059858-4142371535-3419905417-500 - Administrator - Disabled)
Guest (S-1-5-21-4150059858-4142371535-3419905417-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4150059858-4142371535-3419905417-1004 - Limited - Enabled)
jones (S-1-5-21-4150059858-4142371535-3419905417-1000 - Administrator - Enabled) => C:\Users\jones
UpdatusUser (S-1-5-21-4150059858-4142371535-3419905417-1005 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Spybot - Search and Destroy (Disabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
3ivx D4 4.5.1 Decoder (remove only) (HKLM-x32\...\3ivx D4 4.5.1 Decoder) (Version: 4.5.1 - 3ivx Technologies, Pty. Ltd.)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon Music (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Authorizer 2.5.0.40960 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.5.0.40960 - Propellerhead Software AB)
Authorizer Ignition Key Support (Version: 1.0.5.0 - Propellerhead Software AB) Hidden
Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)
CA-2A Leveling Amplifier (x64) (HKLM-x32\...\CA-2A Leveling Amplifier_x64_is1) (Version: 1.0 - Cakewalk Music Software)
calibre 64bit (HKLM\...\{1698C4E2-84A8-4E14-9CE0-2BD39F604615}) (Version: 2.11.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.0.1.22820 - Cakewalk Music Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Restore (HKLM\...\{15D07D6F-E4CC-41D9-88A3-94115E5E5A10}) (Version: 1.6.3 - JOConnell)
Dimension Pro 1.5 (HKLM-x32\...\DimensionPro_x64_is1) (Version: 18.0 - Cakewalk Music Software)
DIRECTV Player (HKLM-x32\...\{a1bb9be6-729f-4049-a36a-aad335c86c01}) (Version: 9.2 - DIRECTV)
DOOM 3 (HKLM-x32\...\Steam App 9050) (Version:  - id Software)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.5 - Emsisoft GmbH)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
FrostWire 6.0.5 (HKLM-x32\...\FrostWire 6) (Version: 6.0.5.1 - FrostWire LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IK Multimedia Authorization Manager version 1.0.11 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.11 - IK Multimedia)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Infix 3.36 (HKLM-x32\...\43442AE9-6512-4392-B5DD-9167BECD1112_is1) (Version:  - Iceni Technology)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
M-Audio Oxygen Driver 1.3.0 (x64) (HKLM\...\{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}) (Version: 1.3.0 - M-Audio)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0202 - Celemony Software GmbH)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.1.2 - IK Multimedia)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version:  - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Nero 9 Essentials (HKLM-x32\...\{00c2a207-da3e-416e-a2ba-6d34ce191335}) (Version:  - Nero AG)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PC4K S-Type Comp (x64) (HKLM-x32\...\PC4K S-Type Comp_x64_is1) (Version: 2.0 - Cakewalk Music Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Rapport (Version: 3.5.1205.15 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1412.173 - Trusteer) Hidden
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
ReaPlugs (HKLM-x32\...\ReaPlugs) (Version:  - )
Revo Uninstaller Pro 2.5.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.3 - VS Revo Group, Ltd.)
SampleTank 3 version 3.3.0 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.3.0 - IK Multimedia)
Scarlett MixControl 1.8 (HKLM-x32\...\Saffire USB 26_is1) (Version: 1.8 - Focusrite Audio Engineering Limited)
Scarlett Plug-in Suite 1.6 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.6 - Focusrite)
SONAR X3 Producer (x64) (HKLM-x32\...\SONARX3Producer_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Spotify (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Spotify) (Version: 0.9.0.133.gd18ed589 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1108 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
The Journey to Wild Divine (HKLM-x32\...\The Journey to Wild Divine) (Version:  - )
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.173 - Trusteer)
Universal Breathing - Pranayama Free version 2.0.5 (HKLM-x32\...\{C3DBC9D3-C1DC-43F3-9CF0-E2A6ED4AAE12}_is1) (Version: 2.0.5 - Saagara LLC)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (03/17/2014 2.5.128.1) (HKLM\...\D86E353566ECB4A7ADA159C02FE46D0BACC4FA6B) (Version: 03/17/2014 2.5.128.1 - Focusrite)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Wireless Audio - Multiroom for Desktop (HKLM-x32\...\{7791F7D9-3010-4221-B563-327719437022}) (Version: 1.1 - Samsung Inc.)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version:  - )
XLN Online Installer (HKLM\...\XLN Online Installer) (Version:  - XLN Audio AB)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
12-05-2015 06:29:04 Windows Update
13-05-2015 06:52:54 Windows Update
15-05-2015 08:13:43 Windows Update
19-05-2015 07:18:02 Windows Update
23-05-2015 07:46:13 Windows Update
27-05-2015 06:48:42 Windows Update
31-05-2015 07:15:07 Windows Update
03-06-2015 16:30:15 Windows Update
04-06-2015 14:36:37 Installed Miroslav Philharmonik
04-06-2015 14:52:53 Installed Miroslav Philharmonik
04-06-2015 15:08:41 Configured Miroslav Philharmonik
05-06-2015 08:23:15 Windows Update
06-06-2015 17:15:51 Restore Operation
06-06-2015 17:34:06 Windows Update
06-06-2015 17:43:43 Restore Operation
07-06-2015 14:28:48 Windows Update
09-06-2015 16:42:47 Installed Rapport
10-06-2015 06:40:05 Windows Update
12-06-2015 07:27:05 ComboFix created restore point
12-06-2015 14:41:56 Restore Operation
12-06-2015 15:23:16 Installed Rapport
12-06-2015 15:50:30 Restore Operation
12-06-2015 15:59:36 Removed Rapport
12-06-2015 16:11:37 Restore Operation
12-06-2015 16:51:26 Windows Update
12-06-2015 17:42:53 june 12--operating correctly
13-06-2015 13:33:18 Restore Operation
13-06-2015 13:47:17 operating correctly 2
13-06-2015 15:41:33 after scans
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2013-07-02 08:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04441761-E249-4970-AABB-0CFC322E8BE9} - System32\Tasks\{4053DBB8-2467-4911-AC15-A740352B9504} => pcalua.exe -a "C:\Users\jones\Desktop\music software, etc\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1\Miroslav Philharmonik Instruments Installer Part 1-9.exe" -d "C:\Users\jones\Desktop\music software, etc\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1"
Task: {04DED808-4069-4283-A5BB-8CBC6B17F3E9} - System32\Tasks\{3843F2FB-2BFB-4C00-BB62-4A043AC70E17} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {069B1493-0D4D-4F15-9B79-33138264CAEF} - System32\Tasks\{FF00730A-DCB8-442D-B751-E05905F9967B} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {096F9D7C-C219-4F7D-873D-1D8A63353D0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27] (Google Inc.)
Task: {0D4EC6E7-5E27-4054-AF8D-5F09EC88F45A} - System32\Tasks\{41FE7BBF-9D3D-41D6-B989-FFD0BCA26B28} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {18AFCDC1-3A20-403C-8B7F-E6E0CDBCEBBF} - System32\Tasks\{BFF90F4B-E182-41C8-A069-7A6E9948019C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {19143AC8-B7E1-45E1-8308-2A3A377E5C74} - System32\Tasks\{BF903655-EEF6-436A-A945-F925B76B559F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart4\MiroslavPhilharmonikPart4\Miroslav Philharmonik Instruments Installer Part 4-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart4\MiroslavPhilharmonikPart4
Task: {19B59F50-E1AE-4ED6-AE7B-40C2D99681AD} - System32\Tasks\{0F9BA756-2A84-441C-B375-1FDE831454F1} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart9\MiroslavPhilharmonikPart9\Miroslav Philharmonik Instruments Installer Part 9-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart9\MiroslavPhilharmonikPart9
Task: {1CD6D2D9-DBFA-4A9D-92CE-2A1DAD299596} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {25A74A48-7334-4FEB-8BA2-CA9387335EE9} - System32\Tasks\{194744E9-9166-4DB9-B137-7A29EC793478} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {29872556-3A23-4FCF-B6C1-D7B973F8FA3E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {2EF5D55E-667D-47DF-A211-37C480C23C71} - System32\Tasks\{E661F518-2FCD-4A4F-857C-1B4E556D0E17} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {37EDDBA4-EB06-425F-9C9D-997F7611D7F8} - System32\Tasks\{9B3EDE87-84C5-4DBC-9F5F-DBF8EAE251CC} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {396EDFBE-DE3E-44C2-A286-13BB835931A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {3EE07F7A-915E-4CF5-B7CA-F7D5F5C26D03} - System32\Tasks\{D2B15889-F840-4119-BEB1-EAA8F5A0B1C9} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {41883A04-3CFF-4451-9DE2-3F1E2F22F1EB} - System32\Tasks\{2EE751A3-E386-4B1E-BB9D-375E90D5DAC5} => pcalua.exe -a C:\Users\jones\Desktop\mp3gain-win-1_2_5.exe -d C:\Users\jones\Desktop
Task: {4609CACD-9AEB-40F7-A493-B2D56564F826} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {46A90C22-0579-4EFB-85BF-5613E170F5CC} - System32\Tasks\{703007B8-0075-46A9-A7AC-2838B5F0E67F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart3\MiroslavPhilharmonikPart3\Miroslav Philharmonik Instruments Installer Part 3-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart3\MiroslavPhilharmonikPart3
Task: {48AF1079-6073-4232-8B6F-ADA4B5AA311D} - System32\Tasks\{16488E63-D86A-4E20-9C46-EA2C4E062560} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {494E5C88-A351-492A-8B4F-35D4A7320857} - System32\Tasks\{02040A1D-4AAB-40CE-AFDB-B39E0F8145FF} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {4FAA9D48-0208-4736-9082-CBEE8AFE2B91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {57458514-4779-4E5A-8F1F-927002CEF3A6} - System32\Tasks\{41786C52-9817-4EB3-8706-EB862EB10CE8} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {5ED1613C-0F59-4AE0-97A7-6B9A34CDCC39} - System32\Tasks\{7E8AB779-009A-4807-93A7-151E29308088} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart2\MiroslavPhilharmonikPart2\Miroslav Philharmonik Instruments Installer Part 2-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart2\MiroslavPhilharmonikPart2"
Task: {637AFFB1-23D7-4270-99E1-1420FC7CD155} - System32\Tasks\{31009A52-FB74-47FA-A940-5B9993BBBF45} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart6\MiroslavPhilharmonikPart6\Miroslav Philharmonik Instruments Installer Part 6-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart6\MiroslavPhilharmonikPart6"
Task: {804554E2-7BDE-4E96-93AB-4407E7CD4DD4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {857BD028-5D99-4728-B909-06A5081FA594} - System32\Tasks\{F90CBC14-5669-494C-B2C6-D706A8755139} => pcalua.exe -a "C:\Users\jones\Desktop\SampleTank_3_Free_Sound_Installer_1\SampleTank 3 Free Sound Installer 1\SampleTank 3 Free Sound Installer 1.exe" -d "C:\Users\jones\Desktop\SampleTank_3_Free_Sound_Installer_1\SampleTank 3 Free Sound Installer 1"
Task: {902ABF6B-04CC-44D1-85E2-983C10A332AA} - System32\Tasks\{AABF27D5-EDBC-4066-84BB-7DEFFE49BF96} => pcalua.exe -a D:\motsetup.exe -d D:\
Task: {9A614E2F-9F2F-40D3-B3E2-E3A8E093FC6D} - System32\Tasks\{0ADC3C61-2C92-45E8-B1F3-57AB4F2F0875} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {A5979147-96CF-496B-9E79-BC13C4B2B5F7} - System32\Tasks\{D978C65F-411D-4461-8671-6587EC479DBA} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {A8895B3B-6E9E-4E84-8F1F-76B8947D802C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4150059858-4142371535-3419905417-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B18C5F45-CBB5-455D-9123-3169D3075DAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {B1FF2900-D3B2-4A33-8D33-C9497BE71DF3} - System32\Tasks\{EF2B9E46-F796-4931-A2C0-76E83958C450} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1\Miroslav Philharmonik Instruments Installer Part 1-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1"
Task: {B2E3906F-F001-40F7-BD94-2C13F062B62B} - System32\Tasks\{3F1CF17A-2A72-4D52-BD85-5492AA53546B} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {B382342B-4E11-4848-9437-86A92C371F3A} - System32\Tasks\{A55F8527-2DDA-47C8-A6DF-D80542FBECCE} => pcalua.exe -a C:\Users\jones\Desktop\DOOM3-1.3.1.exe -d C:\Users\jones\Desktop
Task: {B70CB5AD-9823-4C91-9CA9-92F16F9E5C60} - System32\Tasks\{DE1D1503-3275-493C-827D-E1E320D309E2} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {B758730A-BE4C-4A6F-91F2-CB02087CC6CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27] (Google Inc.)
Task: {B97D8974-148D-4AF8-B60C-BB615E12A891} - System32\Tasks\{7D4826D3-5910-4680-B27A-DB1E13E7EB7F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart8\MiroslavPhilharmonikPart8\Miroslav Philharmonik Instruments Installer Part 8-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart8\MiroslavPhilharmonikPart8
Task: {B97E5BE0-6603-419D-A7F4-5610241D9057} - System32\Tasks\{9FC86BD3-E4B8-474E-9C62-4CAEF8704EED} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {C07486ED-5FD4-4236-9B03-A3C8AA6C4E48} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {C110D0EC-EA18-4422-BE55-55366A1B0F73} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C1A98279-BE9E-4CD1-ACE3-3FD4E07E12F3} - System32\Tasks\{8568CEE5-FB62-4E5F-B61A-003BA2961671} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {C2D8C521-B242-4037-9A15-D5E45CB7F5FF} - System32\Tasks\{E4BDE113-F296-49BE-BF19-93AC10C01415} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {C5B0115A-4A08-4D31-84BB-52D80ADAD178} - System32\Tasks\{C351E27B-308C-4A5D-B297-A50F864C8450} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {C9D1D0DA-F952-4566-A0AF-7C093E244834} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4150059858-4142371535-3419905417-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D029505D-E336-4962-A032-3148706A7578} - System32\Tasks\{12F5DC37-0996-4B3C-AD9E-6177BEE2CC0C} => Iexplore.exe http://ui.skype.com/...red;notincluded
Task: {D1C0C573-7A59-4125-9075-6C1DDFB8BD37} - System32\Tasks\{2FA5E022-EE7B-474E-AE7D-D0B8389D01F1} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {D3FE9FAE-8E07-462E-B07B-ADA745E05D79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {D6A0B316-9AF5-4C40-95B3-7D87B0A19AF0} - System32\Tasks\{4780314D-3B21-46F8-ABA7-501020203EA2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {DFE427D2-8576-4B93-90F9-0E1E26D92BE5} - System32\Tasks\{717842DC-F7E9-44DD-A1EF-11667C30C7F4} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart7\MiroslavPhilharmonikPart7\Miroslav Philharmonik Instruments Installer Part 7-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart7\MiroslavPhilharmonikPart7
Task: {E00BFE1D-46C6-4A91-A0CD-608269F801A7} - System32\Tasks\{D587AB7E-4FA3-47EA-804E-72A0481D4CE8} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {ED2C4617-5976-486D-96AE-87789AEADF4D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-14] (Microsoft Corporation)
Task: {F0277174-606C-4488-AC79-3754C6FBEB11} - System32\Tasks\{8DD45DA1-2DA6-46E1-931E-7BBEDBE7FB44} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {F0AA3D92-6179-4AAD-886B-F2CCE86A244F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {F766E8C5-2A90-4717-B9D9-B7552D212A6A} - System32\Tasks\{C35FFFC7-090D-46F3-BF69-D62177682A1C} => pcalua.exe -a "C:\Users\jones\Desktop\security\NetGear Instructions\Autorun.exe" -d "C:\Users\jones\Desktop\security\NetGear Instructions"
Task: {F90ABA80-44C4-4053-9198-935700D20DAE} - System32\Tasks\{674A37EB-DD8F-4992-9719-D40FB533774E} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {FA2AC438-DF1B-4F52-8747-AE1AB56491AC} - System32\Tasks\{E040EA2C-985E-4A2B-BDA7-16FFAD8B3113} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart5\MiroslavPhilharmonikPart5\Miroslav Philharmonik Instruments Installer Part 5-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart5\MiroslavPhilharmonikPart5
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-11-13 12:10 - 2015-01-30 17:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 16:00 - 2009-08-10 16:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2015-03-11 16:42 - 2015-03-02 15:44 - 05886272 _____ () C:\Users\jones\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-08-07 14:02 - 2014-08-07 14:02 - 01792360 _____ () C:\Users\jones\AppData\Local\Samsung Inc\Wireless Multiroom\Wireless Audio - Multiroom for Desktop\DMSSettings.exe
2015-06-09 14:15 - 2015-06-05 11:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 14:15 - 2015-06-05 11:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\jango.com -> hxxps://www.jango.com
IE trusted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\microsoft.com -> hxxp://update.microsoft.com
 
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.00hq.com -> .00hq.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.75tz.com -> .75tz.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.aavc.com -> .aavc.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.acjp.com -> .acjp.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.count.cc -> .count.cc
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebav.com -> .ebav.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebaw.com -> .ebaw.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebch.com -> .ebch.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebdv.com -> .ebdv.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebdw.com -> .ebdw.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebgo.com -> .ebgo.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebjp.com -> .ebjp.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebkb.com -> .ebkb.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebkn.com -> .ebkn.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebky.com -> .ebky.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.eblv.com -> .eblv.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebmu.com -> .ebmu.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebvr.com -> .ebvr.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ecmh.com -> .ecmh.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ecmp.com -> .ecmp.com
 
There are 12477 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{E2ED49D3-A9C9-48A0-B2A4-D843DDBEE1FA}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{635519D7-3C06-4E29-A2D5-6CAA9157A6FF}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{023E8728-3E56-4606-9FA1-E0B886B3012E}] => (Allow) LPort=7000
FirewallRules: [{736E49BB-62F2-4670-83CA-8E42BD7221F7}] => (Allow) LPort=7000
FirewallRules: [{787516EE-697E-4937-9647-F14C69DB9983}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{6A5E4AE8-3071-49BB-B081-69FBAFD84425}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [TCP Query User{DC3734EE-8A61-404B-93BC-63F9420C7717}C:\program files (x86)\frostwire\frostwire.exe] => (Allow) C:\program files (x86)\frostwire\frostwire.exe
FirewallRules: [UDP Query User{0CD35AD0-7843-42A6-BACB-3C5ACFF8D08A}C:\program files (x86)\frostwire\frostwire.exe] => (Allow) C:\program files (x86)\frostwire\frostwire.exe
FirewallRules: [{14BBA1B3-F342-4FAC-A59A-06182C38C7C7}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{7120A80E-A23C-4667-9594-D894A2A519CF}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{13AF54AB-DCD4-4043-B548-4EB8DA8F0BEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B461B15F-7457-418F-B3E8-DE6803A90EB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{CF7FC481-F292-41FC-9540-7ED0566047AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{BBAB31C5-F0A3-4237-B2FC-6500A03F7222}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{57FA26F1-555E-4428-99DB-D949E4FC42AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E22C327E-28ED-4994-B760-A5672679C436}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02221E8D-AF88-41C5-BE85-693621C27BC6}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C6C7C9FF-513D-4754-947D-97FE0BD8D3B6}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{4900B1CD-0BBB-49CF-8FEE-921F15095DBC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A1B18101-C04E-4D27-AB31-C19A5DD1BD5B}] => (Allow) LPort=2869
FirewallRules: [{6CB89CEC-1891-4324-AED8-94B770E0F91A}] => (Allow) LPort=1900
FirewallRules: [{6053A988-48C7-4B67-84D5-AD72F34F94DA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{11D43893-9391-4482-A835-4CC0DAC0C57F}C:\users\jones\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jones\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{97974CD3-401F-451D-BB63-6BD4F8F4F3DA}C:\users\jones\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jones\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0B69F3B8-E601-4619-962D-A28B4533763B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4DA0888A-F569-4A93-A5A6-54E84FA6A9E9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{FB76860A-78DD-4C7C-9045-437A4DA4FD88}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{1E55BB20-A720-46C1-84CC-0210C134A69C}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{2AD24087-2107-4A46-BDEE-15A1493565F7}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{2D0BB864-2B12-4C0E-928A-57162E15C22B}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{8AD48BD6-C838-4063-AF0F-C44C8338B27B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{5325953E-0404-442F-AED4-4AAFD6DA2706}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{DF3D3EB1-7D11-45E6-9707-C753A95F9967}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{73C594F6-68B3-4F69-8858-49647F0A01C8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{586611EF-16D2-4E5A-9BC1-141DF8BA1E4C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{CCCCA5D3-A0B4-4A5C-9E0C-68BF71C1AC57}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [UDP Query User{4747CB94-3D99-4AD5-A50E-1E5AB93032AB}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [TCP Query User{779C5F43-3659-4315-8210-5691AB527635}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [UDP Query User{AF208D2A-28B2-4E45-B798-950BB5F10188}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [TCP Query User{A3D00B5B-4A80-4F2B-8267-9DFB3472C404}C:\program files\cakewalk\shared utilities\bitbridge.exe] => (Allow) C:\program files\cakewalk\shared utilities\bitbridge.exe
FirewallRules: [UDP Query User{E2069E23-9301-4ECA-B109-123718442B32}C:\program files\cakewalk\shared utilities\bitbridge.exe] => (Allow) C:\program files\cakewalk\shared utilities\bitbridge.exe
FirewallRules: [{FD51874C-2763-4B52-A5FC-0DEF8EC523B2}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{7A9DC429-28CB-47C5-BB0A-963580FB07A4}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{5BCC1B0F-8625-42D3-9782-A8822FC82CC7}] => (Allow) C:\Users\jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{006DA04E-9190-4B50-AD8A-103DD3D1CF0F}] => (Allow) C:\Users\jones\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7EB1D30F-058D-411D-8223-8D1B16E415A1}] => (Allow) C:\Users\jones\AppData\Local\Temp\nsi1372.tmp\CnetInstaller-75452653.exe
FirewallRules: [{19DDF5E7-5E92-4A0D-A9FA-0EB6602DB255}] => (Allow) C:\Users\jones\AppData\Local\Temp\nsi1372.tmp\CnetInstaller-75452653.exe
FirewallRules: [TCP Query User{5AE4EFE9-9BAC-4C46-8819-406771B5837F}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Allow) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [UDP Query User{9905CE7D-EF16-4CE3-9A76-1BADF2D65AF3}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Allow) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [TCP Query User{E1B6A390-1443-45F2-970A-3A3B94DC486C}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Block) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [UDP Query User{D5BA623B-9087-49F0-8248-0E027BCFD0D9}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Block) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [{A5F01BE1-F6C5-4DD9-8AD4-DCFE29CDDD9C}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{9B3502F2-B232-47BD-B64B-088F1813862B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/13/2015 02:22:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (06/13/2015 07:20:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.908, time stamp: 0x54cc2194
Faulting module name: nvtray.exe, version: 7.17.13.908, time stamp: 0x54cc2194
Exception code: 0x40000015
Fault offset: 0x0000000000154f89
Faulting process id: 0x700
Faulting application start time: 0xnvtray.exe0
Faulting application path: nvtray.exe1
Faulting module path: nvtray.exe2
Report Id: nvtray.exe3
 
Error: (06/13/2015 06:32:30 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=15:app=Microsoft Excel Starter 2010 9014006604090000:tid=1384:usr=jones}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)
 
Error: (06/13/2015 06:32:30 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=15:app=Microsoft Excel Starter 2010 9014006604090000:tid=1384:usr=jones}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7149.5001.sft'(rc 16001E0A-000001D1, original rc 16001E0A-000001D1).
 
Error: (06/13/2015 06:21:56 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=14:app=Microsoft Excel Starter 2010 9014006604090000:tid=11C0:usr=jones}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)
 
Error: (06/13/2015 06:21:56 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=14:app=Microsoft Excel Starter 2010 9014006604090000:tid=11C0:usr=jones}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7149.5001.sft'(rc 16001E0A-000001D1, original rc 16001E0A-000001D1).
 
Error: (06/13/2015 06:20:52 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=13:app=Microsoft Excel Starter 2010 9014006604090000:tid=BF8:usr=jones}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)
 
Error: (06/13/2015 06:20:52 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=13:app=Microsoft Excel Starter 2010 9014006604090000:tid=BF8:usr=jones}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7149.5001.sft'(rc 16001E0A-000001D1, original rc 16001E0A-000001D1).
 
Error: (06/13/2015 06:20:14 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=1114:usr=jones}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)
 
Error: (06/13/2015 06:20:14 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=1114:usr=jones}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7149.5001.sft'(rc 16001E0A-000001D1, original rc 16001E0A-000001D1).
 
 
System errors:
=============
Error: (06/13/2015 03:41:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (06/13/2015 03:41:50 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/13/2015 03:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (06/13/2015 03:39:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (06/13/2015 03:39:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error: 
%%1053
 
Error: (06/13/2015 03:39:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
 
Error: (06/13/2015 03:39:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (06/13/2015 03:39:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (06/13/2015 03:35:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (06/13/2015 03:35:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office:
=========================
Error: (06/13/2015 02:22:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (06/13/2015 07:20:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.90854cc2194nvtray.exe7.17.13.90854cc2194400000150000000000154f8970001d0a5da070de0e0C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exe59338690-11d7-11e5-9429-f80f410d084e
 
Error: (06/13/2015 06:32:30 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=15:app=Microsoft Excel Starter 2010 9014006604090000:tid=1384:usr=jones}
16001E0A-000001D1
 
Error: (06/13/2015 06:32:30 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=15:app=Microsoft Excel Starter 2010 9014006604090000:tid=1384:usr=jones}
 
Error: (06/13/2015 06:21:56 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=14:app=Microsoft Excel Starter 2010 9014006604090000:tid=11C0:usr=jones}
16001E0A-000001D1
 
Error: (06/13/2015 06:21:56 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=14:app=Microsoft Excel Starter 2010 9014006604090000:tid=11C0:usr=jones}
 
Error: (06/13/2015 06:20:52 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=13:app=Microsoft Excel Starter 2010 9014006604090000:tid=BF8:usr=jones}
16001E0A-000001D1
 
Error: (06/13/2015 06:20:52 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=13:app=Microsoft Excel Starter 2010 9014006604090000:tid=BF8:usr=jones}
 
Error: (06/13/2015 06:20:14 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=1114:usr=jones}
16001E0A-000001D1
 
Error: (06/13/2015 06:20:14 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=1114:usr=jones}
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-12 07:44:22.316
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.160
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-02 08:23:18.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-02 08:23:18.181
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Sempron™ 150 Processor
Percentage of memory in use: 54%
Total physical RAM: 4863.37 MB
Available physical RAM: 2224.48 MB
Total Pagefile: 9724.94 MB
Available Pagefile: 6987.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (eMachines) (Fixed) (Total:451.66 GB) (Free:295.47 GB) NTFS
Drive g: () (Removable) (Total:30.22 GB) (Free:26.21 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E7503193)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 30.2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30.2 GB) - (Type=0C)
 
==================== End of log ============================

 


  • 0

Advertisements


#2
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

New info: I am occasionally being redirected to insurance sites.


  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay could you update me on your problems and provide a fresh FRST scan

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#4
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

Thanks:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by jones (administrator) on JONES-PC on 21-06-2015 15:04:42
Running from C:\Users\jones\Desktop
Loaded Profiles: jones (Available Profiles: jones & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(The WIndows Club) C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hide Taskbar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Stoic Joker's Network) C:\Program Files\T-Clock\x64\Clock.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-05] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Run: [OneDrive] => C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
Startup: C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hide Taskbar.exe [2015-06-09] (The WIndows Club)
Startup: C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stoic Joker's T-Clock 2010 x64.lnk [2012-12-06]
ShortcutTarget: Stoic Joker's T-Clock 2010 x64.lnk -> C:\Program Files\T-Clock\x64\Clock.exe (Stoic Joker's Network)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000 -> DefaultScope {ADD8D8BA-ED16-479F-BCA0-F12571E602C6} URL = http://www.google.co...&rlz=1I7ADFA_en
SearchScopes: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000 -> {ADD8D8BA-ED16-479F-BCA0-F12571E602C6} URL = http://www.google.co...&rlz=1I7ADFA_en
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\m4lsnt0g.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4150059858-4142371535-3419905417-1000: @nds.com/PlayerPlugin -> C:\Users\jones\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)
FF Plugin HKU\S-1-5-21-4150059858-4142371535-3419905417-1000: NDS.com/PlayerPlugin -> C:\Users\jones\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-11-17] (DIRECTV)
FF Extension: Avira Browser Safety - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\m4lsnt0g.default\Extensions\[email protected] [2015-06-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Brushed) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2012-11-24]
CHR Extension: (YouTube) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-24]
CHR Extension: (Google Search) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-24]
CHR Extension: (Google Wallet) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-24]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5155576 2015-06-14] (Emsisoft Ltd)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-05] (AVG Technologies CZ, s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-06-26] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [23208 2011-05-19] (Emsi Software GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-06-14] (Emsisoft GmbH)
R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2014-07-09] ()
R3 OXYGEN; C:\Windows\System32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)
S3 paeusbaudio; C:\Windows\System32\DRIVERS\paeusbaudio_x64.sys [250728 2012-10-09] ()
S3 paeusbaudiodsp; C:\Windows\System32\DRIVERS\paeusbaudiodsp_x64.sys [69992 2012-10-09] ()
S3 paeusbaudioks; C:\Windows\System32\DRIVERS\paeusbaudioks_x64.sys [51560 2012-10-09] ()
S3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [302336 2011-11-07] (Roland Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-06-13] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-21 15:04 - 2015-06-21 15:05 - 00019575 _____ C:\Users\jones\Desktop\FRST.txt
2015-06-21 15:03 - 2015-06-21 15:03 - 02109952 _____ (Farbar) C:\Users\jones\Desktop\FRST64.exe
2015-06-21 11:22 - 2015-06-21 11:22 - 00000000 ___HD C:\OneDriveTemp
2015-06-20 08:06 - 2015-06-20 08:08 - 00000000 ____D C:\Users\jones\Desktop\music sorted 1
2015-06-19 16:15 - 2015-06-19 16:15 - 02016882 _____ C:\Users\jones\Desktop\PhilharmonikSoundsUpdater.zip
2015-06-19 16:13 - 2015-06-19 16:14 - 345219669 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart9.zip
2015-06-19 16:11 - 2015-06-19 16:12 - 620557474 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart8.zip
2015-06-19 16:08 - 2015-06-19 16:10 - 600523448 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart7.zip
2015-06-19 16:03 - 2015-06-19 16:05 - 867164066 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart6.zip
2015-06-19 15:57 - 2015-06-19 15:59 - 719062383 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart5.zip
2015-06-19 15:53 - 2015-06-19 15:55 - 790282397 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart4.zip
2015-06-19 15:51 - 2015-06-19 15:53 - 730529444 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart3.zip
2015-06-19 15:44 - 2015-06-21 11:21 - 00000495 _____ C:\Windows\setupact.log
2015-06-19 15:43 - 2015-06-19 15:45 - 788530176 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart2.zip
2015-06-19 15:40 - 2015-06-19 15:43 - 825461790 _____ C:\Users\jones\Desktop\MiroslavPhilharmonikPart1.zip
2015-06-19 15:36 - 2015-06-19 15:36 - 00000000 ____D C:\Users\jones\AppData\Local\Steam
2015-06-19 08:27 - 2015-05-09 11:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-19 08:27 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-19 08:27 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-19 08:27 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-19 08:27 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-19 08:27 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-19 08:27 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-19 08:27 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-19 08:27 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-18 17:45 - 2015-06-18 17:45 - 00000000 ____D C:\ProgramData\Avg_Update_0215pi
2015-06-18 17:43 - 2015-06-18 17:43 - 00000000 ____D C:\Users\jones\AppData\Roaming\AVG2015
2015-06-18 17:42 - 2015-06-18 17:42 - 00000934 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-06-18 17:42 - 2015-06-18 17:42 - 00000000 ____D C:\Users\jones\AppData\Roaming\TuneUp Software
2015-06-18 17:42 - 2015-06-18 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-06-18 17:42 - 2015-06-18 17:42 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-18 17:41 - 2015-06-18 17:42 - 00000000 ____D C:\ProgramData\AVG2015
2015-06-18 17:41 - 2015-06-18 17:41 - 00000000 ___HD C:\$AVG
2015-06-18 17:41 - 2015-06-18 17:41 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-18 17:40 - 2015-06-18 17:40 - 00003092 _____ C:\Windows\System32\Tasks\{119CD52C-E8F6-451F-8797-66D2D22AF558}
2015-06-18 17:37 - 2015-06-21 11:27 - 00000000 ____D C:\ProgramData\MFAData
2015-06-18 17:37 - 2015-06-18 19:12 - 00000000 ____D C:\Users\jones\AppData\Local\Avg2015
2015-06-18 17:37 - 2015-06-18 17:37 - 00000000 ____D C:\Users\jones\AppData\Local\MFAData
2015-06-18 13:23 - 2011-12-30 19:52 - 00233472 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\REX Shared Library.dll
2015-06-18 13:16 - 2015-06-18 13:16 - 00001890 _____ C:\Users\Public\Desktop\SONAR Platinum.lnk
2015-06-18 13:16 - 2015-06-18 13:16 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-06-18 13:15 - 2015-06-18 13:15 - 00000000 ____D C:\Users\Public\Documents\Overloud
2015-06-18 13:15 - 2012-06-20 17:38 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2015-06-18 13:15 - 2012-06-20 17:38 - 01047552 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2015-06-18 13:15 - 2012-06-20 17:38 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2015-06-18 13:15 - 2012-06-20 17:38 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2015-06-18 13:15 - 2012-06-20 17:38 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2015-06-18 13:15 - 2012-06-20 17:38 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2015-06-17 19:31 - 2015-06-20 08:08 - 00000000 ____D C:\Users\jones\Desktop\music sorted 2
2015-06-17 17:02 - 2015-06-17 17:02 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBrainz Picard.lnk
2015-06-17 17:02 - 2015-06-17 17:02 - 00001118 _____ C:\Users\Public\Desktop\MusicBrainz Picard.lnk
2015-06-17 17:02 - 2015-06-17 17:02 - 00000000 ____D C:\Users\jones\AppData\Roaming\MusicBrainz
2015-06-17 17:02 - 2015-06-17 17:02 - 00000000 ____D C:\Users\jones\AppData\Local\MusicBrainz
2015-06-17 17:02 - 2015-06-17 17:02 - 00000000 ____D C:\Program Files (x86)\MusicBrainz Picard
2015-06-17 16:12 - 2015-06-17 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 16:08 - 2015-06-18 07:43 - 00000000 ___RD C:\Users\jones\Dropbox
2015-06-17 16:08 - 2015-06-17 16:08 - 00001199 _____ C:\Users\jones\Desktop\Dropbox.lnk
2015-06-17 16:04 - 2015-06-21 14:09 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-06-17 16:04 - 2015-06-21 11:22 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-06-17 16:04 - 2015-06-18 07:42 - 00000000 ____D C:\Users\jones\AppData\Local\Dropbox
2015-06-17 16:04 - 2015-06-17 16:04 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-06-17 16:04 - 2015-06-17 16:04 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-06-17 16:04 - 2015-06-17 16:04 - 00000000 ____D C:\Users\jones\AppData\Roaming\Dropbox
2015-06-17 16:04 - 2015-06-17 16:04 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 16:03 - 2015-06-17 16:03 - 00003136 _____ C:\Windows\System32\Tasks\DropboxSetup
2015-06-17 16:03 - 2015-06-17 16:03 - 00000000 ____D C:\Users\jones\AppData\Roaming\DropboxSetup
2015-06-17 16:03 - 2015-06-17 16:03 - 00000000 ____D C:\Users\jones\AppData\Local\DropboxOEM
2015-06-17 16:02 - 2015-06-17 16:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-06-17 05:58 - 2015-06-17 05:58 - 00000000 _____ C:\Windows\setuperr.log
2015-06-16 08:00 - 2015-06-16 19:21 - 00000000 ____D C:\Users\jones\AppData\Local\CrashDumps
2015-06-14 14:07 - 2015-06-14 14:08 - 00000000 ____D C:\Users\jones\Desktop\emachine
2015-06-14 12:23 - 2015-06-16 18:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-06-14 09:47 - 2015-06-14 09:47 - 00000000 ____D C:\ProgramData\Emsisoft
2015-06-14 09:29 - 2015-06-14 09:29 - 00135800 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp64.sys
2015-06-13 16:30 - 2015-06-01 12:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-13 16:30 - 2015-06-01 11:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-13 16:30 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-13 16:30 - 2015-05-22 20:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-13 16:30 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-13 16:30 - 2015-05-22 20:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-13 16:30 - 2015-05-22 20:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-13 16:30 - 2015-05-22 20:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-13 16:30 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-13 16:30 - 2015-05-22 20:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-13 16:30 - 2015-05-22 20:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-13 16:30 - 2015-05-22 20:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-13 16:30 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-13 16:30 - 2015-05-22 20:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-13 16:30 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-13 16:30 - 2015-05-22 19:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-13 16:30 - 2015-05-22 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-13 16:30 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-13 16:30 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-13 16:30 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-13 16:30 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-13 16:30 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-13 16:30 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-13 16:30 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-13 16:30 - 2015-05-22 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-13 16:30 - 2015-05-22 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-13 16:30 - 2015-05-22 12:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-13 16:30 - 2015-05-22 12:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-13 16:30 - 2015-05-22 11:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-13 16:30 - 2015-05-22 11:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-13 16:30 - 2015-05-22 11:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-13 16:30 - 2015-05-22 11:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-13 16:30 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-13 16:30 - 2015-05-22 11:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-13 16:30 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-13 16:30 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-13 16:30 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-13 16:29 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-13 16:29 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-13 16:29 - 2015-05-22 19:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-13 16:29 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-13 16:29 - 2015-05-22 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-13 16:29 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-13 16:29 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-13 16:29 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-13 16:29 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-13 16:29 - 2015-05-22 11:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-13 16:29 - 2015-05-22 11:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-13 16:29 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-13 16:29 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-13 16:29 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-13 16:29 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-13 16:29 - 2015-05-22 11:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-13 16:29 - 2015-05-22 11:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-13 16:29 - 2015-05-22 11:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-13 16:29 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-13 16:29 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-13 16:29 - 2015-05-22 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-13 16:29 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-13 16:29 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-13 16:00 - 2015-05-25 10:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-13 16:00 - 2015-04-29 11:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-13 16:00 - 2015-04-29 11:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-13 16:00 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-13 16:00 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-13 16:00 - 2015-04-29 11:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-13 16:00 - 2015-04-29 11:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-13 16:00 - 2015-04-29 11:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-13 16:00 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-13 16:00 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-13 16:00 - 2015-04-29 11:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-13 16:00 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-13 16:00 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-13 15:59 - 2015-06-21 15:04 - 00000000 ____D C:\FRST
2015-06-13 14:19 - 2015-06-13 14:22 - 00000000 ____D C:\AdwCleaner
2015-06-13 14:00 - 2015-06-13 14:18 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-13 14:00 - 2015-06-13 14:00 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-12 14:35 - 2015-06-12 14:35 - 00000000 ____D C:\Users\jones\AppData\Roaming\Avira
2015-06-12 07:50 - 2015-06-12 07:50 - 00018185 _____ C:\ComboFix.txt
2015-06-12 07:25 - 2015-06-12 07:25 - 00000000 ____D C:\Users\jones\Documents\ProcAlyzer Dumps
2015-06-09 16:21 - 2015-06-09 16:21 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-07 14:45 - 2015-06-21 15:00 - 00000000 ___RD C:\Users\jones\OneDrive
2015-06-07 14:28 - 2015-05-22 11:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-07 14:28 - 2015-05-22 11:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-07 14:28 - 2015-05-22 11:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-07 14:28 - 2015-05-21 06:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 07:10 - 2015-05-25 11:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-05 07:10 - 2015-05-25 11:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-05 07:10 - 2015-05-25 11:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-05 07:10 - 2015-05-25 11:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-05 07:10 - 2015-05-25 11:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-05 07:10 - 2015-05-25 11:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-05 07:10 - 2015-05-25 11:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-05 07:10 - 2015-05-25 11:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-05 07:10 - 2015-05-25 11:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 11:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-05 07:10 - 2015-05-25 11:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-05 07:10 - 2015-05-25 11:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-05 07:10 - 2015-05-25 11:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-05 07:10 - 2015-05-25 11:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-05 07:10 - 2015-05-25 11:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-05 07:10 - 2015-05-25 10:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-05 07:10 - 2015-05-25 10:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-05 07:10 - 2015-05-25 10:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-05 07:10 - 2015-05-25 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 10:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-05 07:10 - 2015-05-25 09:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-05 07:10 - 2015-05-25 09:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-05 07:10 - 2015-05-25 09:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-05 07:10 - 2015-05-25 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-05 07:09 - 2015-05-08 20:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-05 07:09 - 2015-05-08 20:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-05 07:09 - 2015-05-08 20:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-05 07:09 - 2015-05-08 20:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-05 07:09 - 2015-05-08 20:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-05 07:09 - 2015-05-08 20:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-05 07:09 - 2015-05-08 20:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 06:54 - 2015-04-10 20:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-04 15:13 - 2015-06-04 15:13 - 00003568 _____ C:\Windows\System32\Tasks\{4053DBB8-2467-4911-AC15-A740352B9504}
2015-06-04 14:51 - 2015-06-04 14:51 - 00000000 ____D C:\Users\jones\Documents\IK Multimedia
2015-06-04 12:09 - 2015-06-12 16:34 - 00000000 ____D C:\Program Files (x86)\Steinberg
2015-06-01 08:02 - 2015-06-01 08:02 - 00000000 ____D C:\Users\jones\AppData\Local\GWX
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-21 14:23 - 2012-05-11 08:40 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-06-21 14:21 - 2012-08-29 21:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-21 14:10 - 2012-09-27 08:29 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 11:36 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-21 11:36 - 2009-07-13 21:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-21 11:25 - 2013-12-14 08:49 - 01445243 _____ C:\Windows\WindowsUpdate.log
2015-06-21 11:22 - 2012-09-27 08:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-21 11:21 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-20 14:50 - 2011-06-14 19:22 - 00000000 ____D C:\Users\jones\AppData\Roaming\SoftGrid Client
2015-06-20 07:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-06-20 06:08 - 2013-01-27 18:35 - 00045870 _____ C:\Users\jones\Desktop\credit card 2013.xlsx
2015-06-19 19:37 - 2011-06-13 23:57 - 00058800 _____ C:\Users\jones\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-19 19:25 - 2014-04-15 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio
2015-06-19 19:24 - 2014-03-27 15:47 - 00000000 ____D C:\Cakewalk Projects
2015-06-19 19:14 - 2015-01-07 16:10 - 00000016 _____ C:\Windows\SysWOW64\w3data.vss
2015-06-19 19:14 - 2015-01-07 16:10 - 00000016 _____ C:\Windows\SysWOW64\msvcsv60.dll
2015-06-19 19:14 - 2015-01-06 07:18 - 00000032 _____ C:\Windows\msocreg32.dat
2015-06-19 18:29 - 2011-01-06 20:06 - 00101376 _____ C:\Users\jones\Desktop\Debit Jan 2011.xls
2015-06-19 17:01 - 2013-04-19 06:58 - 00000000 ____D C:\Users\jones\AppData\Local\Adobe
2015-06-19 17:01 - 2012-08-29 21:09 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-19 17:00 - 2012-04-05 06:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-19 17:00 - 2011-10-25 16:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 16:05 - 2011-06-14 22:46 - 00000000 ____D C:\Users\jones\Desktop\security
2015-06-19 15:58 - 2014-11-28 07:19 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieBrowserModeList
2015-06-19 15:58 - 2014-04-10 13:05 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieUserList
2015-06-19 15:58 - 2014-04-10 13:05 - 00000000 __SHD C:\Users\jones\AppData\Local\EmieSiteList
2015-06-19 15:37 - 2011-12-23 15:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-18 19:13 - 2014-07-07 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2015-06-18 17:54 - 2015-01-06 07:18 - 00000016 _____ C:\Windows\system32\w3data.vss
2015-06-18 17:54 - 2015-01-06 07:18 - 00000016 _____ C:\Windows\system32\msvcsv60.dll
2015-06-18 17:54 - 2015-01-06 07:18 - 00000016 _____ C:\Users\jones\AppData\Roaming\msregsvv.dll
2015-06-18 17:54 - 2015-01-06 07:18 - 00000016 _____ C:\ProgramData\autobk.inc
2015-06-18 17:39 - 2012-02-04 18:34 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-18 14:47 - 2014-04-14 14:55 - 00000000 ____D C:\Users\jones\AppData\Roaming\Overloud
2015-06-18 14:45 - 2014-03-27 15:49 - 00000000 ____D C:\Users\jones\AppData\Roaming\Cakewalk
2015-06-18 14:23 - 2014-03-27 15:39 - 00000000 ____D C:\Cakewalk Content
2015-06-18 13:32 - 2014-04-15 16:22 - 00000000 ____D C:\Program Files\vst plugins
2015-06-18 13:18 - 2014-03-27 15:37 - 00000000 ____D C:\Program Files\Cakewalk
2015-06-18 13:16 - 2014-04-14 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2015-06-18 13:15 - 2014-04-14 14:25 - 00000000 ____D C:\ProgramData\Overloud
2015-06-18 13:14 - 2014-03-27 15:37 - 00000000 ____D C:\ProgramData\Cakewalk
2015-06-18 08:01 - 2012-11-27 18:08 - 00000000 ____D C:\Users\jones\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}
2015-06-18 08:01 - 2012-11-27 18:08 - 00000000 ____D C:\ProgramData\Virtualized Applications
2015-06-18 08:01 - 2011-06-14 19:22 - 00000000 ____D C:\Users\jones\AppData\Local\SoftGrid Client
2015-06-18 07:48 - 2012-02-23 17:37 - 00000000 ____D C:\Users\jones\Desktop\Torrent Data
2015-06-17 16:53 - 2014-08-16 13:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-17 16:23 - 2014-08-24 15:17 - 00000000 ____D C:\Users\jones\Desktop\taxes
2015-06-17 16:08 - 2011-06-13 23:57 - 00000000 ____D C:\Users\jones
2015-06-16 18:47 - 2013-10-13 09:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-16 18:46 - 2015-04-04 15:17 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-16 18:46 - 2011-09-09 15:59 - 00000000 ____D C:\ProgramData\!SASCORE
2015-06-16 18:46 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-06-13 17:03 - 2014-03-28 15:57 - 00000000 ____D C:\ProgramData\eLicenser
2015-06-13 17:01 - 2014-03-26 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2015-06-13 17:01 - 2014-03-26 16:30 - 00000000 ____D C:\ProgramData\CodeMeter
2015-06-13 17:00 - 2015-01-05 16:00 - 00000000 ____D C:\Users\jones\AppData\Roaming\uTorrent
2015-06-13 16:53 - 2009-07-13 21:45 - 00269128 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-13 16:51 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-13 16:46 - 2013-07-12 07:42 - 00000000 ____D C:\Windows\system32\MRT
2015-06-13 15:04 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup
2015-06-13 14:25 - 2014-08-16 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-13 14:25 - 2014-08-16 13:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-13 13:39 - 2015-01-06 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2015-06-13 13:39 - 2012-09-27 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-13 13:39 - 2012-05-09 06:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-13 13:39 - 2011-06-15 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2015-06-12 16:37 - 2015-04-04 15:18 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-12 16:37 - 2014-12-10 16:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 16:37 - 2014-04-23 06:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-12 16:37 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-12 16:37 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-12 16:36 - 2013-10-13 09:16 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-12 16:36 - 2011-10-24 15:45 - 00000000 ____D C:\Windows\system32\Macromed
2015-06-12 16:35 - 2015-04-26 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-12 16:35 - 2014-04-15 07:59 - 00000000 ____D C:\Program Files\XLN Audio
2015-06-12 16:35 - 2014-03-22 14:41 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-06-12 16:35 - 2012-05-15 06:22 - 00000000 ____D C:\Windows\ERDNT
2015-06-12 16:35 - 2012-05-13 12:19 - 00000000 ___RD C:\Users\jones\SkyDrive
2015-06-12 16:35 - 2012-05-09 06:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-12 16:35 - 2011-11-13 12:11 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-12 16:35 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-12 16:34 - 2012-05-09 06:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-12 16:34 - 2011-06-14 19:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-06-12 16:21 - 2012-05-15 06:22 - 00000000 ____D C:\Qoobox
2015-06-12 16:21 - 2011-07-24 09:27 - 00000000 ____D C:\Users\jones\.frostwire5
2015-06-12 16:17 - 2014-04-15 08:16 - 00000000 ____D C:\Program Files (x86)\XLN Audio
2015-06-12 16:17 - 2014-03-28 16:03 - 00000000 ____D C:\Program Files\Steinberg
2015-06-12 16:17 - 2014-03-27 15:41 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-12 16:15 - 2015-01-06 07:18 - 00000000 ____D C:\Program Files (x86)\IK Multimedia
2015-06-12 16:15 - 2010-08-30 04:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-12 08:04 - 2011-06-16 08:17 - 00007597 _____ C:\Users\jones\AppData\Local\resmon.resmoncfg
2015-06-09 15:03 - 2014-03-31 16:28 - 00000000 ____D C:\Users\jones\AppData\Roaming\Celemony Software GmbH
2015-06-09 14:59 - 2010-04-16 22:58 - 00238897 _____ (The WIndows Club) C:\Users\jones\Desktop\Hide Taskbar.exe
2015-06-07 14:49 - 2009-07-13 22:13 - 00783400 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-04 14:52 - 2015-01-07 16:05 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Miroslav Philharmonik.lnk
2015-05-27 00:04 - 2011-06-14 21:52 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-22 06:54 - 2014-02-20 08:13 - 00002168 _____ C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
 
==================== Files in the root of some directories =======
 
2015-01-06 07:18 - 2015-06-18 17:54 - 0000016 _____ () C:\Users\jones\AppData\Roaming\msregsvv.dll
2011-07-03 10:24 - 2011-07-03 10:26 - 0009953 _____ () C:\Users\jones\AppData\Local\HWVendorDetection.log
2011-06-16 08:17 - 2015-06-12 08:04 - 0007597 _____ () C:\Users\jones\AppData\Local\resmon.resmoncfg
2015-01-06 07:18 - 2015-06-18 17:54 - 0000016 _____ () C:\ProgramData\autobk.inc
2011-06-16 18:25 - 2011-06-16 18:26 - 0000303 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\jones\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7lecfk.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-13 10:52
 
==================== End of log ============================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by jones at 2015-06-21 15:06:01
Running from C:\Users\jones\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4150059858-4142371535-3419905417-500 - Administrator - Disabled)
Guest (S-1-5-21-4150059858-4142371535-3419905417-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4150059858-4142371535-3419905417-1004 - Limited - Enabled)
jones (S-1-5-21-4150059858-4142371535-3419905417-1000 - Administrator - Enabled) => C:\Users\jones
UpdatusUser (S-1-5-21-4150059858-4142371535-3419905417-1005 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Spybot - Search and Destroy (Disabled - Out of date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3ivx D4 4.5.1 Decoder (remove only) (HKLM-x32\...\3ivx D4 4.5.1 Decoder) (Version: 4.5.1 - 3ivx Technologies, Pty. Ltd.)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Advanced Workshop: Modern Drum Producion in SONAR (HKLM\...\Advanced Workshop - Modern Drum Production in SONAR_is1) (Version: 1.0 - Cakewalk, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon Music (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6030 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6030 - AVG Technologies) Hidden
Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)
CA-2A Leveling Amplifier (x64) (HKLM-x32\...\CA-2A Leveling Amplifier_x64_is1) (Version: 1.0 - Cakewalk Music Software)
calibre 64bit (HKLM\...\{1698C4E2-84A8-4E14-9CE0-2BD39F604615}) (Version: 2.11.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.0.1.22820 - Cakewalk Music Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Restore (HKLM\...\{15D07D6F-E4CC-41D9-88A3-94115E5E5A10}) (Version: 1.6.3 - JOConnell)
Dimension Pro 1.5 (HKLM-x32\...\DimensionPro_x64_is1) (Version: 18.0 - Cakewalk Music Software)
DIRECTV Player (HKLM-x32\...\{a1bb9be6-729f-4049-a36a-aad335c86c01}) (Version: 9.2 - DIRECTV)
DOOM 3 (HKLM-x32\...\Steam App 9050) (Version:  - id Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Dropbox Setup (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.0.2 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.25 - Dropbox, Inc.) Hidden
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.5 - Emsisoft GmbH)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
FrostWire 6.0.5 (HKLM-x32\...\FrostWire 6) (Version: 6.0.5.1 - FrostWire LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IK Multimedia Authorization Manager version 1.0.11 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.11 - IK Multimedia)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Infix 3.36 (HKLM-x32\...\43442AE9-6512-4392-B5DD-9167BECD1112_is1) (Version:  - Iceni Technology)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
M-Audio Oxygen Driver 1.3.0 (x64) (HKLM\...\{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}) (Version: 1.3.0 - M-Audio)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0202 - Celemony Software GmbH)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.1.2 - IK Multimedia)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version:  - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.2.0.699 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Nero 9 Essentials (HKLM-x32\...\{00c2a207-da3e-416e-a2ba-6d34ce191335}) (Version:  - Nero AG)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PC4K S-Type Comp (x64) (HKLM-x32\...\PC4K S-Type Comp_x64_is1) (Version: 2.0 - Cakewalk Music Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Rapport (Version: 3.5.1205.15 - Trusteer) Hidden
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
ReaPlugs (HKLM-x32\...\ReaPlugs) (Version:  - )
Revo Uninstaller Pro 2.5.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.3 - VS Revo Group, Ltd.)
SampleTank 3 version 3.3.0 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.3.0 - IK Multimedia)
Scarlett MixControl 1.8 (HKLM-x32\...\Saffire USB 26_is1) (Version: 1.8 - Focusrite Audio Engineering Limited)
Scarlett Plug-in Suite 1.6 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.6 - Focusrite)
SONAR X3 Producer (x64) (HKLM-x32\...\SONARX3Producer_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Spotify (HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\Spotify) (Version: 0.9.0.133.gd18ed589 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
The Journey to Wild Divine (HKLM-x32\...\The Journey to Wild Divine) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (03/17/2014 2.5.128.1) (HKLM\...\D86E353566ECB4A7ADA159C02FE46D0BACC4FA6B) (Version: 03/17/2014 2.5.128.1 - Focusrite)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Wireless Audio - Multiroom for Desktop (HKLM-x32\...\{7791F7D9-3010-4221-B563-327719437022}) (Version: 1.1 - Samsung Inc.)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version:  - )
XLN Online Installer (HKLM\...\XLN Online Installer) (Version:  - XLN Audio AB)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
14-06-2015 15:22:05 operating correctly 3-14-15 3:21pm
16-06-2015 08:02:49 Restore Operation
16-06-2015 17:46:21 Revo Uninstaller's restore point - Spybot - Search & Destroy
16-06-2015 18:43:41 Restore Operation
16-06-2015 18:51:11 Windows Update
16-06-2015 19:04:16 6-16-15
17-06-2015 16:02:27 Installed Dropbox Setup
18-06-2015 17:40:32 Installed AVG 2015
18-06-2015 17:41:19 Installed AVG 2015
19-06-2015 08:27:50 Windows Update
19-06-2015 16:33:23 Revo Uninstaller's restore point - Spybot - Search & Destroy
19-06-2015 19:32:51 Configured Melodyne singletrack
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2013-07-02 08:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04441761-E249-4970-AABB-0CFC322E8BE9} - System32\Tasks\{4053DBB8-2467-4911-AC15-A740352B9504} => pcalua.exe -a "C:\Users\jones\Desktop\music software, etc\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1\Miroslav Philharmonik Instruments Installer Part 1-9.exe" -d "C:\Users\jones\Desktop\music software, etc\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1"
Task: {04DED808-4069-4283-A5BB-8CBC6B17F3E9} - System32\Tasks\{3843F2FB-2BFB-4C00-BB62-4A043AC70E17} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {055D4418-64BC-47CB-A781-785ED795982F} - System32\Tasks\DropboxSetup => C:\Program Files (x86)\Dropbox\DropboxSetup\DropboxSetup.exe [2015-06-10] ()
Task: {069B1493-0D4D-4F15-9B79-33138264CAEF} - System32\Tasks\{FF00730A-DCB8-442D-B751-E05905F9967B} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {096F9D7C-C219-4F7D-873D-1D8A63353D0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27] (Google Inc.)
Task: {0D4EC6E7-5E27-4054-AF8D-5F09EC88F45A} - System32\Tasks\{41FE7BBF-9D3D-41D6-B989-FFD0BCA26B28} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {1266B2E5-C6D1-4188-A46F-2F33CC5FCA48} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {18AFCDC1-3A20-403C-8B7F-E6E0CDBCEBBF} - System32\Tasks\{BFF90F4B-E182-41C8-A069-7A6E9948019C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {19143AC8-B7E1-45E1-8308-2A3A377E5C74} - System32\Tasks\{BF903655-EEF6-436A-A945-F925B76B559F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart4\MiroslavPhilharmonikPart4\Miroslav Philharmonik Instruments Installer Part 4-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart4\MiroslavPhilharmonikPart4
Task: {19B59F50-E1AE-4ED6-AE7B-40C2D99681AD} - System32\Tasks\{0F9BA756-2A84-441C-B375-1FDE831454F1} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart9\MiroslavPhilharmonikPart9\Miroslav Philharmonik Instruments Installer Part 9-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart9\MiroslavPhilharmonikPart9
Task: {25A74A48-7334-4FEB-8BA2-CA9387335EE9} - System32\Tasks\{194744E9-9166-4DB9-B137-7A29EC793478} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {29872556-3A23-4FCF-B6C1-D7B973F8FA3E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {2EF5D55E-667D-47DF-A211-37C480C23C71} - System32\Tasks\{E661F518-2FCD-4A4F-857C-1B4E556D0E17} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {37EDDBA4-EB06-425F-9C9D-997F7611D7F8} - System32\Tasks\{9B3EDE87-84C5-4DBC-9F5F-DBF8EAE251CC} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {396EDFBE-DE3E-44C2-A286-13BB835931A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {3EE07F7A-915E-4CF5-B7CA-F7D5F5C26D03} - System32\Tasks\{D2B15889-F840-4119-BEB1-EAA8F5A0B1C9} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {41883A04-3CFF-4451-9DE2-3F1E2F22F1EB} - System32\Tasks\{2EE751A3-E386-4B1E-BB9D-375E90D5DAC5} => pcalua.exe -a C:\Users\jones\Desktop\mp3gain-win-1_2_5.exe -d C:\Users\jones\Desktop
Task: {46A90C22-0579-4EFB-85BF-5613E170F5CC} - System32\Tasks\{703007B8-0075-46A9-A7AC-2838B5F0E67F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart3\MiroslavPhilharmonikPart3\Miroslav Philharmonik Instruments Installer Part 3-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart3\MiroslavPhilharmonikPart3
Task: {48AF1079-6073-4232-8B6F-ADA4B5AA311D} - System32\Tasks\{16488E63-D86A-4E20-9C46-EA2C4E062560} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {494E5C88-A351-492A-8B4F-35D4A7320857} - System32\Tasks\{02040A1D-4AAB-40CE-AFDB-B39E0F8145FF} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {4D01BB27-BD38-4D5C-9734-434A1822CA5A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {57458514-4779-4E5A-8F1F-927002CEF3A6} - System32\Tasks\{41786C52-9817-4EB3-8706-EB862EB10CE8} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {5ED1613C-0F59-4AE0-97A7-6B9A34CDCC39} - System32\Tasks\{7E8AB779-009A-4807-93A7-151E29308088} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart2\MiroslavPhilharmonikPart2\Miroslav Philharmonik Instruments Installer Part 2-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart2\MiroslavPhilharmonikPart2"
Task: {637AFFB1-23D7-4270-99E1-1420FC7CD155} - System32\Tasks\{31009A52-FB74-47FA-A940-5B9993BBBF45} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart6\MiroslavPhilharmonikPart6\Miroslav Philharmonik Instruments Installer Part 6-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart6\MiroslavPhilharmonikPart6"
Task: {716D3C67-EC01-4998-B68A-8B50BBC60AA0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {804554E2-7BDE-4E96-93AB-4407E7CD4DD4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {857BD028-5D99-4728-B909-06A5081FA594} - System32\Tasks\{F90CBC14-5669-494C-B2C6-D706A8755139} => pcalua.exe -a "C:\Users\jones\Desktop\SampleTank_3_Free_Sound_Installer_1\SampleTank 3 Free Sound Installer 1\SampleTank 3 Free Sound Installer 1.exe" -d "C:\Users\jones\Desktop\SampleTank_3_Free_Sound_Installer_1\SampleTank 3 Free Sound Installer 1"
Task: {902ABF6B-04CC-44D1-85E2-983C10A332AA} - System32\Tasks\{AABF27D5-EDBC-4066-84BB-7DEFFE49BF96} => pcalua.exe -a D:\motsetup.exe -d D:\
Task: {906E39F2-A029-4FF8-BD15-3949AC87B897} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {994D4B52-9369-4198-81CD-398174B2585B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {9A614E2F-9F2F-40D3-B3E2-E3A8E093FC6D} - System32\Tasks\{0ADC3C61-2C92-45E8-B1F3-57AB4F2F0875} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {A5979147-96CF-496B-9E79-BC13C4B2B5F7} - System32\Tasks\{D978C65F-411D-4461-8671-6587EC479DBA} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {A8895B3B-6E9E-4E84-8F1F-76B8947D802C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4150059858-4142371535-3419905417-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B18C5F45-CBB5-455D-9123-3169D3075DAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {B1FF2900-D3B2-4A33-8D33-C9497BE71DF3} - System32\Tasks\{EF2B9E46-F796-4931-A2C0-76E83958C450} => pcalua.exe -a "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1\Miroslav Philharmonik Instruments Installer Part 1-9.exe" -d "C:\Users\jones\Desktop\MIROSLAV PATCHES\MiroslavPhilharmonikPart1\MiroslavPhilharmonikPart1"
Task: {B2E3906F-F001-40F7-BD94-2C13F062B62B} - System32\Tasks\{3F1CF17A-2A72-4D52-BD85-5492AA53546B} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {B382342B-4E11-4848-9437-86A92C371F3A} - System32\Tasks\{A55F8527-2DDA-47C8-A6DF-D80542FBECCE} => pcalua.exe -a C:\Users\jones\Desktop\DOOM3-1.3.1.exe -d C:\Users\jones\Desktop
Task: {B62DB037-6B95-4528-B7B0-4A3DB9370637} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B70CB5AD-9823-4C91-9CA9-92F16F9E5C60} - System32\Tasks\{DE1D1503-3275-493C-827D-E1E320D309E2} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {B758730A-BE4C-4A6F-91F2-CB02087CC6CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27] (Google Inc.)
Task: {B97D8974-148D-4AF8-B60C-BB615E12A891} - System32\Tasks\{7D4826D3-5910-4680-B27A-DB1E13E7EB7F} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart8\MiroslavPhilharmonikPart8\Miroslav Philharmonik Instruments Installer Part 8-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart8\MiroslavPhilharmonikPart8
Task: {B97E5BE0-6603-419D-A7F4-5610241D9057} - System32\Tasks\{9FC86BD3-E4B8-474E-9C62-4CAEF8704EED} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {C07486ED-5FD4-4236-9B03-A3C8AA6C4E48} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {C110D0EC-EA18-4422-BE55-55366A1B0F73} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C1A98279-BE9E-4CD1-ACE3-3FD4E07E12F3} - System32\Tasks\{8568CEE5-FB62-4E5F-B61A-003BA2961671} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {C2D8C521-B242-4037-9A15-D5E45CB7F5FF} - System32\Tasks\{E4BDE113-F296-49BE-BF19-93AC10C01415} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {C5B0115A-4A08-4D31-84BB-52D80ADAD178} - System32\Tasks\{C351E27B-308C-4A5D-B297-A50F864C8450} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {C767155B-EA59-46BF-9523-E54159AFF527} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C9D1D0DA-F952-4566-A0AF-7C093E244834} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4150059858-4142371535-3419905417-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D029505D-E336-4962-A032-3148706A7578} - System32\Tasks\{12F5DC37-0996-4B3C-AD9E-6177BEE2CC0C} => Iexplore.exe http://ui.skype.com/...red;notincluded
Task: {D1C0C573-7A59-4125-9075-6C1DDFB8BD37} - System32\Tasks\{2FA5E022-EE7B-474E-AE7D-D0B8389D01F1} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {D3FE9FAE-8E07-462E-B07B-ADA745E05D79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-19] (Adobe Systems Incorporated)
Task: {D6A0B316-9AF5-4C40-95B3-7D87B0A19AF0} - System32\Tasks\{4780314D-3B21-46F8-ABA7-501020203EA2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {DFE427D2-8576-4B93-90F9-0E1E26D92BE5} - System32\Tasks\{717842DC-F7E9-44DD-A1EF-11667C30C7F4} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart7\MiroslavPhilharmonikPart7\Miroslav Philharmonik Instruments Installer Part 7-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart7\MiroslavPhilharmonikPart7
Task: {E00BFE1D-46C6-4A91-A0CD-608269F801A7} - System32\Tasks\{D587AB7E-4FA3-47EA-804E-72A0481D4CE8} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {EADDD16A-1F62-47DF-88F7-60F21B9129F0} - System32\Tasks\{119CD52C-E8F6-451F-8797-66D2D22AF558} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {ED2C4617-5976-486D-96AE-87789AEADF4D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-14] (Microsoft Corporation)
Task: {F0277174-606C-4488-AC79-3754C6FBEB11} - System32\Tasks\{8DD45DA1-2DA6-46E1-931E-7BBEDBE7FB44} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {F0AA3D92-6179-4AAD-886B-F2CCE86A244F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {F216B57B-DDDB-4BBB-AB92-0CB077CE3E57} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F766E8C5-2A90-4717-B9D9-B7552D212A6A} - System32\Tasks\{C35FFFC7-090D-46F3-BF69-D62177682A1C} => pcalua.exe -a "C:\Users\jones\Desktop\security\NetGear Instructions\Autorun.exe" -d "C:\Users\jones\Desktop\security\NetGear Instructions"
Task: {F90ABA80-44C4-4053-9198-935700D20DAE} - System32\Tasks\{674A37EB-DD8F-4992-9719-D40FB533774E} => C:\Program Files (x86)\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {FA2AC438-DF1B-4F52-8747-AE1AB56491AC} - System32\Tasks\{E040EA2C-985E-4A2B-BDA7-16FFAD8B3113} => pcalua.exe -a "C:\Users\jones\Desktop\MiroslavPhilharmonikPart5\MiroslavPhilharmonikPart5\Miroslav Philharmonik Instruments Installer Part 5-9.exe" -d C:\Users\jones\Desktop\MiroslavPhilharmonikPart5\MiroslavPhilharmonikPart5
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-11-13 12:10 - 2015-01-30 17:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 16:00 - 2009-08-10 16:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-08-10 16:01 - 2009-08-10 16:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2015-06-09 14:15 - 2015-06-05 11:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 14:15 - 2015-06-05 11:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\jango.com -> hxxps://www.jango.com
IE trusted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\microsoft.com -> hxxp://update.microsoft.com
 
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.00hq.com -> .00hq.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.75tz.com -> .75tz.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.aavc.com -> .aavc.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.acjp.com -> .acjp.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.count.cc -> .count.cc
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebav.com -> .ebav.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebaw.com -> .ebaw.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebch.com -> .ebch.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebdv.com -> .ebdv.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebdw.com -> .ebdw.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebgo.com -> .ebgo.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebjp.com -> .ebjp.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebkb.com -> .ebkb.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebkn.com -> .ebkn.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebky.com -> .ebky.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.eblv.com -> .eblv.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebmu.com -> .ebmu.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ebvr.com -> .ebvr.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ecmh.com -> .ecmh.com
IE restricted site: HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\...\.ecmp.com -> .ecmp.com
 
There are 12477 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\jones\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Wireless_Multiroom_DMS => "C:\Users\jones\AppData\Local\Samsung Inc\Wireless Multiroom\Wireless Audio - Multiroom for Desktop\DMSSettings.exe" -minimize
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{E2ED49D3-A9C9-48A0-B2A4-D843DDBEE1FA}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{635519D7-3C06-4E29-A2D5-6CAA9157A6FF}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{023E8728-3E56-4606-9FA1-E0B886B3012E}] => (Allow) LPort=7000
FirewallRules: [{736E49BB-62F2-4670-83CA-8E42BD7221F7}] => (Allow) LPort=7000
FirewallRules: [{787516EE-697E-4937-9647-F14C69DB9983}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{6A5E4AE8-3071-49BB-B081-69FBAFD84425}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [TCP Query User{DC3734EE-8A61-404B-93BC-63F9420C7717}C:\program files (x86)\frostwire\frostwire.exe] => (Allow) C:\program files (x86)\frostwire\frostwire.exe
FirewallRules: [UDP Query User{0CD35AD0-7843-42A6-BACB-3C5ACFF8D08A}C:\program files (x86)\frostwire\frostwire.exe] => (Allow) C:\program files (x86)\frostwire\frostwire.exe
FirewallRules: [{13AF54AB-DCD4-4043-B548-4EB8DA8F0BEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B461B15F-7457-418F-B3E8-DE6803A90EB5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{CF7FC481-F292-41FC-9540-7ED0566047AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{BBAB31C5-F0A3-4237-B2FC-6500A03F7222}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doom 3\Doom3.exe
FirewallRules: [{57FA26F1-555E-4428-99DB-D949E4FC42AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E22C327E-28ED-4994-B760-A5672679C436}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02221E8D-AF88-41C5-BE85-693621C27BC6}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C6C7C9FF-513D-4754-947D-97FE0BD8D3B6}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{4900B1CD-0BBB-49CF-8FEE-921F15095DBC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A1B18101-C04E-4D27-AB31-C19A5DD1BD5B}] => (Allow) LPort=2869
FirewallRules: [{6CB89CEC-1891-4324-AED8-94B770E0F91A}] => (Allow) LPort=1900
FirewallRules: [{6053A988-48C7-4B67-84D5-AD72F34F94DA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{11D43893-9391-4482-A835-4CC0DAC0C57F}C:\users\jones\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jones\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{97974CD3-401F-451D-BB63-6BD4F8F4F3DA}C:\users\jones\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jones\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0B69F3B8-E601-4619-962D-A28B4533763B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4DA0888A-F569-4A93-A5A6-54E84FA6A9E9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{FB76860A-78DD-4C7C-9045-437A4DA4FD88}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{1E55BB20-A720-46C1-84CC-0210C134A69C}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [{73C594F6-68B3-4F69-8858-49647F0A01C8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{586611EF-16D2-4E5A-9BC1-141DF8BA1E4C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{779C5F43-3659-4315-8210-5691AB527635}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [UDP Query User{AF208D2A-28B2-4E45-B798-950BB5F10188}C:\program files\presonus\audiobox\audiobox.exe] => (Allow) C:\program files\presonus\audiobox\audiobox.exe
FirewallRules: [TCP Query User{A3D00B5B-4A80-4F2B-8267-9DFB3472C404}C:\program files\cakewalk\shared utilities\bitbridge.exe] => (Allow) C:\program files\cakewalk\shared utilities\bitbridge.exe
FirewallRules: [UDP Query User{E2069E23-9301-4ECA-B109-123718442B32}C:\program files\cakewalk\shared utilities\bitbridge.exe] => (Allow) C:\program files\cakewalk\shared utilities\bitbridge.exe
FirewallRules: [{7EB1D30F-058D-411D-8223-8D1B16E415A1}] => (Allow) C:\Users\jones\AppData\Local\Temp\nsi1372.tmp\CnetInstaller-75452653.exe
FirewallRules: [{19DDF5E7-5E92-4A0D-A9FA-0EB6602DB255}] => (Allow) C:\Users\jones\AppData\Local\Temp\nsi1372.tmp\CnetInstaller-75452653.exe
FirewallRules: [TCP Query User{5AE4EFE9-9BAC-4C46-8819-406771B5837F}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Allow) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [UDP Query User{9905CE7D-EF16-4CE3-9A76-1BADF2D65AF3}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Allow) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [TCP Query User{E1B6A390-1443-45F2-970A-3A3B94DC486C}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Block) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [UDP Query User{D5BA623B-9087-49F0-8248-0E027BCFD0D9}C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe] => (Block) C:\users\jones\appdata\local\samsung inc\wireless multiroom\wireless audio - multiroom for desktop\dmssettings.exe
FirewallRules: [{A5F01BE1-F6C5-4DD9-8AD4-DCFE29CDDD9C}] => (Allow) C:\Users\jones\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{9B3502F2-B232-47BD-B64B-088F1813862B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7D44E6DA-3569-455F-AEC5-DCB2CAA53A2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{AE7C048C-3CA4-4E71-B281-D4387763758D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{FAA33225-B20B-45A3-B1D3-958B8F3195A3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{181B249A-6A48-4A70-A3A9-8699304F2A3A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{13306831-47CB-4B94-8811-7CCF5F3D184C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D2902CD0-37DC-4EE5-A9AE-DB37BDF43E26}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{003C2642-F369-44C3-9B66-C5E5A2A4F179}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{924B0A9F-3F6D-445E-80D8-8E5AC5109A98}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{EEE02E00-1D92-493D-8499-1357ECAC36D4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FFA88134-1939-4F46-8C82-96BD07BFB311}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3985A114-0D47-4BB2-85BB-82A06784A4EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: A2 Direct Disk Access Support Driver
Description: A2 Direct Disk Access Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: A2DDA
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/19/2015 03:28:52 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall
 
Error: (06/18/2015 05:59:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SONARPLT.exe version 21.4.0.30 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d38
 
Start Time: 01d0aa2a3ff53800
 
Termination Time: 60000
 
Application Path: C:\Program Files\Cakewalk\SONAR Platinum\SONARPLT.exe
 
Report Id: 3fc7f881-161e-11e5-983b-f80f410d084e
 
Error: (06/18/2015 05:35:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SONARPLT.exe version 21.4.0.30 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 984
 
Start Time: 01d0aa101fca59d0
 
Termination Time: 60000
 
Application Path: C:\Program Files\Cakewalk\SONAR Platinum\SONARPLT.exe
 
Report Id: d70fd541-161a-11e5-983b-f80f410d084e
 
Error: (06/18/2015 08:00:47 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=6FC:usr=jones}
The client was unable to connect to an Application Virtualization Server (rc 16001E0A-000001D1)
 
Error: (06/18/2015 08:00:47 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=6FC:usr=jones}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7149.5001.sft'(rc 16001E0A-000001D1, original rc 16001E0A-000001D1).
 
Error: (06/17/2015 04:07:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: jones-PC)
Description: Application or service 'Windows Explorer' could not be shut down.
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
 
System errors:
=============
Error: (06/21/2015 11:24:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (06/21/2015 11:24:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/21/2015 11:21:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/21/2015 07:53:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (06/21/2015 07:53:36 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/21/2015 07:51:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/20/2015 06:08:26 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16398) (User: NT AUTHORITY)
Description: A new BITS job could not be created. The current job count for the user jones-PC\jones (60) is equal to or greater than the job limit (60) specified through group policy.  To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.
 
Error: (06/20/2015 06:00:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (06/20/2015 06:00:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/20/2015 05:57:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
Error: (06/19/2015 03:28:52 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall
 
Error: (06/18/2015 05:59:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SONARPLT.exe21.4.0.30d3801d0aa2a3ff5380060000C:\Program Files\Cakewalk\SONAR Platinum\SONARPLT.exe3fc7f881-161e-11e5-983b-f80f410d084e
 
Error: (06/18/2015 05:35:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SONARPLT.exe21.4.0.3098401d0aa101fca59d060000C:\Program Files\Cakewalk\SONAR Platinum\SONARPLT.exed70fd541-161a-11e5-983b-f80f410d084e
 
Error: (06/18/2015 08:00:47 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=6FC:usr=jones}
16001E0A-000001D1
 
Error: (06/18/2015 08:00:47 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=Microsoft Excel Starter 2010 9014006604090000:tid=6FC:usr=jones}
 
Error: (06/17/2015 04:07:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: jones-PC)
Description: 1C:\Windows\explorer.exeWindows Explorer0411720360
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/17/2015 06:01:22 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-12 07:44:22.316
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-06-12 07:44:22.160
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-02 08:23:18.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-07-02 08:23:18.181
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Sempron™ 150 Processor
Percentage of memory in use: 46%
Total physical RAM: 4863.37 MB
Available physical RAM: 2612.27 MB
Total Pagefile: 9724.94 MB
Available Pagefile: 6929.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (eMachines) (Fixed) (Total:451.66 GB) (Free:261.22 GB) NTFS
Drive g: () (Removable) (Total:30.22 GB) (Free:26.21 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E7503193)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 30.2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30.2 GB) - (Type=0C)
 
==================== End of log ============================

  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nothing readily apparent showing there, I will clear some minor elements and then look for rootkits

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.
FINALLY

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#6
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by jones at 2015-06-22 08:00:03 Run:1
Running from C:\Users\jones\Desktop
Loaded Profiles: jones (Available Profiles: jones & UpdatusUser)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4150059858-4142371535-3419905417-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {79D22C45-3FA7-48F7-8F01-DFF6FA27E1CB}.
Unable to cancel {A855363C-A3F5-4D20-99F7-D47BA7472771}.
{E3989776-2D02-461A-88F0-AB0ABF3D5AD9} canceled.
{408962B0-B719-4167-AD33-AE169196C58E} canceled.
{D2091BC3-58F2-4DF5-85ED-B33236D95AEA} canceled.
{1BC895E5-0CDC-432C-98D3-E653974E3E74} canceled.
{6CAA86C6-675E-4BA5-A310-22C2E1D90B5B} canceled.
{7464F460-DD80-4BC3-B600-CD394AACE0F3} canceled.
{70AC73EB-E1B1-4984-9F06-7F9F2F999154} canceled.
{D75966B9-468F-456F-A927-4A53EF7D4E58} canceled.
{147E78A0-EB64-4CEC-8953-F0C1696E8C9F} canceled.
{D4719007-7A5B-4132-8AB0-5E8B5208DE6D} canceled.
{12ABAD27-854B-4DE4-9A6C-5F29C41394FC} canceled.
11 out of 13 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 6.7 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
 
==== End of Fixlog 08:01:25 ====
 
# AdwCleaner v4.207 - Logfile created 22/06/2015 at 08:11:00
# Updated 21/06/2015 by Xplode
# Database : 2015-06-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : jones - JONES-PC
# Running from : C:\Users\jones\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Avg Secure Update
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1557 bytes] - [13/06/2015 14:19:50]
AdwCleaner[R1].txt - [1421 bytes] - [22/06/2015 08:09:02]
AdwCleaner[S0].txt - [1452 bytes] - [13/06/2015 14:22:03]
AdwCleaner[S1].txt - [1356 bytes] - [22/06/2015 08:11:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1415  bytes] ##########
 
 
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-06-22 08:15:38
-----------------------------
08:15:38.095    OS Version: Windows x64 6.1.7601 Service Pack 1
08:15:38.096    Number of processors: 1 586 0x603
08:15:38.097    ComputerName: JONES-PC  UserName: jones
08:16:10.242    Initialize success
08:16:10.337    VM: initialized successfully
08:16:10.338    VM: Amd CPU supported 
08:17:42.797    AVAST engine defs: 15062200
08:17:46.479    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
08:17:46.479    Disk 0 Vendor: Hitachi_ JP2O Size: 476940MB BusType: 3
08:17:47.680    Disk 0 MBR read successfully
08:17:47.680    Disk 0 MBR scan
08:17:47.695    Disk 0 Windows 7 default MBR code
08:17:47.727    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14336 MB offset 2048
08:17:47.789    Disk 0 Partition 2 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 29362176
08:17:47.805    Disk 0 default boot code
08:17:47.867    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS       462502 MB offset 29566976
08:17:48.382    Disk 0 scanning C:\Windows\system32\drivers
08:18:10.721    Service scanning
08:19:38.658    Modules scanning
08:19:38.658    Disk 0 trace - called modules:
08:19:38.705    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys 
08:19:38.705    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800522a060]
08:19:38.721    3 CLASSPNP.SYS[fffff8800196743f] -> nt!IofCallDriver -> [0xfffffa8004ebf9b0]
08:19:38.721    5 ACPI.sys[fffff88000ede7a1] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004edc310]
08:19:41.263    AVAST engine scan C:\Windows
08:20:05.865    AVAST engine scan C:\Windows\system32
08:25:19.144    AVAST engine scan C:\Windows\system32\drivers
08:25:56.724    AVAST engine scan C:\Users\jones
08:26:27.675    Disk 0 MBR has been saved successfully to "C:\Users\jones\Desktop\MBR.dat"
08:26:27.690    The log file has been saved successfully to "C:\Users\jones\Desktop\aswMBR.txt"
08:37:24.048    AVAST engine scan C:\ProgramData
08:48:14.958    Disk 0 statistics 4694676/0/0 @ 2.10 MB/s
08:48:14.958    Scan finished successfully
08:56:20.212    Disk 0 MBR has been saved successfully to "C:\Users\jones\Desktop\MBR.dat"
08:56:20.212    The log file has been saved successfully to "C:\Users\jones\Desktop\aswMBR.txt"
 
 
 

  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
When your CPU goes up are you running any specific programme ?
  • 0

#8
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

It seems to be worse with video--instructional Groove 3 videos and MSN news and entertainment videos in particular.

Also, sound is garbled...it is clicky and not reproducing correctly.  This is not only happening with video, it is happening with system sounds, like the splash screen music, etc.


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Does your computer have a built in video card or an inserted one ?
  • 0

#10
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

How can I tell?


  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If it is a major company one then it is probably on the motherboard

I believe the problem is related to the video driver, what is the make and model of your computer
  • 0

#12
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

eMachines EL1352


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you download and install this driver and let me know if it removes the high CPU

http://global-downlo...ESKTOP&Step2=ELSERIES&Step3=EL1352&OS=711&LC=en&BC=EMACHINES&SC=PA_6E
  • 0

#14
jones082

jones082

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 253 posts

Not sure which one to install...I have Windows 7 64 bit...I am assuming I use the Stereo EIS (266.84) ???  The other two seem to be for Vista?

Then, I am assuming that I just go into the folder and click on the setup icon?


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I am just checking the contents of the zip file, it should have an NVIDIA driver inside
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP