Sorry, I forgot the additions.txt. Here it is:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Jon at 2015-07-11 17:34:39
Running from C:\Users\Jon\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3105412986-3712989239-1590487086-500 - Administrator - Disabled)
Guest (S-1-5-21-3105412986-3712989239-1590487086-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3105412986-3712989239-1590487086-1004 - Limited - Enabled)
Jon (S-1-5-21-3105412986-3712989239-1590487086-1002 - Administrator - Enabled) => C:\Users\Jon
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{7536C341-2F7D-EFE6-F521-DEBE68B025C5}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre 64bit (HKLM\...\{2342B0FF-6738-4AD5-9BD2-563C55ED9D63}) (Version: 2.28.0 - Kovid Goyal)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DocToPDFConverter (HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)
Dropbox (HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 184.0.0.625 - CLICK YES BELOW LP)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.1.11 - Intuit)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Spotify (HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.10 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}\InprocServer32 -> No File path
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jon\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3105412986-3712989239-1590487086-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jon\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
24-06-2015 13:32:04 avast! antivirus system restore point
01-07-2015 15:41:46 Scheduled Checkpoint
05-07-2015 20:13:18 Installed calibre 64bit
10-07-2015 19:41:08 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09D305BE-4792-4731-9F1D-9A0D3F041DBA} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {0B72ACDE-80AD-477A-9689-3A28E2A94CB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {133FEFC8-7758-454F-9176-A86C20EFAE97} - System32\Tasks\KCTPPXQUAIUXXORP => C:\ProgramData\Service7609\Service7609.exe <==== ATTENTION
Task: {190B656F-621B-4239-A96F-3810630BD54B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KRAKEN-Jon Kraken => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {1B6801B9-CCF6-4D3C-9F37-48A8CADF081B} - \WinKit No Task File <==== ATTENTION
Task: {31C39732-B22F-4216-AE19-B71E650B9652} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {332E27EE-211A-43F1-91BF-9E48F64FA5FB} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3105412986-3712989239-1590487086-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {3508F23B-C080-4EBF-A992-CDAFDCD0A7E0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-24] (Avast Software s.r.o.)
Task: {38648350-507E-42EC-8EE5-4692BDC00C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {468C81C0-46A2-4022-A892-82BA74233F92} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {528EA2A7-E0F5-4537-8C77-F2C8FF53AA43} - \Winsta Update No Task File <==== ATTENTION
Task: {72BB5732-212B-4358-B374-23931E33B8F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {7AE42B6A-B3EE-438A-AA6A-5A17940D679E} - System32\Tasks\Croureis => C:\ProgramData\Croureis\1.0.4.1\ouhirlat.exe
Task: {7EC31002-6B00-4183-92EB-06F5F2C9D12E} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {A76D1F38-721F-49A2-9114-BF12E3A37DB0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {AA0E86C3-C702-4AD9-8E7A-888B705EF9E5} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {AC5EE239-4457-44B0-81FF-99ED6968A83B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BF1CE8F9-8400-4F66-A4ED-22F7C416254E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {BF7E41C7-7838-4122-935B-4D6639C3BCF3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {C058B08F-699F-470F-B2C6-F9665951813B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {C74EC957-0E77-4E0B-9E87-B5751DEC1602} - System32\Tasks\Convertor => C:\Program Files (x86)\Convertor\Convertor.exe [2014-11-25] ()
Task: {CB5DC25C-BDDA-4A6C-9F10-597D0ACCD274} - System32\Tasks\WXAOQPACW1 => C:\ProgramData\LolliScan\LolliScan.exe <==== ATTENTION
Task: {D049B90C-A52B-47E1-BBFB-7DA15B8FB569} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-12] (Synaptics Incorporated)
Task: {D68CEF0E-E7A9-4517-8CD2-0BA8F67C906A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {D9BA5766-5D5C-48B8-84C2-C42D05AE8C35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {DAE6D20F-4BDF-4F90-B28B-73279A45EDC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {F3B52039-48EF-491C-AAC2-6D0FAAEC3644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-11] (Google Inc.)
Task: {F722D35D-16F5-4850-ADD0-21D2FE31AEE0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\KCTPPXQUAIUXXORP.job => C:\ProgramData\Service7609\Service7609.exe <==== ATTENTION
Task: C:\Windows\Tasks\WXAOQPACW1.job => C:\ProgramData\LolliScan\LolliScan.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-04-17 16:38 - 2014-04-17 16:38 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-04-17 16:37 - 2014-04-17 16:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-15 11:40 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-13 14:32 - 2015-01-27 08:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-07-02 21:37 - 2015-07-02 21:37 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-03-02 15:01 - 2015-03-02 15:01 - 00127488 _____ () C:\Users\Jon\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook.Ba70e54e13#\8823bdb58000ba3c428e18bc54c37f8d\Facebook.BackgroundTasks.ni.dll
2015-03-02 15:00 - 2015-03-02 15:00 - 01782272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\f1407bb1d381cf5dee299c4e5f0fdf9d\Windows.ApplicationModel.ni.dll
2015-03-02 15:01 - 2015-03-02 15:01 - 01134592 _____ () C:\Users\Jon\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Win8-Base\a57e2bbb2149b11b1840208efc036f21\Facebook-Win8-Base.ni.dll
2015-03-02 15:01 - 2015-03-02 15:01 - 00619520 _____ () C:\Users\Jon\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Base\b9acb2231bcf37635da949da7727727b\Facebook-Base.ni.dll
2015-06-24 13:36 - 2015-06-24 13:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-24 13:35 - 2015-06-24 13:35 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-11 09:31 - 2015-07-11 09:31 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071101\algo.dll
2015-06-24 22:47 - 2015-06-24 22:47 - 00109160 _____ () C:\Program Files (x86)\Ninja Loader\Modules\Core.dll
2015-06-24 22:47 - 2015-06-24 22:47 - 00058984 _____ () C:\Program Files (x86)\Ninja Loader\Modules\BdUdr.dll
2015-06-24 22:48 - 2015-06-24 22:48 - 00041576 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WInIn.dll
2015-06-24 22:47 - 2015-06-24 22:47 - 00039528 _____ () C:\Program Files (x86)\Ninja Loader\Modules\ArSp.dll
2015-06-24 22:47 - 2015-06-24 22:47 - 00118376 _____ () C:\Program Files (x86)\Ninja Loader\Modules\BrSp.dll
2015-06-24 22:47 - 2015-06-24 22:47 - 00092776 _____ () C:\Program Files (x86)\Ninja Loader\Modules\CdPrc.dll
2015-06-24 22:48 - 2015-06-24 22:48 - 00096872 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WbSt.dll
2015-06-24 22:48 - 2015-06-24 22:48 - 00056424 _____ () C:\Program Files (x86)\Ninja Loader\Modules\WdCtl.dll
2014-12-18 15:59 - 2013-08-05 00:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-02-15 11:40 - 2015-02-24 11:57 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-07-07 16:38 - 2015-07-06 20:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 16:38 - 2015-07-06 20:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-03-15 09:08 - 2015-03-15 09:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-10 21:53 - 2015-03-26 07:13 - 01091584 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\libglesv2.dll
2015-07-10 21:53 - 2015-03-26 07:13 - 00167936 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\libEGL.dll
2015-07-10 21:53 - 2015-03-26 07:39 - 08569856 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\pdf.dll
2015-07-10 21:53 - 2015-03-26 07:18 - 00324608 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\ppGoogleNaClPluginChrome.dll
2015-07-10 21:53 - 2015-03-26 07:14 - 00880128 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\ffmpegsumo.dll
2015-07-10 21:53 - 2014-09-22 21:07 - 14891848 _____ () C:\Users\Jon\AppData\Local\Ninja Loader\Discover\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Jon\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 68.105.28.12 - 68.105.29.12
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F26E318E-F8E6-4304-8528-D9472D025A41}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A03BDEAE-2D1C-4F97-9654-E8089BFB5FE0}] => (Allow) LPort=2869
FirewallRules: [{F349FAC7-A5F1-4A58-AD60-D778018A4144}] => (Allow) LPort=1900
FirewallRules: [{EEB67E36-F536-4275-B56B-31138E6A5707}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59AE4ACA-E402-4FF3-BF30-7F813E854B40}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4C26D77-A3FE-4554-8E4F-90D66D019FA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D1D8E13-C220-42BB-BB15-8621D7F723E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5CE354C7-3610-4F9D-8DF9-74CDFCF2D43B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F39118C7-EF43-41B6-83F5-270CB0976404}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FEB3BB0C-B70E-4FA9-8C95-10625F668E31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{0B5D028D-8A78-4050-A1A8-C4E18266819C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2EF0770A-74B8-4752-90C6-B98CB5FD3D89}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0ECE08FA-6B5F-468F-8557-AA2F1FA6E03C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{E9DDEF72-15C8-4650-93B7-FD1118F66EA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB401012-3AC7-4124-8E14-1783FC6D9578}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD408DC7-F835-45CA-9C0E-E7B091FD4D41}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2B43702-24AF-4FCB-8C03-8EAFFE6522E3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6F1E2DD7-944C-4BBC-ADBA-2F51C2BEF7FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{24F63439-10C4-4D60-81E6-6E5353D5596C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{AAB9CBAF-15BF-42E3-80D5-E4FFF06FA5F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7CBF2F9D-029F-41FB-95F9-2E177696909F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{84AA0463-A13B-440F-B981-5DD920B4916B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{5892AC9A-7DD9-4649-9F55-F02FD3A96828}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{C60A5E51-F207-4A15-A0A6-94F3D0ED9B2E}] => (Allow) C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A87467DB-177B-45EB-8913-F46FA987361E}] => (Allow) C:\Users\Jon\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{33F9155B-FC75-4674-8BAB-8B488E28B5E2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{EE83B064-951F-417F-A4DB-0B3D230E9EA2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{1976A906-FBE2-42DD-B9D3-9FD16A2D86F2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{05993709-C928-47DB-8ACB-33569B1FE972}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D029409C-B468-4D08-8029-2F941FD3E029}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{80E2D27B-36A2-4761-8D39-73DD4DB045B9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1AE87FBC-81CC-4D6D-871E-33FDBCE214C9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{87DEBC21-3ECC-4380-9049-165B75D8BD6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{004B13B9-9DBE-4A06-A765-03E0E3524C0A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B0A8D49-318D-436C-941C-7E86936CA291}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{217150C1-C4DD-4096-B1B6-1393E65BC179}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/11/2015 05:34:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 28cc
Start Time: 01d0bc39d8bdbfd0
Termination Time: 4294967295
Application Path: C:\Windows\system32\backgroundTaskHost.exe
Report Id: cdb7a1d4-282d-11e5-82a0-1458d0c06312
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
Faulting package-relative application ID: App
Error: (07/11/2015 04:51:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 764
Start Time: 01d0bc33c7404488
Termination Time: 4294967295
Application Path: C:\Windows\system32\backgroundTaskHost.exe
Report Id: bdee34b3-2827-11e5-82a0-1458d0c06312
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
Faulting package-relative application ID: App
Error: (07/11/2015 04:51:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1454
Start Time: 01d0bc33c749cdfc
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: bdea640c-2827-11e5-82a0-1458d0c06312
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 03:37:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 81c
Start Time: 01d0bc296baa7910
Termination Time: 4294967295
Application Path: C:\Windows\system32\backgroundTaskHost.exe
Report Id: 5ff69cb9-281d-11e5-829f-1458d0c06312
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
Faulting package-relative application ID: App
Error: (07/11/2015 03:37:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1858
Start Time: 01d0bc296babb19b
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: 5fcec8da-281d-11e5-829f-1458d0c06312
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 12:05:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: b7fc
Start Time: 01d0bc0b7d2666ea
Termination Time: 4294967295
Application Path: C:\Windows\syswow64\wwahost.exe
Report Id: cae8e255-27ff-11e5-829e-1458d0c06312
Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (07/11/2015 12:03:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: cd78
Start Time: 01d0bc0b7d0808fe
Termination Time: 4294967295
Application Path: C:\Windows\system32\backgroundTaskHost.exe
Report Id: 71850e05-27ff-11e5-829e-1458d0c06312
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
Faulting package-relative application ID: App
Error: (07/11/2015 11:50:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c76c
Start Time: 01d0bc0965114832
Termination Time: 4294967295
Application Path: C:\Windows\syswow64\wwahost.exe
Report Id: b1a19a1f-27fd-11e5-829e-1458d0c06312
Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (07/11/2015 11:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c760
Start Time: 01d0bc0965100fa6
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: 5957edbb-27fd-11e5-829e-1458d0c06312
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 11:48:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c6b0
Start Time: 01d0bc096437117e
Termination Time: 4294967295
Application Path: C:\Windows\system32\backgroundTaskHost.exe
Report Id: 5965a99e-27fd-11e5-829e-1458d0c06312
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
Faulting package-relative application ID: App
System errors:
=============
Error: (07/11/2015 04:45:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%2
Error: (07/11/2015 04:44:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GSafe service failed to start due to the following error:
%%3
Error: (07/11/2015 03:35:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (07/11/2015 12:11:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%2
Error: (07/11/2015 12:11:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GSafe service failed to start due to the following error:
%%3
Error: (07/11/2015 12:09:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Support Assistant Service service.
Error: (07/11/2015 12:09:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the tbaseprovisioning service.
Error: (07/11/2015 12:09:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.
Error: (07/11/2015 12:09:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfevtp service.
Error: (07/11/2015 12:07:46 PM) (Source: DCOM) (EventID: 10010) (User: KRAKEN)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office:
=========================
Error: (07/11/2015 05:34:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741528cc01d0bc39d8bdbfd04294967295C:\Windows\system32\backgroundTaskHost.execdb7a1d4-282d-11e5-82a0-1458d0c06312Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
Error: (07/11/2015 04:51:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741576401d0bc33c74044884294967295C:\Windows\system32\backgroundTaskHost.exebdee34b3-2827-11e5-82a0-1458d0c06312Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
Error: (07/11/2015 04:51:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911145401d0bc33c749cdfc4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exebdea640c-2827-11e5-82a0-1458d0c06312microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 03:37:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741581c01d0bc296baa79104294967295C:\Windows\system32\backgroundTaskHost.exe5ff69cb9-281d-11e5-829f-1458d0c06312Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
Error: (07/11/2015 03:37:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911185801d0bc296babb19b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe5fcec8da-281d-11e5-829f-1458d0c06312microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 12:05:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415b7fc01d0bc0b7d2666ea4294967295C:\Windows\syswow64\wwahost.execae8e255-27ff-11e5-829e-1458d0c06312Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (07/11/2015 12:03:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415cd7801d0bc0b7d0808fe4294967295C:\Windows\system32\backgroundTaskHost.exe71850e05-27ff-11e5-829e-1458d0c06312Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
Error: (07/11/2015 11:50:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415c76c01d0bc09651148324294967295C:\Windows\syswow64\wwahost.exeb1a19a1f-27fd-11e5-829e-1458d0c06312Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (07/11/2015 11:48:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911c76001d0bc0965100fa64294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe5957edbb-27fd-11e5-829e-1458d0c06312microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (07/11/2015 11:48:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415c6b001d0bc096437117e4294967295C:\Windows\system32\backgroundTaskHost.exe5965a99e-27fd-11e5-829e-1458d0c06312Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
CodeIntegrity Errors:
===================================
Date: 2015-07-11 01:12:12.073
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-10 18:17:11.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:10.954
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:10.673
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:10.392
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:10.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:09.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-10 18:17:09.564
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 75%
Total physical RAM: 3528.98 MB
Available physical RAM: 848.8 MB
Total Virtual: 7112.98 MB
Available Virtual: 3214.22 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:445.2 GB) (Free:123.2 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.54 GB) (Free:1.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (MasterCook 9) (CDROM) (Total:0.56 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 50891092)
Partition: GPT Partition Type.
==================== End of log ============================
And here is the fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Jon at 2015-07-12 09:14:26 Run:1
Running from C:\Users\Jon\Desktop
Loaded Profiles: Jon (Available Profiles: Jon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\...\Run: [GoogleChromeAutoLaunch_1476D5075BFDEEA31B57A901BC660F86] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-06] (Google Inc.)
AppInit_DLLs: C:\ProgramData\LolliScan\LolliScan64.dll => C:\ProgramData\LolliScan\LolliScan64.dll File not found
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
FF SelectedSearchEngine: Trovi
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3334822&octid=EB_ORIGINAL_CTID&ISID=M57B03A8F-928F-4362-AE67-176B61E66F90&SearchSource=55&CUI=&UM=8&UP=SP914EEEB9-B805-4B01-A2CD-F3DE8FA6FFF5&D=071115&SSPV=SP30339TB_sp_ff
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NinjaLoaderService; C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe [59496 2015-06-24] (Ninja Soft Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 wsafd_1_10_0_19; C:\Windows\System32\drivers\wsafd_1_10_0_19.sys [57728 2015-06-15] (Word Surfer)
2015-07-11 00:56 - 2015-07-11 00:56 - 00004180 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-07-11 00:56 - 2015-07-11 00:56 - 00004170 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-07-11 00:41 - 2015-07-11 10:01 - 00034354 _____ C:\ProgramData\I2qi58ro.dat
2015-07-10 22:43 - 2015-07-10 22:43 - 00000000 ____D C:\ProgramData\50661bab000019bd
2015-07-10 22:37 - 2015-07-11 09:30 - 00000005 _____ C:\END
2015-07-10 22:11 - 2015-07-10 22:11 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-10 22:09 - 2015-07-10 22:09 - 00003740 _____ C:\Windows\System32\Tasks\Convertor
2015-07-10 22:09 - 2015-07-10 22:09 - 00000000 ____D C:\Program Files (x86)\Winsta
2015-07-10 22:09 - 2015-07-10 22:09 - 00000000 ____D C:\Program Files (x86)\Convertor
2015-07-10 22:01 - 2015-07-10 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-07-10 21:59 - 2015-07-10 23:55 - 00002110 _____ C:\Users\Jon\Desktop\Continue GamesDesktop Uninstaller.lnk
2015-07-10 21:54 - 2015-07-11 16:46 - 00000352 ____H C:\Windows\Tasks\KCTPPXQUAIUXXORP.job
2015-07-10 21:54 - 2015-07-11 16:46 - 00000340 _____ C:\Windows\Tasks\WXAOQPACW1.job
2015-07-10 21:54 - 2015-07-11 12:04 - 00000000 ____D C:\ProgramData\Service7609
2015-07-10 21:54 - 2015-07-10 21:54 - 00003356 _____ C:\Windows\System32\Tasks\KCTPPXQUAIUXXORP
2015-07-10 21:54 - 2015-07-10 21:54 - 00002854 _____ C:\Windows\System32\Tasks\WXAOQPACW1
2015-07-10 21:51 - 2015-07-10 21:53 - 00000000 ____D C:\Users\Jon\AppData\Local\Ninja Loader
2015-07-10 21:51 - 2015-07-10 21:51 - 00000000 ____D C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader
2015-07-10 21:51 - 2015-07-10 21:51 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-07-10 21:50 - 2015-07-10 21:54 - 00000000 ____D C:\Program Files (x86)\Ninja Loader
2015-07-10 20:35 - 2015-07-11 12:06 - 00000112 _____ C:\ProgramData\nI0cCK6dn.dat
2015-07-10 20:15 - 2015-07-10 20:16 - 00000000 ____D C:\Users\Jon\AppData\Roaming\Ebon
2015-07-10 20:15 - 2015-07-10 20:16 - 00000000 ____D C:\Users\Jon\AppData\Local\Ebon
2015-07-10 18:20 - 2015-07-10 19:43 - 00003458 _____ C:\Windows\System32\Tasks\Croureis
2015-07-10 18:16 - 2015-07-10 18:16 - 00000000 ____D C:\ProgramData\Ebon
2015-07-10 18:15 - 2015-07-10 21:48 - 00000000 ____D C:\Program Files (x86)\Ebon
2015-07-10 18:14 - 2015-07-11 00:16 - 00000000 ____D C:\Program Files\WebBar
2015-07-10 18:14 - 2015-07-10 23:13 - 00000000 ____D C:\ProgramData\LpIFDKNYQ
2015-07-10 18:14 - 2015-07-10 18:16 - 00000000 ____D C:\ProgramData\Ebonmedia
2015-07-10 18:13 - 2015-07-11 12:10 - 00000000 ____D C:\Program Files\015
2015-07-10 18:13 - 2015-07-11 12:04 - 00000000 ____D C:\Program Files\13
2015-07-10 18:11 - 2015-07-10 18:12 - 00910255 _____ C:\Users\Jon\Downloads\File_Downloader.jse
C:\Users\Jon\AppData\Local\Ninja Loader
C:\Program Files (x86)\Ninja Loader
C:\ProgramData\LolliScan
C:\Program Files (x86)\Babylon
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcpltui_exe => value removed successfully
HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1476D5075BFDEEA31B57A901BC660F86 => value removed successfully
"C:\ProgramData\LolliScan\LolliScan64.dll" => value data removed successfully.
"HKCR\PROTOCOLS\Filter\application/x-mfe-ipt" => key removed successfully
"HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-mfe-ipt => key not found.
"HKCR\Wow6432Node\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}" => key removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
"FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()" => not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] () not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\
[email protected] => value removed successfully
HomeNetSvc => Unable to stop service.
HomeNetSvc => Service removed successfully
McAPExe => Unable to stop service.
McAPExe => Service could not remove
McAWFwk => Service removed successfully
mccspsvc => Unable to stop service.
mccspsvc => Service could not remove
McMPFSvc => Unable to stop service.
McMPFSvc => Service could not remove
McNaiAnn => Unable to stop service.
McNaiAnn => Service could not remove
McODS => Service could not remove
McOobeSv2 => Service removed successfully
mcpltsvc => Unable to stop service.
mcpltsvc => Service could not remove
McProxy => Unable to stop service.
McProxy => Service could not remove
mfecore => Unable to stop service.
mfecore => Service could not remove
mfefire => Unable to stop service.
mfefire => Service could not remove
mfevtp => Unable to stop service.
mfevtp => Service could not remove
MSK80Service => Unable to stop service.
MSK80Service => Service could not remove
NinjaLoaderService => Unable to stop service.
NinjaLoaderService => Service removed successfully
cfwids => Unable to stop service.
cfwids => Service could not remove
HipShieldK => Service could not remove
mfeapfk => Unable to stop service.
mfeapfk => Service could not remove
mfeavfk => Unable to stop service.
mfeavfk => Service could not remove
mfeelamk => Service could not remove
mfefirek => Unable to stop service.
mfefirek => Service could not remove
mfehidk => Unable to stop service.
mfehidk => Service could not remove
mfencbdc => Unable to stop service.
mfencbdc => Service could not remove
mfencrk => Service could not remove
mfewfpk => Unable to stop service.
mfewfpk => Service could not remove
wsafd_1_10_0_19 => Unable to stop service.
wsafd_1_10_0_19 => Service removed successfully
C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => moved successfully.
C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => moved successfully.
C:\ProgramData\I2qi58ro.dat => moved successfully.
C:\ProgramData\50661bab000019bd => moved successfully.
C:\END => moved successfully.
C:\Program Files (x86)\predm => moved successfully.
C:\Windows\System32\Tasks\Convertor => moved successfully.
C:\Program Files (x86)\Winsta => moved successfully.
C:\Program Files (x86)\Convertor => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip => moved successfully.
C:\Users\Jon\Desktop\Continue GamesDesktop Uninstaller.lnk => moved successfully.
C:\Windows\Tasks\KCTPPXQUAIUXXORP.job => moved successfully.
C:\Windows\Tasks\WXAOQPACW1.job => moved successfully.
C:\ProgramData\Service7609 => moved successfully.
C:\Windows\System32\Tasks\KCTPPXQUAIUXXORP => moved successfully.
C:\Windows\System32\Tasks\WXAOQPACW1 => moved successfully.
"C:\Users\Jon\AppData\Local\Ninja Loader" folder move:
Could not move "C:\Users\Jon\AppData\Local\Ninja Loader" folder => Scheduled to move on reboot.
C:\Users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader => moved successfully.
C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => moved successfully.
C:\Program Files (x86)\Ninja Loader => moved successfully.
C:\ProgramData\nI0cCK6dn.dat => moved successfully.
C:\Users\Jon\AppData\Roaming\Ebon => moved successfully.
C:\Users\Jon\AppData\Local\Ebon => moved successfully.
C:\Windows\System32\Tasks\Croureis => moved successfully.
C:\ProgramData\Ebon => moved successfully.
C:\Program Files (x86)\Ebon => moved successfully.
C:\Program Files\WebBar => moved successfully.
C:\ProgramData\LpIFDKNYQ => moved successfully.
C:\ProgramData\Ebonmedia => moved successfully.
C:\Program Files\015 => moved successfully.
C:\Program Files\13 => moved successfully.
C:\Users\Jon\Downloads\File_Downloader.jse => moved successfully.
"C:\Users\Jon\AppData\Local\Ninja Loader" folder move:
Could not move "C:\Users\Jon\AppData\Local\Ninja Loader" folder => Scheduled to move on reboot.
"C:\Program Files (x86)\Ninja Loader" => File/Folder not found.
"C:\ProgramData\LolliScan" => File/Folder not found.
"C:\Program Files (x86)\Babylon" => File/Folder not found.
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Ok.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh winsock reset catalog =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= netsh int ip reset c:\resetlog.txt =========
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= ipconfig /release =========
Windows IP Configuration
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::8d44:79de:1b62:544e%3
Default Gateway . . . . . . . . . :
========= End of CMD: =========
========= ipconfig /renew =========
Windows IP Configuration
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::8d44:79de:1b62:544e%3
IPv4 Address. . . . . . . . . . . : 192.168.0.16
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
========= End of CMD: =========
========= netsh int ipv4 reset =========
Resetting Interface, OK!
Resetting , failed.
Access is denied.
Restart the computer to complete this action.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3105412986-3712989239-1590487086-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {BC5DAE3A-3619-4A37-909B-FD2239522622}.
Unable to cancel {ED563B2E-EEE8-4275-8EC9-EC04A5EA8EBC}.
Unable to cancel {BD6EBC20-07D4-4EC4-8EFE-A610D592A512}.
{3EB3F0D5-0C3F-4C88-8269-0DAF800AEB53} canceled.
{925034DA-B530-44E7-9F2E-01C4C6B71363} canceled.
{7B0C2C7A-86E8-4363-8898-1A0106C8F1B7} canceled.
{E6BDDA5C-00F4-4E1B-93D7-D1ECE5A1799A} canceled.
{4D2D8BFE-C585-4D07-909E-36BE6C220DB3} canceled.
{1B383549-33E2-4032-ABDF-7EB1E69C0BAA} canceled.
{0903A69D-15B5-4EB2-82B9-6E57783D9642} canceled.
{9701FD0A-28D5-41EB-84CA-D0D329988099} canceled.
{A7F06365-C32A-4386-8DD3-7D5AB60AE36C} canceled.
{A9D0B883-D738-4DDB-A400-5FDAE4408546} canceled.
{8B13282B-20CA-4080-ABE9-51BF46A662AA} canceled.
{23FB93CA-4308-4C03-89B6-810E7145A854} canceled.
{1112C6EE-6C82-4606-AB7D-084A7DBFFF69} canceled.
{0DBCA96B-0CFE-48F6-935F-E242492A3923} canceled.
{05AF304A-2147-4037-9341-EAD8BB9E85CE} canceled.
{7787E892-63CA-4F32-A15B-16DDC81889CE} canceled.
{AD8EC6BE-2E29-4361-901E-0A88E868DEBF} canceled.
{2ED1F814-9CDA-4F57-957E-342551381F3B} canceled.
{B0671E5A-D7CB-4B9B-80DC-F6E760525B3A} canceled.
{0041C297-BF2C-4147-98CC-5F0D160E54F9} canceled.
{3D3B9CB4-452A-432F-861F-0F5A9658AD7C} canceled.
{0C4CA2D1-9AE4-4B25-B296-7E5B8118E85A} canceled.
{931412B5-ED42-4211-AAD9-D65874EDC677} canceled.
{D8E4E8E9-A18B-469E-832B-1514D3580C7C} canceled.
{ADD0F598-34B5-403A-92B6-F146A728BC8D} canceled.
{0254DF60-E7C4-4344-8DF8-D891E92AC766} canceled.
{B34B8C80-59F5-4ED5-8F79-38C49C6D5BAE} canceled.
{1A5F70AE-DBCB-4663-A7FD-B534C12F11AC} canceled.
{FB919FBD-A4E7-4DFB-B963-448593FDB0C7} canceled.
{770A52CB-7F23-48F7-8C46-238FE652AE76} canceled.
{3AF2C928-5DD2-46DD-9201-591847DB049E} canceled.
{FBF648D9-0A17-4AE0-AB0D-10B0F1DA987B} canceled.
{0D0253D1-3ED8-4B4C-8E11-96711BA24C62} canceled.
{9241A544-4235-46F7-A7D4-D3BEC96E6584} canceled.
{3D3CA714-A61D-440D-96E3-2C434B8C11CF} canceled.
{75165A97-7EB5-454D-88FF-97FF9468B99F} canceled.
{FA47F10D-BAD3-4DCA-8EDC-7DE91A061867} canceled.
{3BA2A64A-2555-48A3-BEA0-79991F076EEF} canceled.
{F0C72D56-FF55-47CC-9BAD-E87F3FDFD8C5} canceled.
{66D6F0AE-88E8-4866-9A8F-D64138C77730} canceled.
{EDA892F1-ACE7-4BB1-B073-28C7ECCE97C3} canceled.
{D69245EC-F121-4038-8313-6C9DC521E8EF} canceled.
{A856B495-F094-4744-A387-4798BB9497F3} canceled.
{4659C8D0-B520-43CD-9284-F434657C96DD} canceled.
{FF3FD2A6-D2B4-44E0-83A9-150F13B7EF02} canceled.
{AB459823-2958-474D-8AAB-D5FE0ED64485} canceled.
{3C3B5A3B-BFEE-4783-A8EE-D6E82B1B517B} canceled.
{F2173D7E-530A-493E-8635-00EFCF6EF75D} canceled.
{7CE82DD7-01ED-4BDB-BB1F-DB43AD61B09E} canceled.
{8C289EBC-FF6C-49E4-9955-4837992845E3} canceled.
{EDA36AAD-0147-4B6C-B0FF-E9E963756200} canceled.
{169070DF-DCC7-4D56-A4B6-A2E24E902314} canceled.
{5328D872-2EE5-4896-A54A-7AC864169801} canceled.
{DE73AD13-FE08-4BDF-B94F-3364157A80E5} canceled.
{541F8D46-6538-4413-BFAE-C60687AC1AD1} canceled.
{6137DC72-370E-471B-934D-9650891725A8} canceled.
{9F1BDAA4-1DB8-4264-B152-086302A70599} canceled.
{FB1EC3DC-7933-41BA-AD4D-0409FEBDFC1E} canceled.
{C8996035-35C1-4725-9AA1-33084E7B2F16} canceled.
{7DBE1EFC-6C36-4E24-A81A-B68AB6CF69BE} canceled.
60 out of 63 jobs canceled.
========= End of CMD: =========
EmptyTemp: => 831.2 MB temporary data Removed.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-12 09:49:06)<=
C:\Users\Jon\AppData\Local\Ninja Loader => Is moved successfully
C:\Users\Jon\AppData\Local\Ninja Loader => Is moved successfully
==== End of Fixlog 09:49:06 ====