Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP Notebook needs reanimation

slow windows 10 hp pavilion dm1 help problem

  • Please log in to reply

#16
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Can't seem to edit the post. I have the option but maybe it's too long to show.

 

Anyways... Here is the boot log:

 

Service Pack 1 8  6 2015 19:53:22.375
Loaded driver \SystemRoot\system32\ntkrnlpa.exe
Loaded driver \SystemRoot\system32\halmacpi.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\mcupdate_AuthenticAMD.dll
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \SystemRoot\system32\BOOTVID.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
Loaded driver \SystemRoot\system32\drivers\ACPI.sys
Loaded driver \SystemRoot\system32\drivers\WMILIB.SYS
Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
Loaded driver \SystemRoot\system32\drivers\pci.sys
Loaded driver \SystemRoot\system32\drivers\vdrvroot.sys
Loaded driver \SystemRoot\System32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\drivers\compbatt.sys
Loaded driver \SystemRoot\system32\drivers\BATTC.SYS
Loaded driver \SystemRoot\system32\drivers\volmgr.sys
Loaded driver \SystemRoot\System32\drivers\volmgrx.sys
Loaded driver \SystemRoot\System32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\drivers\amdsata.sys
Loaded driver \SystemRoot\system32\drivers\storport.sys
Loaded driver \SystemRoot\system32\drivers\amdxata.sys
Loaded driver \SystemRoot\system32\DRIVERS\amd_sata.sys
Loaded driver \SystemRoot\system32\DRIVERS\amd_xata.sys
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\System32\Drivers\Ntfs.sys
Loaded driver \SystemRoot\System32\Drivers\msrpc.sys
Loaded driver \SystemRoot\System32\Drivers\ksecdd.sys
Loaded driver \SystemRoot\System32\Drivers\cng.sys
Loaded driver \SystemRoot\System32\drivers\pcw.sys
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\NETIO.SYS
Loaded driver \SystemRoot\System32\Drivers\ksecpkg.sys
Loaded driver \SystemRoot\System32\drivers\tcpip.sys
Loaded driver \SystemRoot\System32\drivers\fwpkclnt.sys
Loaded driver \SystemRoot\system32\drivers\volsnap.sys
Loaded driver \SystemRoot\System32\Drivers\spldr.sys
Loaded driver \SystemRoot\System32\drivers\rdyboost.sys
Loaded driver \SystemRoot\System32\Drivers\mup.sys
Loaded driver \SystemRoot\System32\drivers\hwpolicy.sys
Loaded driver \SystemRoot\system32\DRIVERS\hpdskflt.sys
Loaded driver \SystemRoot\System32\DRIVERS\fvevol.sys
Loaded driver \SystemRoot\system32\drivers\disk.sys
Loaded driver \SystemRoot\system32\drivers\CLASSPNP.SYS
Did not load driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
Loaded driver \SystemRoot\system32\drivers\rdprefmp.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\tdx.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\wfplwf.sys
Loaded driver \SystemRoot\system32\DRIVERS\pacer.sys
Loaded driver \SystemRoot\system32\DRIVERS\vwififlt.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\drivers\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
Loaded driver \SystemRoot\system32\drivers\mssmbios.sys
Loaded driver \SystemRoot\System32\drivers\discache.sys
Loaded driver \SystemRoot\System32\Drivers\dfsc.sys
Loaded driver \SystemRoot\system32\drivers\blbdrive.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunnel.sys
Loaded driver \SystemRoot\system32\DRIVERS\amdppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\atikmdag.sys
Loaded driver \SystemRoot\System32\drivers\dxgkrnl.sys
Loaded driver \SystemRoot\system32\DRIVERS\atikmpag.sys
Loaded driver \SystemRoot\system32\drivers\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbfilter.sys
Loaded driver \SystemRoot\System32\Drivers\fastfat.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\bcmwl6.sys
Loaded driver \SystemRoot\system32\DRIVERS\vwifibus.sys
Loaded driver \SystemRoot\system32\DRIVERS\Rt86win7.sys
Loaded driver \SystemRoot\system32\DRIVERS\Accelerometer.sys
Loaded driver \SystemRoot\system32\drivers\CmBatt.sys
Loaded driver \SystemRoot\system32\drivers\wmiacpi.sys
Loaded driver \SystemRoot\system32\drivers\CompositeBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\clwvd.sys
Loaded driver \SystemRoot\system32\DRIVERS\AgileVpn.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\rassstp.sys
Loaded driver \SystemRoot\system32\DRIVERS\tap-tb-0901.sys
Loaded driver \SystemRoot\system32\drivers\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\umbus.sys
Did not load driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\drivers\AtihdW73.sys
Loaded driver \SystemRoot\system32\DRIVERS\stwrt.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Loaded driver \SystemRoot\System32\Drivers\usbvideo.sys
Loaded driver \SystemRoot\system32\drivers\bcbtums.sys
Loaded driver \??\C:\Windows\system32\drivers\btwampfl.sys
Loaded driver \SystemRoot\System32\Drivers\BTHUSB.sys
Loaded driver \SystemRoot\system32\DRIVERS\rfcomm.sys
Loaded driver \SystemRoot\system32\drivers\BthEnum.sys
Loaded driver \SystemRoot\system32\DRIVERS\btwavdt.sys
Loaded driver \SystemRoot\system32\drivers\btwaudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\btwl2cap.sys
Loaded driver \SystemRoot\system32\DRIVERS\btwdpan.sys
Loaded driver \SystemRoot\system32\DRIVERS\btwrchid.sys
Loaded driver \SystemRoot\system32\DRIVERS\monitor.sys
Loaded driver \SystemRoot\System32\Drivers\RtsUStor.sys
Loaded driver \SystemRoot\system32\drivers\luafv.sys
Loaded driver \SystemRoot\system32\DRIVERS\lltdio.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwifi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\system32\DRIVERS\rspndr.sys
Loaded driver \SystemRoot\system32\drivers\HTTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\bowser.sys
Loaded driver \SystemRoot\System32\drivers\mpsdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb10.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Did not load driver \SystemRoot\system32\drivers\parport.sys
Loaded driver \??\C:\Program Files\Quintessential Player\cdrpdacc.sys
Loaded driver \SystemRoot\system32\giveio.sys
Loaded driver \SystemRoot\system32\drivers\peauth.sys
Loaded driver \SystemRoot\System32\Drivers\secdrv.SYS
Loaded driver \??\C:\Windows\system32\speedfan.sys
Loaded driver \SystemRoot\System32\DRIVERS\srvnet.sys
Loaded driver \SystemRoot\System32\drivers\tcpipreg.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
Loaded driver \SystemRoot\system32\DRIVERS\vwifimp.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \SystemRoot\System32\drivers\ipnat.sys

  • 0

Advertisements


#17
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Update:

 

Just to let you know that I'll be off most of the weekend. Not sure if I'll be online at all. I'll try but just wanted to let you know in case I don't reply til Monday.

 

Hope that's not a problem.

 

Thanks.


  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Delays are no problem.  I don't keep track or close threads. 

 

Just as well you weren't able to edit the post as I don't get notified of edits.

 

Your boot log looks about normal.  You don't have a CDROM so that's why it can't load that driver.  Ditto for the parport.sys (Parallel port).  VGA.sys only gets loaded in Safe Mode.  NDProxy.SYS is like that in every boot log I've seen.  I've read where it's an error in an inf file from MS.  srv.sys normally does start OK.  I've seen recommendations to change it to Start on Demand rather than on Automatic.  It is used for file sharing so unlikely that you need it.  You can open an elevated command prompt and type (with an Enter after the line):

sc  query  srv

to see if it is running.

 

If not running see if it will start:

sc  start  srv

To change cdrom & parport to on demand:

sc  config  cdrom  start=demand
sc  config  parport  start=demand

You should go into MSCONFIG and uncheck boot logging since we don't want it to keep running.


  • 0

#19
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Not sure if the cmd commands executed properly. Doesn't seem like it.

 

cmd.png

 

 

P.S. Boot log unchecked.


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Try typing the commands in instead of copying.  You don't need the extra spaces.  I just put them in because the forum software squeezes things together.


  • 0

#21
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts
I got the same results when typing manually and putting one space only.

I thought so because the first line was copied and pasted and worked but the others didn't didn't.

Edited by Fidel Castro, 07 August 2015 - 01:07 PM.

  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

I see the problem.  A space is required after the =

 

It should be:

sc  config  cdrom  start=  demand
sc  config  parport  start=  demand

After you do that let's clear the alarms and reboot then Run FRST with Addition and post both logs.

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 

 

Then run FRST and post both logs.

 

Also run Process Explorer again and let's see where we stand.


  • 0

#23
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, the cmd commands have been executed successfully.

 

cmd2.png

 

Not sure about the 'alarms' part and what alarms should I clear.

 

Here is the FRST long, even before rebooting...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:08-08-2015 01
Ran by inFidel (administrator) on INFIDEL-1337 (08-08-2015 16:46:20)
Running from C:\Users\inFidel\Desktop\FRST
Loaded Profiles: inFidel (Available Profiles: inFidel)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{105A5B5F-4AF5-4AF1-ABB2-C5304DF513A9}: [DhcpNameServer] 192.168.101.99 194.25.0.60
Tcpip\..\Interfaces\{179481F9-0A44-409D-9AD9-2FE55069DD52}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A17A0D3A-9613-4F2B-A3D1-28C472C7F6A8}: [DhcpNameServer] 192.168.43.1

FireFox:
========
FF ProfilePath: C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @gpac/osmozilla,version=1.0 -> C:\Program Files\GPAC\nposmozilla.dll [2014-04-25] ( )
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Extension: Youtube Accelerator Helper - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-07-14]
FF Extension: iMacros for Firefox - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-07-29]
FF Extension: Browsec - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: TinEye Reverse Image Search - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2012-06-29]
FF Extension: Search By Image (by Google) - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2012-06-29]
FF Extension: Adblock Plus - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-15]

Chrome:
=======
CHR Profile: C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Please enter your password) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-06-09]
CHR Extension: (YouTube) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-13]
CHR Extension: (Adblock Plus) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-19]
CHR Extension: (Pushbullet) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-01-02]
CHR Extension: (Google Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-13]
CHR Extension: (Search by Image (by Google)) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2012-12-16]
CHR Extension: (Tampermonkey) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-06-09]
CHR Extension: (Chrome Speak) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2015-02-23]
CHR Extension: (Stylish) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-09]
CHR Extension: (Select and Speak - Text to Speech) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2015-02-23]
CHR Extension: (Notty Notes) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbmjahbkbhakkfgjiggdclpmmpmhajn [2013-06-09]
CHR Extension: (Planetarium) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-06-09]
CHR Extension: (AdBlock) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-21]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-07-31]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-12-16]
CHR Extension: (TweetDeck by Twitter) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-09]
CHR Extension: (Eye Dropper) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Quick Note) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-06-09]
CHR Extension: (EXIF Reader) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-06-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (YT Repeat) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piicimoiaiblachamdicgngccadhlecl [2013-06-09]
CHR Extension: (Gmail) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-13]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-11-02] (ABBYY (BIT Software)) [File not signed]
S4 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282706 2011-07-01] (IDT, Inc.)
S4 TunnelBearMaintenance; C:\Program Files\TunnelBear\TBear.Maintenance.exe [26048 2014-07-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [142504 2011-07-15] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [551976 2011-07-15] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [76328 2011-07-15] (Broadcom Corporation.)
R2 CDRPDACC; C:\Program Files\Quintessential Player\cdrpdacc.sys [5273 2005-12-06] (Arrowkey) [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation                           )
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-06-17] (The OpenVPN Project)
U3 Winsock; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-06 19:45 - 2015-08-08 16:46 - 00000000 ____D C:\Users\inFidel\Desktop\FRST
2015-08-06 18:11 - 2015-08-06 18:11 - 00004271 _____ C:\Users\inFidel\Desktop\Hardware Interrupts and DPCs.txt
2015-08-06 18:06 - 2015-08-06 18:07 - 00050385 _____ C:\Users\inFidel\Desktop\Addition.txt
2015-08-06 18:03 - 2015-08-06 18:07 - 00048514 _____ C:\Users\inFidel\Desktop\FRST.txt
2015-08-06 17:20 - 2015-08-06 17:20 - 00000000 ____D C:\$SysReset
2015-08-05 20:26 - 2015-08-05 21:06 - 00061440 _____ ( ) C:\Users\inFidel\Desktop\VEW.exe
2015-08-05 20:00 - 2015-08-06 17:54 - 00000326 _____ C:\Users\inFidel\Desktop\GTG reply.txt
2015-08-05 19:55 - 2015-08-05 19:57 - 05127432 _____ (Piriform Ltd) C:\Users\inFidel\Desktop\spsetup128.exe
2015-08-05 19:43 - 2015-08-05 19:43 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\inFidel\Desktop\procexp.exe
2015-08-05 19:21 - 2015-08-08 16:46 - 00000000 ____D C:\FRST
2015-08-04 15:46 - 2015-08-04 16:03 - 179110784 _____ (AMD Inc.) C:\Users\inFidel\Desktop\amd-catalyst-15.7.1-win10-32bit.exe
2015-08-04 15:39 - 2015-08-04 15:40 - 05455048 _____ (Advanced Micro Devices, Inc.) C:\Users\inFidel\Desktop\autodetectutility.exe
2015-07-30 05:28 - 2015-08-07 03:34 - 00000000 __SHD C:\Recovery
2015-07-30 04:58 - 2015-07-30 04:58 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-07-29 19:33 - 2015-08-04 16:03 - 00000000 ____D C:\AMD
2015-07-29 18:30 - 2015-07-29 18:31 - 00000757 _____ C:\Windows\DtcInstall.log
2015-07-29 18:23 - 2015-07-29 20:12 - 00006575 _____ C:\Windows\comsetup.log
2015-07-29 18:20 - 2015-07-29 20:14 - 00010449 _____ C:\Windows\diagerr.xml
2015-07-29 18:20 - 2015-07-29 20:14 - 00009528 _____ C:\Windows\diagwrn.xml
2015-07-29 02:33 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:33 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:33 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:33 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 02:26 - 2015-08-07 03:26 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 20:20 - 2015-07-28 20:20 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-28 20:20 - 2015-07-28 20:20 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-28 20:19 - 2015-07-28 20:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-27 20:49 - 2015-07-27 20:49 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-07-25 17:29 - 2015-08-08 14:05 - 00002535 _____ C:\Windows\setupact.log
2015-07-25 17:29 - 2015-07-29 18:20 - 00000495 _____ C:\Windows\setuperr.log
2015-07-20 21:02 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 21:02 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-18 04:45 - 2015-07-18 04:45 - 00000000 ____D C:\Users\inFidel\AppData\Local\GWX
2015-07-15 16:20 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 16:20 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 16:20 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 16:20 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 16:20 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 16:20 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 16:20 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 16:20 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 16:20 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 16:20 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 16:19 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 16:19 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 16:19 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 16:19 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 16:19 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 16:17 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 16:17 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 16:16 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 16:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 16:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 16:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 16:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 16:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 16:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 16:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 16:06 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 16:06 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:06 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 16:06 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:06 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 16:06 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 16:06 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 16:06 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:06 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:06 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 16:06 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:06 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 16:06 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 16:06 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 16:06 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 16:06 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 16:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 16:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 16:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 16:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 16:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 16:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-10 13:17 - 2015-08-06 17:42 - 00000000 ___HD C:\$Windows.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 16:45 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-08 16:45 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-08 16:42 - 2011-10-24 10:57 - 01920654 _____ C:\Windows\WindowsUpdate.log
2015-08-08 14:09 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-08 14:05 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-07 03:27 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-07 03:26 - 2015-05-09 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 03:26 - 2014-10-24 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2015-08-07 03:26 - 2014-10-22 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-07 03:26 - 2014-08-02 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-07 03:26 - 2014-07-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-07 03:26 - 2014-07-14 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2015-08-07 03:26 - 2014-07-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2015-08-07 03:26 - 2014-07-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-07 03:26 - 2014-07-03 00:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 03:26 - 2014-04-26 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-08-07 03:26 - 2014-04-26 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Osmo4
2015-08-07 03:26 - 2013-12-13 03:07 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2015-08-07 03:26 - 2013-11-21 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 03:26 - 2013-11-10 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0
2015-08-07 03:26 - 2013-04-15 05:15 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-15 05:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-14 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 03:26 - 2013-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-07 03:26 - 2013-01-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 03:26 - 2012-12-29 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-08-07 03:26 - 2012-07-10 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 03:26 - 2012-07-10 00:30 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-07 03:26 - 2012-07-10 00:25 - 00000000 ____D C:\Windows\SHELLNEW
2015-08-07 03:26 - 2012-06-28 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALFA Wireless LAN Utility
2015-08-07 03:26 - 2012-06-28 21:12 - 00000000 ____D C:\Windows\system32\RtlGina
2015-08-07 03:26 - 2012-04-13 20:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quintessential Player
2015-08-07 03:26 - 2012-04-13 19:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 03:26 - 2012-04-11 22:21 - 00000000 ____D C:\Windows\system32\%COREALLUSERPATH%
2015-08-07 03:26 - 2011-10-24 11:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-08-07 03:26 - 2011-10-24 10:56 - 00000000 ____D C:\Program Files\IDT
2015-08-07 03:26 - 2011-08-12 11:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-07 03:26 - 2011-08-12 11:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-08-07 03:26 - 2011-08-12 11:04 - 00000000 ____D C:\Windows\system32\Adobe
2015-08-07 03:26 - 2011-08-12 11:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-07 03:26 - 2011-08-12 11:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-07 03:26 - 2011-08-12 10:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-07 03:26 - 2011-06-14 06:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-06 19:53 - 2015-06-22 22:37 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 19:53 - 2014-10-06 20:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 19:53 - 2012-04-13 19:06 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 17:54 - 2014-06-06 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-06 17:52 - 2014-07-03 15:24 - 00000000 ____D C:\Windows\pss
2015-08-06 17:44 - 2012-06-28 14:10 - 00000000 ___RD C:\Users\inFidel\Dropbox
2015-08-06 17:44 - 2012-06-28 14:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Dropbox
2015-08-06 17:42 - 2014-07-02 17:17 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-06 17:35 - 2014-07-03 16:25 - 00123662 _____ C:\Windows\PFRO.log
2015-08-06 16:12 - 2012-04-12 18:30 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieUserList
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieSiteList
2015-08-06 13:59 - 2014-07-30 16:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\ViberPC
2015-08-06 13:59 - 2014-07-30 16:16 - 00000000 ____D C:\Users\inFidel\AppData\Local\Viber
2015-08-06 12:01 - 2014-07-02 20:29 - 00000000 ____D C:\Program Files\SpeedFan
2015-08-04 17:03 - 2013-09-08 19:30 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\vlc
2015-08-03 22:10 - 2013-07-20 00:02 - 00001456 _____ C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-02 22:52 - 2012-07-09 16:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-01 20:23 - 2014-10-15 23:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-30 01:55 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel\AppData\Local\VirtualStore
2015-07-29 20:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-29 19:59 - 2014-06-30 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 18:19 - 2007-01-02 01:53 - 00000000 ____D C:\Windows\Panther
2015-07-29 02:32 - 2015-06-22 22:37 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-29 02:23 - 2012-04-13 19:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-28 20:18 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-28 19:36 - 2014-07-02 20:29 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2015-07-28 02:04 - 2015-04-18 21:35 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForinFidel.job
2015-07-27 20:57 - 2015-04-05 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 19:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-25 17:25 - 2012-09-18 12:56 - 00000000 ____D C:\ProgramData\xml_param
2015-07-23 11:17 - 2012-06-28 22:19 - 00000000 ____D C:\Windows\Minidump
2015-07-23 11:00 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-21 21:00 - 2009-07-14 06:33 - 03823832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 23:02 - 2011-08-12 11:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-18 20:10 - 2014-07-02 17:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-16 15:00 - 2015-05-09 18:46 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:23 - 2013-11-19 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:52 - 2012-07-10 00:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2012-04-13 20:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 12:40 - 2011-08-12 10:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-07-04 14:08 - 2013-05-05 15:24 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-07-20 00:02 - 2015-08-03 22:10 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-02-21 07:29 - 2014-12-14 23:09 - 0007627 _____ () C:\Users\inFidel\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\inFidel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp3futq.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\inFidel\AppData\Local\Temp\sfareca00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-25 19:06

==================== End of log ============================

 

And here is the FRST Addition log, again before rebooting.

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:08-08-2015 01
Ran by inFidel (2015-08-08 16:47:30)
Running from C:\Users\inFidel\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4041656617-1838989228-2178339868-500 - Administrator - Disabled)
Guest (S-1-5-21-4041656617-1838989228-2178339868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4041656617-1838989228-2178339868-1004 - Limited - Enabled)
inFidel (S-1-5-21-4041656617-1838989228-2178339868-1000 - Administrator - Enabled) => C:\Users\inFidel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{A930C335-3FC8-A452-B8CA-F3998969CA3A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1600 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1600 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Futuremark SystemInfo (HKLM\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM\...\{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}) (Version: 2.1.0 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{7414C891-720D-4E86-85E5-C3AA898DA9EC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company)
HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM\...\{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}) (Version: 3.1.0.9791 - Hewlett-Packard Company)
HP Setup (HKLM\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6351.0 - IDT)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
iSkysoft Video Converter(Build 3.1.1.0) (HKLM\...\iSkysoft Video Converter_is1) (Version:  - iSkysoft Software)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lucid Dream Preparation (HKLM\...\Lucid Dream Preparation_is1) (Version:  - )
Magic ISO Maker v5.4 (build 0239) (HKLM\...\Magic ISO Maker v5.4 (build 0239)) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Osmo4/GPAC (remove only) (HKLM\...\Osmo4) (Version:  - )
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Ports Of Call Simulator 3d - Updater (HKLM\...\Ports Of Call Simulator 3d - Updater) (Version:  - )
Ports Of Call Simulator 3d (HKLM\...\Ports Of Call Simulator 3d) (Version:  - )
Ports Of Call XXL (HKLM\...\Ports Of Call XXL) (Version:  - )
Ports Of Call XXL WEB installer (HKLM\...\Ports Of Call XXL WEB installer) (Version: 1.0.13 - MMS Dipl.-Ing. Rolf-Dieter Klein)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Quintessential Player (HKLM\...\Quintessential Player) (Version: 4.51 - Quinnware)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd)
Recovery Manager (Version: 2.0.0 - Hewlett-Packard) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
Topaz  InFocus (HKLM\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (Version: 4.1.0 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (Version: 2.0.5 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (Version: 3.1.0 - Topaz Labs) Hidden
TunnelBear (HKLM\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (Version: 2.2.25.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{219D3EAA-D5B5-9D41-67F5-C9D57885EE5A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

06-08-2015 17:39:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-13 19:24 - 2014-08-30 00:52 - 00000924 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
google.com serena.costa.it
google.com onboardportal.serena.costa.it

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009986E1-084C-45EA-9604-7C8FC043A1B3} - System32\Tasks\RealCreateProcessScheduledTask1255228849S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {103AAA73-BD59-4F3F-9257-15810F30E961} - System32\Tasks\HPCeeScheduleForinFidel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {20E6881A-B853-4D82-82C7-F135398C8FCF} - System32\Tasks\{351260BE-BC63-47A8-966B-0729B8279AC5} => pcalua.exe -a C:\PROGRA~1\poc\pocxxl\UNWISE.EXE -c C:\PROGRA~1\poc\pocxxl\INSTAL~1.LOG
Task: {354FB93B-2CD8-4E84-B8F4-FB347026CEF3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4885BD6E-AB34-4F93-B1BF-6F00AC56797E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4BEFD5F4-9E85-4068-8279-BBDB61B181CB} - System32\Tasks\AdobeAAMUpdater-1.0-inFidel-1337-inFidel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {53A86098-E92D-465A-9992-5B0DE052377E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {55E475E8-CD21-4285-BC33-0BB31C3C0F3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {5AD50DD1-F8CB-44BD-8037-C916B4487505} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {5AD99B81-4044-4598-A14C-A96AA6485E44} - System32\Tasks\RealCreateProcessScheduledTask422498102S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {5E9E1543-5646-4D83-9217-C26BFFF0EB9A} - System32\Tasks\ReclaimerUpdateXML_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6283D386-3EE5-4D2C-9649-D392BC8BD632} - System32\Tasks\ReclaimerUpdateFiles_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6862C974-65DA-4679-BDFD-4822FAEBEF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {70EFD96E-15A1-4F5C-9D80-C7DF43B7FE07} - System32\Tasks\RealCreateProcessScheduledTask1816915314S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {71E639F9-8720-44DC-BCB3-361CCF47B5E9} - System32\Tasks\RNUpgradeHelperResumePrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {7D6D93E2-73C2-4AC5-A718-42BE28FC0578} - System32\Tasks\RealCreateProcessScheduledTask252138895S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {7F68AF9C-4412-453D-8D6E-5416A6416BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {82B34A9E-CDE5-485B-AB0D-18F493C00310} - System32\Tasks\RealCreateProcessScheduledTask1575878248S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {860EC9CB-A3CF-4BBB-AABD-71E1A4B14DA9} - System32\Tasks\RealCreateProcessScheduledTask3427956672S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {8F7EB076-1391-433B-8052-A4439A675A14} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {98CB750C-B919-409C-8666-BCE5246A5CB8} - System32\Tasks\RealCreateProcessScheduledTask977211496S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {9DD41417-F1DD-4A5E-AAD3-B08331EB3424} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A069C56C-0897-4BA2-8D03-F6053EF86B9D} - System32\Tasks\RNUpgradeHelperLogonPrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {A5FC74E8-BD6D-4D81-9B55-F1ADB1730C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B72CD943-73BF-44B2-B595-9696646795E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BD56AF2E-907C-44C8-897A-40C9806F3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {BED9992B-B1C6-4AB7-B3C5-C88E6B6520D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C2D86B3B-2BC1-431E-8AE1-473AC64CFB88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {C4878030-99B3-45D1-BC5A-106549CAD895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {C93C598B-FEB8-4255-8540-FA81DA29185A} - System32\Tasks\{C4DE863C-94D5-40D1-9C25-152C05E4A3BC} => pcalua.exe -a C:\PROGRA~1\MagicISO\UNWISE.EXE -c C:\PROGRA~1\MagicISO\INSTALL.LOG
Task: {CC2282AC-B4DA-4915-BB90-D9CB1E511BEE} - System32\Tasks\RealCreateProcessScheduledTask3586971720S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {CFF52379-353C-4C55-9ACF-0752840AB3FE} - System32\Tasks\RealCreateProcessScheduledTask3278052768S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {D05CC1AE-6F8F-46AA-B059-78292F4FA782} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {D44DD388-5750-4948-BAAE-C734BB0EADE8} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-07-07] (CyberLink)
Task: {DC16CBDE-AA9E-4210-A986-8D68EA498A7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0BA284D-66A1-45B7-81C3-26863D50B281} - System32\Tasks\RealCreateProcessScheduledTask3543218697S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {E7973815-D42D-4EDC-9FCF-88D6231943D2} - System32\Tasks\RealCreateProcessScheduledTask460272418S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {EDA8FD07-340F-4073-8D95-DB2FBBF08B12} - System32\Tasks\RealCreateProcessScheduledTask1257031909S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {FA930F2A-9ECB-4043-836C-6C803C2FB6D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForinFidel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\inFidel\Desktop\NEW-LOGO-2014.png:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.9.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TunnelBearMaintenance => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^inFidel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP CoolSense => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\update\realsched.exe"  -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13150711-637C-4B7B-B015-927C8AFD0B34}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8A11AF01-A2E1-42FE-A548-E27057A37A69}] => (Allow) LPort=2869
FirewallRules: [{8FC51FDF-9204-4114-B98C-FDE066FE7A42}] => (Allow) LPort=1900
FirewallRules: [{D7B0BF1F-5AC7-4BDE-95EA-48353153D9B2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B1C6C39-989E-45C0-85C8-30E9EE046446}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{EA72AEC1-BC41-41FC-8C9B-F2CC50E56246}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{503748D5-04FD-4FC0-BBEF-613EACE3B0B4}] => (Allow) C:\Program Files\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{25C05E15-0F88-43CA-BF88-A6699555192D}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{CDEB5FDC-6FE5-427D-970A-078496B66720}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4ABDBE74-524E-4004-A29E-964F100DDD72}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{596B2558-52B5-43EA-9382-68F871A3FE16}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20EDB504-9744-4606-A198-B9171F7071F8}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{29A5756D-6F75-4441-AEC2-96EAE6476ED7}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D7EC3FAC-2050-402C-A6B3-BCDC169A855D}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{BA03B495-55E6-4CE0-B8A0-5EED5450DD01}] => (Allow) LPort=1542
FirewallRules: [{9CD2D101-7391-45AF-94F1-2E464E048363}] => (Allow) LPort=1542
FirewallRules: [{1A48C6AB-4E1D-413C-9378-D793A3DAA5EB}] => (Allow) LPort=53
FirewallRules: [TCP Query User{5036818C-8EB0-4344-9929-64EF17FD885E}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60E77581-9FF8-4C73-A6F6-31EA5EDD5B70}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AEC02BD7-A6E1-421E-ADFC-D1F45C07C0FC}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{65367420-F09D-46F0-A7A8-8E3AFF5E2386}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{B74A1F15-39F3-4CE2-8A7C-5F2E46B37A39}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [UDP Query User{272B80D2-3BCE-42F7-B2C0-CDD78C884450}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [{C16841EF-920F-4323-99D5-3D3993DCD3F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9CAFFCC9-9E0A-4911-809B-CA1C52D63A48}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C4998E5E-82F4-44DB-A08C-94E5ABAFADD8}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{A2B7E03B-E010-4968-A99A-C82E2107E370}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8C81D482-2533-4D4C-938F-E257F60AF7F2}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{18AB7373-127E-42E2-AA72-B9FBC9C3951E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C421BD34-A57C-4D92-9AA3-E92DAA163EB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F8762FD3-57FF-4E15-8A90-90F2C5B5FE14}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{795010D6-440A-4A01-803D-57EA1877225B}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F38BFF15-E50E-4187-8426-369D6AABDF6D}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEA7936-A8B5-4B08-98AA-B3EB0A451214}] => (Allow) C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2015 02:06:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2015 07:55:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2015 06:07:45 PM) (Source: ESENT) (EventID: 467) (User: )
Description: taskhost (2352) WebCacheLocal: Database C:\Users\inFidel\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat: Index PartitionIdIndex of table Containers is corrupted (0).

Error: (08/06/2015 05:57:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2015 05:37:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2015 06:13:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wuauclt.exe, version: 7.6.7601.18917, time stamp: 0x559eab0c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x69770073
Faulting process id: 0x1718
Faulting application start time: 0xwuauclt.exe0
Faulting application path: wuauclt.exe1
Faulting module path: wuauclt.exe2
Report Id: wuauclt.exe3

Error: (07/28/2015 08:15:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 08:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dropbox.exe, version: 3.6.9.0, time stamp: 0x550a7723
Faulting module name: ole32.dll, version: 6.1.7601.18915, time stamp: 0x55981b9e
Exception code: 0xc0000005
Fault offset: 0x0002d7e1
Faulting process id: 0xcd4
Faulting application start time: 0xDropbox.exe0
Faulting application path: Dropbox.exe1
Faulting module path: Dropbox.exe2
Report Id: Dropbox.exe3

Error: (07/27/2015 08:47:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2015 05:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/08/2015 02:05:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/08/2015 02:05:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:05:41 on ‎7.‎8.‎2015 was unexpected.

Error: (08/06/2015 07:53:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/06/2015 05:55:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/06/2015 05:54:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (08/06/2015 05:36:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/06/2015 05:35:10 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (07/29/2015 06:19:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/29/2015 12:21:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (07/29/2015 02:17:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 3578.91 MB
Available physical RAM: 2369.55 MB
Total Virtual: 7156.13 MB
Available Virtual: 5977.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:50.4 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.73 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
Drive f: (Data) (Fixed) (Total:345.86 GB) (Free:152.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6500A13B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=365.6 GB) - (Type=OF Extended)

==================== End of log ============================

 

I'll now reboot, clear the logs, reboot again, scan for critical system files and continue with the instructions. I'll post again the FRST and FRST Addition log after all that.


  • 0

#24
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

The scan finished and there were some corrupt files which couldn't be fixed.

 

cmd3.png

 

The log I found is attached, in case you want to take a look.

 

I'll now use the other lines and try to fix it.

Attached Files

  • Attached File  CBS.log   1.06MB   197 downloads

Edited by Fidel Castro, 08 August 2015 - 09:22 AM.

  • 0

#25
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Here is the junk log generated after the cmd commads:

 

2015-08-08 16:59:25, Info                  CSI    00000009 [SR] Verifying 100 (0x00000064) components
2015-08-08 16:59:25, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2015-08-08 16:59:34, Info                  CSI    0000000c [SR] Verify complete
2015-08-08 16:59:36, Info                  CSI    0000000d [SR] Verifying 100 (0x00000064) components
2015-08-08 16:59:36, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2015-08-08 16:59:43, Info                  CSI    00000010 [SR] Verify complete
2015-08-08 16:59:45, Info                  CSI    00000011 [SR] Verifying 100 (0x00000064) components
2015-08-08 16:59:45, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2015-08-08 16:59:56, Info                  CSI    00000014 [SR] Verify complete
2015-08-08 16:59:58, Info                  CSI    00000015 [SR] Verifying 100 (0x00000064) components
2015-08-08 16:59:58, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:02, Info                  CSI    00000018 [SR] Verify complete
2015-08-08 17:00:04, Info                  CSI    00000019 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:04, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:08, Info                  CSI    0000001c [SR] Verify complete
2015-08-08 17:00:11, Info                  CSI    0000001d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:11, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:14, Info                  CSI    00000020 [SR] Verify complete
2015-08-08 17:00:17, Info                  CSI    00000021 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:17, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:20, Info                  CSI    00000024 [SR] Verify complete
2015-08-08 17:00:22, Info                  CSI    00000025 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:22, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:25, Info                  CSI    00000028 [SR] Verify complete
2015-08-08 17:00:28, Info                  CSI    00000029 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:28, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:31, Info                  CSI    0000002c [SR] Verify complete
2015-08-08 17:00:33, Info                  CSI    0000002d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:33, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:35, Info                  CSI    00000030 [SR] Verify complete
2015-08-08 17:00:37, Info                  CSI    00000031 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:37, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:40, Info                  CSI    00000034 [SR] Verify complete
2015-08-08 17:00:42, Info                  CSI    00000035 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:42, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:44, Info                  CSI    00000038 [SR] Verify complete
2015-08-08 17:00:46, Info                  CSI    00000039 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:46, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:49, Info                  CSI    0000003c [SR] Verify complete
2015-08-08 17:00:51, Info                  CSI    0000003d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:51, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:53, Info                  CSI    00000040 [SR] Verify complete
2015-08-08 17:00:54, Info                  CSI    00000041 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:00:54, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2015-08-08 17:00:59, Info                  CSI    00000044 [SR] Verify complete
2015-08-08 17:01:00, Info                  CSI    00000045 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:00, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:03, Info                  CSI    00000048 [SR] Verify complete
2015-08-08 17:01:05, Info                  CSI    00000049 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:05, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:07, Info                  CSI    0000004c [SR] Verify complete
2015-08-08 17:01:08, Info                  CSI    0000004d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:08, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:11, Info                  CSI    00000050 [SR] Verify complete
2015-08-08 17:01:12, Info                  CSI    00000051 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:12, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:15, Info                  CSI    00000054 [SR] Verify complete
2015-08-08 17:01:17, Info                  CSI    00000055 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:17, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:19, Info                  CSI    00000058 [SR] Verify complete
2015-08-08 17:01:20, Info                  CSI    00000059 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:20, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:22, Info                  CSI    0000005c [SR] Verify complete
2015-08-08 17:01:23, Info                  CSI    0000005d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:23, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:29, Info                  CSI    00000060 [SR] Verify complete
2015-08-08 17:01:30, Info                  CSI    00000061 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:30, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:35, Info                  CSI    00000064 [SR] Verify complete
2015-08-08 17:01:36, Info                  CSI    00000065 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:36, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:40, Info                  CSI    00000068 [SR] Verify complete
2015-08-08 17:01:41, Info                  CSI    00000069 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:41, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2015-08-08 17:01:49, Info                  CSI    0000006c [SR] Verify complete
2015-08-08 17:01:50, Info                  CSI    0000006d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:01:50, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:03, Info                  CSI    00000070 [SR] Verify complete
2015-08-08 17:02:04, Info                  CSI    00000071 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:04, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:14, Info                  CSI    00000077 [SR] Verify complete
2015-08-08 17:02:15, Info                  CSI    00000078 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:15, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:22, Info                  CSI    0000007c [SR] Verify complete
2015-08-08 17:02:23, Info                  CSI    0000007d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:23, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:30, Info                  CSI    00000080 [SR] Verify complete
2015-08-08 17:02:31, Info                  CSI    00000081 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:31, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:45, Info                  CSI    00000089 [SR] Verify complete
2015-08-08 17:02:47, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:47, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2015-08-08 17:02:58, Info                  CSI    00000092 [SR] Verify complete
2015-08-08 17:02:59, Info                  CSI    00000093 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:02:59, Info                  CSI    00000094 [SR] Beginning Verify and Repair transaction
2015-08-08 17:03:08, Info                  CSI    00000096 [SR] Verify complete
2015-08-08 17:03:09, Info                  CSI    00000097 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:03:09, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2015-08-08 17:03:17, Info                  CSI    0000009a [SR] Verify complete
2015-08-08 17:03:18, Info                  CSI    0000009b [SR] Verifying 100 (0x00000064) components
2015-08-08 17:03:18, Info                  CSI    0000009c [SR] Beginning Verify and Repair transaction
2015-08-08 17:03:26, Info                  CSI    0000009e [SR] Verify complete
2015-08-08 17:03:27, Info                  CSI    0000009f [SR] Verifying 100 (0x00000064) components
2015-08-08 17:03:27, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2015-08-08 17:03:34, Info                  CSI    000000a2 [SR] Verify complete
2015-08-08 17:03:35, Info                  CSI    000000a3 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:03:35, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:03:45, Info                  CSI    000000a6 [SR] Verify complete
2015-08-08 17:03:46, Info                  CSI    000000a7 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:03:46, Info                  CSI    000000a8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:01, Info                  CSI    000000ac [SR] Verify complete
2015-08-08 17:04:02, Info                  CSI    000000ad [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:02, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:16, Info                  CSI    000000b0 [SR] Verify complete
2015-08-08 17:04:17, Info                  CSI    000000b1 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:17, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:38, Info                  CSI    000000b4 [SR] Verify complete
2015-08-08 17:04:39, Info                  CSI    000000b5 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:39, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:49, Info                  CSI    000000b8 [SR] Verify complete
2015-08-08 17:04:50, Info                  CSI    000000b9 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:50, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:54, Info                  CSI    000000bc [SR] Verify complete
2015-08-08 17:04:55, Info                  CSI    000000bd [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:55, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2015-08-08 17:04:58, Info                  CSI    000000c0 [SR] Verify complete
2015-08-08 17:04:58, Info                  CSI    000000c1 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:04:58, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:03, Info                  CSI    000000c4 [SR] Verify complete
2015-08-08 17:05:04, Info                  CSI    000000c5 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:04, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:21, Info                  CSI    000000e4 [SR] Verify complete
2015-08-08 17:05:22, Info                  CSI    000000e5 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:22, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:25, Info                  CSI    000000e8 [SR] Verify complete
2015-08-08 17:05:25, Info                  CSI    000000e9 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:25, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:32, Info                  CSI    000000ec [SR] Verify complete
2015-08-08 17:05:33, Info                  CSI    000000ed [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:33, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:36, Info                  CSI    000000f0 [SR] Verify complete
2015-08-08 17:05:38, Info                  CSI    000000f1 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:38, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2015-08-08 17:05:49, Info                  CSI    000000f4 [SR] Verify complete
2015-08-08 17:05:50, Info                  CSI    000000f5 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:05:50, Info                  CSI    000000f6 [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:06, Info                  CSI    000000f9 [SR] Verify complete
2015-08-08 17:06:07, Info                  CSI    000000fa [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:07, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:11, Info                  CSI    000000fd [SR] Verify complete
2015-08-08 17:06:12, Info                  CSI    000000fe [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:12, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:15, Info                  CSI    00000101 [SR] Verify complete
2015-08-08 17:06:16, Info                  CSI    00000102 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:16, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:25, Info                  CSI    00000105 [SR] Verify complete
2015-08-08 17:06:26, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:26, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:33, Info                  CSI    00000109 [SR] Verify complete
2015-08-08 17:06:34, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:34, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2015-08-08 17:06:41, Info                  CSI    0000010d [SR] Verify complete
2015-08-08 17:06:42, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2015-08-08 17:06:42, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2015-08-08 17:07:00, Info                  CSI    0000012b [SR] Verify complete
2015-08-08 17:07:01, Info                  CSI    0000012c [SR] Verifying 100 (0x00000064) components
2015-08-08 17:07:01, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2015-08-08 17:07:12, Info                  CSI    00000138 [SR] Verify complete
2015-08-08 17:07:13, Info                  CSI    00000139 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:07:13, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2015-08-08 17:07:47, Info                  CSI    0000013c [SR] Verify complete
2015-08-08 17:07:48, Info                  CSI    0000013d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:07:48, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2015-08-08 17:07:58, Info                  CSI    00000140 [SR] Verify complete
2015-08-08 17:07:59, Info                  CSI    00000141 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:07:59, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2015-08-08 17:08:19, Info                  CSI    00000145 [SR] Verify complete
2015-08-08 17:08:20, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:08:20, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2015-08-08 17:08:31, Info                  CSI    00000149 [SR] Verify complete
2015-08-08 17:08:32, Info                  CSI    0000014a [SR] Verifying 100 (0x00000064) components
2015-08-08 17:08:32, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2015-08-08 17:08:39, Info                  CSI    0000014d [SR] Verify complete
2015-08-08 17:08:40, Info                  CSI    0000014e [SR] Verifying 100 (0x00000064) components
2015-08-08 17:08:40, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2015-08-08 17:08:48, Info                  CSI    00000151 [SR] Verify complete
2015-08-08 17:08:49, Info                  CSI    00000152 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:08:49, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2015-08-08 17:08:58, Info                  CSI    00000156 [SR] Verify complete
2015-08-08 17:08:59, Info                  CSI    00000157 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:08:59, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2015-08-08 17:09:27, Info                  CSI    0000015a [SR] Verify complete
2015-08-08 17:09:27, Info                  CSI    0000015b [SR] Verifying 100 (0x00000064) components
2015-08-08 17:09:27, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2015-08-08 17:09:37, Info                  CSI    0000015f [SR] Verify complete
2015-08-08 17:09:38, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:09:38, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2015-08-08 17:09:46, Info                  CSI    00000163 [SR] Verify complete
2015-08-08 17:09:47, Info                  CSI    00000164 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:09:47, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2015-08-08 17:09:58, Info                  CSI    00000167 [SR] Verify complete
2015-08-08 17:09:58, Info                  CSI    00000168 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:09:58, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:15, Info                  CSI    0000016c [SR] Verify complete
2015-08-08 17:10:16, Info                  CSI    0000016d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:10:16, Info                  CSI    0000016e [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:26, Info                  CSI    00000170 [SR] Verify complete
2015-08-08 17:10:27, Info                  CSI    00000171 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:10:27, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:35, Info                  CSI    00000174 [SR] Verify complete
2015-08-08 17:10:36, Info                  CSI    00000175 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:10:36, Info                  CSI    00000176 [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:44, Info                  CSI    00000179 [SR] Verify complete
2015-08-08 17:10:44, Info                  CSI    0000017a [SR] Verifying 100 (0x00000064) components
2015-08-08 17:10:44, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:54, Info                  CSI    0000017d [SR] Verify complete
2015-08-08 17:10:55, Info                  CSI    0000017e [SR] Verifying 100 (0x00000064) components
2015-08-08 17:10:55, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2015-08-08 17:10:55, Info                  CSI    00000181 [SR] Cannot repair member file [l:24{12}]"utc.app.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:10:55, Info                  CSI    00000183 [SR] Cannot repair member file [l:66{33}]"telemetry.ASM-WindowsDefault.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:10:59, Info                  CSI    00000185 [SR] Cannot repair member file [l:24{12}]"utc.app.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:10:59, Info                  CSI    00000186 [SR] This component was referenced by [l:158{79}]"Package_168_for_KB3068708~31bf3856ad364e35~x86~~6.1.1.0.3068708-604_neutral_GDR"
2015-08-08 17:10:59, Info                  CSI    00000188 [SR] Cannot repair member file [l:66{33}]"telemetry.ASM-WindowsDefault.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:10:59, Info                  CSI    00000189 [SR] This component was referenced by [l:158{79}]"Package_168_for_KB3068708~31bf3856ad364e35~x86~~6.1.1.0.3068708-604_neutral_GDR"
2015-08-08 17:11:01, Info                  CSI    0000018c [SR] Verify complete
2015-08-08 17:11:02, Info                  CSI    0000018d [SR] Verifying 100 (0x00000064) components
2015-08-08 17:11:02, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2015-08-08 17:11:12, Info                  CSI    00000190 [SR] Verify complete
2015-08-08 17:11:13, Info                  CSI    00000191 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:11:13, Info                  CSI    00000192 [SR] Beginning Verify and Repair transaction
2015-08-08 17:11:25, Info                  CSI    00000195 [SR] Verify complete
2015-08-08 17:11:26, Info                  CSI    00000196 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:11:26, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2015-08-08 17:11:36, Info                  CSI    00000199 [SR] Verify complete
2015-08-08 17:11:37, Info                  CSI    0000019a [SR] Verifying 100 (0x00000064) components
2015-08-08 17:11:37, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2015-08-08 17:11:53, Info                  CSI    0000019d [SR] Verify complete
2015-08-08 17:11:54, Info                  CSI    0000019e [SR] Verifying 100 (0x00000064) components
2015-08-08 17:11:54, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:06, Info                  CSI    000001a2 [SR] Verify complete
2015-08-08 17:12:07, Info                  CSI    000001a3 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:07, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:13, Info                  CSI    000001a6 [SR] Verify complete
2015-08-08 17:12:14, Info                  CSI    000001a7 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:14, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:17, Info                  CSI    000001aa [SR] Verify complete
2015-08-08 17:12:18, Info                  CSI    000001ab [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:18, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:26, Info                  CSI    000001ae [SR] Verify complete
2015-08-08 17:12:27, Info                  CSI    000001af [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:27, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:34, Info                  CSI    000001b2 [SR] Verify complete
2015-08-08 17:12:35, Info                  CSI    000001b3 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:35, Info                  CSI    000001b4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:42, Info                  CSI    000001b6 [SR] Verify complete
2015-08-08 17:12:43, Info                  CSI    000001b7 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:43, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:12:49, Info                  CSI    000001ba [SR] Verify complete
2015-08-08 17:12:50, Info                  CSI    000001bb [SR] Verifying 100 (0x00000064) components
2015-08-08 17:12:50, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2015-08-08 17:13:01, Info                  CSI    000001be [SR] Verify complete
2015-08-08 17:13:02, Info                  CSI    000001bf [SR] Verifying 100 (0x00000064) components
2015-08-08 17:13:02, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2015-08-08 17:13:32, Info                  CSI    000001c2 [SR] Verify complete
2015-08-08 17:13:33, Info                  CSI    000001c3 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:13:33, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:03, Info                  CSI    000001c6 [SR] Verify complete
2015-08-08 17:14:03, Info                  CSI    000001c7 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:03, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:15, Info                  CSI    000001ca [SR] Verify complete
2015-08-08 17:14:16, Info                  CSI    000001cb [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:16, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:20, Info                  CSI    000001ce [SR] Verify complete
2015-08-08 17:14:21, Info                  CSI    000001cf [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:21, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:26, Info                  CSI    000001d2 [SR] Verify complete
2015-08-08 17:14:27, Info                  CSI    000001d3 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:27, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:32, Info                  CSI    000001d6 [SR] Verify complete
2015-08-08 17:14:33, Info                  CSI    000001d7 [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:33, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:41, Info                  CSI    000001da [SR] Verify complete
2015-08-08 17:14:42, Info                  CSI    000001db [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:42, Info                  CSI    000001dc [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:44, Info                  CSI    000001de [SR] Verify complete
2015-08-08 17:14:45, Info                  CSI    000001df [SR] Verifying 100 (0x00000064) components
2015-08-08 17:14:45, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:47, Info                  CSI    000001e2 [SR] Verify complete
2015-08-08 17:14:48, Info                  CSI    000001e3 [SR] Verifying 93 (0x0000005d) components
2015-08-08 17:14:48, Info                  CSI    000001e4 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:58, Info                  CSI    000001e6 [SR] Verify complete
2015-08-08 17:14:58, Info                  CSI    000001e7 [SR] Repairing 1 components
2015-08-08 17:14:58, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2015-08-08 17:14:58, Info                  CSI    000001ea [SR] Cannot repair member file [l:24{12}]"utc.app.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:14:58, Info                  CSI    000001ec [SR] Cannot repair member file [l:66{33}]"telemetry.ASM-WindowsDefault.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:14:58, Info                  CSI    000001ee [SR] Cannot repair member file [l:24{12}]"utc.app.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:14:58, Info                  CSI    000001ef [SR] This component was referenced by [l:158{79}]"Package_168_for_KB3068708~31bf3856ad364e35~x86~~6.1.1.0.3068708-604_neutral_GDR"
2015-08-08 17:14:58, Info                  CSI    000001f1 [SR] Cannot repair member file [l:66{33}]"telemetry.ASM-WindowsDefault.json" of Microsoft-Windows-Unified-Telemetry-Client, Version = 6.1.7601.18869, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-08-08 17:14:58, Info                  CSI    000001f2 [SR] This component was referenced by [l:158{79}]"Package_168_for_KB3068708~31bf3856ad364e35~x86~~6.1.1.0.3068708-604_neutral_GDR"
2015-08-08 17:14:58, Info                  CSI    000001f5 [SR] Repair complete
2015-08-08 17:14:58, Info                  CSI    000001f6 [SR] Committing transaction
2015-08-08 17:14:58, Info                  CSI    000001fa [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

 

Here is the new FRST log after all above actions:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:08-08-2015 01
Ran by inFidel (administrator) on INFIDEL-1337 (08-08-2015 17:25:52)
Running from C:\Users\inFidel\Desktop\FRST
Loaded Profiles: inFidel (Available Profiles: inFidel)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{105A5B5F-4AF5-4AF1-ABB2-C5304DF513A9}: [DhcpNameServer] 192.168.101.99 194.25.0.60
Tcpip\..\Interfaces\{179481F9-0A44-409D-9AD9-2FE55069DD52}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A17A0D3A-9613-4F2B-A3D1-28C472C7F6A8}: [DhcpNameServer] 192.168.43.1

FireFox:
========
FF ProfilePath: C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @gpac/osmozilla,version=1.0 -> C:\Program Files\GPAC\nposmozilla.dll [2014-04-25] ( )
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Extension: Youtube Accelerator Helper - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-07-14]
FF Extension: iMacros for Firefox - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-07-29]
FF Extension: Browsec - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: TinEye Reverse Image Search - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2012-06-29]
FF Extension: Search By Image (by Google) - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2012-06-29]
FF Extension: Adblock Plus - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-15]

Chrome:
=======
CHR Profile: C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Please enter your password) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-06-09]
CHR Extension: (YouTube) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-13]
CHR Extension: (Adblock Plus) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-19]
CHR Extension: (Pushbullet) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-01-02]
CHR Extension: (Google Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-13]
CHR Extension: (Search by Image (by Google)) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2012-12-16]
CHR Extension: (Tampermonkey) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-06-09]
CHR Extension: (Chrome Speak) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2015-02-23]
CHR Extension: (Stylish) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-09]
CHR Extension: (Select and Speak - Text to Speech) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2015-02-23]
CHR Extension: (Notty Notes) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbmjahbkbhakkfgjiggdclpmmpmhajn [2013-06-09]
CHR Extension: (Planetarium) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-06-09]
CHR Extension: (AdBlock) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-21]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-07-31]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-12-16]
CHR Extension: (TweetDeck by Twitter) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-09]
CHR Extension: (Eye Dropper) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Quick Note) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-06-09]
CHR Extension: (EXIF Reader) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-06-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (YT Repeat) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piicimoiaiblachamdicgngccadhlecl [2013-06-09]
CHR Extension: (Gmail) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-13]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-11-02] (ABBYY (BIT Software)) [File not signed]
S4 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282706 2011-07-01] (IDT, Inc.)
S4 TunnelBearMaintenance; C:\Program Files\TunnelBear\TBear.Maintenance.exe [26048 2014-07-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [142504 2011-07-15] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [551976 2011-07-15] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [76328 2011-07-15] (Broadcom Corporation.)
R2 CDRPDACC; C:\Program Files\Quintessential Player\cdrpdacc.sys [5273 2005-12-06] (Arrowkey) [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation                           )
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-06-17] (The OpenVPN Project)
U3 Winsock; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-06 19:45 - 2015-08-08 17:25 - 00000000 ____D C:\Users\inFidel\Desktop\FRST
2015-08-06 18:11 - 2015-08-06 18:11 - 00004271 _____ C:\Users\inFidel\Desktop\Hardware Interrupts and DPCs.txt
2015-08-06 18:06 - 2015-08-06 18:07 - 00050385 _____ C:\Users\inFidel\Desktop\Addition.txt
2015-08-06 18:03 - 2015-08-06 18:07 - 00048514 _____ C:\Users\inFidel\Desktop\FRST.txt
2015-08-06 17:20 - 2015-08-06 17:20 - 00000000 ____D C:\$SysReset
2015-08-05 20:26 - 2015-08-05 21:06 - 00061440 _____ ( ) C:\Users\inFidel\Desktop\VEW.exe
2015-08-05 20:00 - 2015-08-06 17:54 - 00000326 _____ C:\Users\inFidel\Desktop\GTG reply.txt
2015-08-05 19:55 - 2015-08-05 19:57 - 05127432 _____ (Piriform Ltd) C:\Users\inFidel\Desktop\spsetup128.exe
2015-08-05 19:43 - 2015-08-05 19:43 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\inFidel\Desktop\procexp.exe
2015-08-05 19:21 - 2015-08-08 17:25 - 00000000 ____D C:\FRST
2015-08-04 15:46 - 2015-08-04 16:03 - 179110784 _____ (AMD Inc.) C:\Users\inFidel\Desktop\amd-catalyst-15.7.1-win10-32bit.exe
2015-08-04 15:39 - 2015-08-04 15:40 - 05455048 _____ (Advanced Micro Devices, Inc.) C:\Users\inFidel\Desktop\autodetectutility.exe
2015-07-30 05:28 - 2015-08-07 03:34 - 00000000 __SHD C:\Recovery
2015-07-30 04:58 - 2015-07-30 04:58 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-07-29 19:33 - 2015-08-04 16:03 - 00000000 ____D C:\AMD
2015-07-29 18:30 - 2015-07-29 18:31 - 00000757 _____ C:\Windows\DtcInstall.log
2015-07-29 18:23 - 2015-07-29 20:12 - 00006575 _____ C:\Windows\comsetup.log
2015-07-29 18:20 - 2015-07-29 20:14 - 00010449 _____ C:\Windows\diagerr.xml
2015-07-29 18:20 - 2015-07-29 20:14 - 00009528 _____ C:\Windows\diagwrn.xml
2015-07-29 02:33 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:33 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:33 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:33 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 02:26 - 2015-08-07 03:26 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 20:20 - 2015-07-28 20:20 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-28 20:20 - 2015-07-28 20:20 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-28 20:19 - 2015-07-28 20:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-27 20:49 - 2015-07-27 20:49 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-07-25 17:29 - 2015-08-08 16:56 - 00002647 _____ C:\Windows\setupact.log
2015-07-25 17:29 - 2015-07-29 18:20 - 00000495 _____ C:\Windows\setuperr.log
2015-07-20 21:02 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 21:02 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-18 04:45 - 2015-07-18 04:45 - 00000000 ____D C:\Users\inFidel\AppData\Local\GWX
2015-07-15 16:20 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 16:20 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 16:20 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 16:20 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 16:20 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 16:20 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 16:20 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 16:20 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 16:20 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 16:20 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 16:19 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 16:19 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 16:19 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 16:19 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 16:19 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 16:17 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 16:17 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 16:16 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 16:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 16:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 16:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 16:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 16:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 16:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 16:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 16:06 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 16:06 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:06 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 16:06 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:06 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 16:06 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 16:06 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 16:06 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:06 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:06 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 16:06 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:06 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 16:06 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 16:06 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 16:06 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 16:06 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 16:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 16:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 16:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 16:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 16:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 16:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-10 13:17 - 2015-08-06 17:42 - 00000000 ___HD C:\$Windows.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 17:08 - 2014-10-15 23:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-08 17:06 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-08 17:06 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-08 17:04 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-08 17:02 - 2011-10-24 10:57 - 01931594 _____ C:\Windows\WindowsUpdate.log
2015-08-08 16:57 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-07 03:27 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-07 03:26 - 2015-05-09 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 03:26 - 2014-10-24 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2015-08-07 03:26 - 2014-10-22 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-07 03:26 - 2014-08-02 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-07 03:26 - 2014-07-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-07 03:26 - 2014-07-14 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2015-08-07 03:26 - 2014-07-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2015-08-07 03:26 - 2014-07-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-07 03:26 - 2014-07-03 00:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 03:26 - 2014-04-26 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-08-07 03:26 - 2014-04-26 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Osmo4
2015-08-07 03:26 - 2013-12-13 03:07 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2015-08-07 03:26 - 2013-11-21 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 03:26 - 2013-11-10 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0
2015-08-07 03:26 - 2013-04-15 05:15 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-15 05:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-14 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 03:26 - 2013-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-07 03:26 - 2013-01-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 03:26 - 2012-12-29 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-08-07 03:26 - 2012-07-10 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 03:26 - 2012-07-10 00:30 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-07 03:26 - 2012-07-10 00:25 - 00000000 ____D C:\Windows\SHELLNEW
2015-08-07 03:26 - 2012-06-28 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALFA Wireless LAN Utility
2015-08-07 03:26 - 2012-06-28 21:12 - 00000000 ____D C:\Windows\system32\RtlGina
2015-08-07 03:26 - 2012-04-13 20:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quintessential Player
2015-08-07 03:26 - 2012-04-13 19:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 03:26 - 2012-04-11 22:21 - 00000000 ____D C:\Windows\system32\%COREALLUSERPATH%
2015-08-07 03:26 - 2011-10-24 11:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-08-07 03:26 - 2011-10-24 10:56 - 00000000 ____D C:\Program Files\IDT
2015-08-07 03:26 - 2011-08-12 11:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-07 03:26 - 2011-08-12 11:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-08-07 03:26 - 2011-08-12 11:04 - 00000000 ____D C:\Windows\system32\Adobe
2015-08-07 03:26 - 2011-08-12 11:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-07 03:26 - 2011-08-12 11:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-07 03:26 - 2011-08-12 10:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-07 03:26 - 2011-06-14 06:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-06 19:53 - 2015-06-22 22:37 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 19:53 - 2014-10-06 20:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 19:53 - 2012-04-13 19:06 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 17:54 - 2014-06-06 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-06 17:52 - 2014-07-03 15:24 - 00000000 ____D C:\Windows\pss
2015-08-06 17:44 - 2012-06-28 14:10 - 00000000 ___RD C:\Users\inFidel\Dropbox
2015-08-06 17:44 - 2012-06-28 14:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Dropbox
2015-08-06 17:42 - 2014-07-02 17:17 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-06 17:35 - 2014-07-03 16:25 - 00123662 _____ C:\Windows\PFRO.log
2015-08-06 16:12 - 2012-04-12 18:30 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieUserList
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieSiteList
2015-08-06 13:59 - 2014-07-30 16:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\ViberPC
2015-08-06 13:59 - 2014-07-30 16:16 - 00000000 ____D C:\Users\inFidel\AppData\Local\Viber
2015-08-06 12:01 - 2014-07-02 20:29 - 00000000 ____D C:\Program Files\SpeedFan
2015-08-04 17:03 - 2013-09-08 19:30 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\vlc
2015-08-03 22:10 - 2013-07-20 00:02 - 00001456 _____ C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-02 22:52 - 2012-07-09 16:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-30 01:55 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel\AppData\Local\VirtualStore
2015-07-29 20:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-29 19:59 - 2014-06-30 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 18:19 - 2007-01-02 01:53 - 00000000 ____D C:\Windows\Panther
2015-07-29 02:32 - 2015-06-22 22:37 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-29 02:23 - 2012-04-13 19:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-28 20:18 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-28 19:36 - 2014-07-02 20:29 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2015-07-28 02:04 - 2015-04-18 21:35 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForinFidel.job
2015-07-27 20:57 - 2015-04-05 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 19:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-25 17:25 - 2012-09-18 12:56 - 00000000 ____D C:\ProgramData\xml_param
2015-07-23 11:17 - 2012-06-28 22:19 - 00000000 ____D C:\Windows\Minidump
2015-07-23 11:00 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-21 21:00 - 2009-07-14 06:33 - 03823832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 23:02 - 2011-08-12 11:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-18 20:10 - 2014-07-02 17:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-16 15:00 - 2015-05-09 18:46 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:23 - 2013-11-19 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:52 - 2012-07-10 00:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2012-04-13 20:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 12:40 - 2011-08-12 10:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-07-04 14:08 - 2013-05-05 15:24 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-07-20 00:02 - 2015-08-03 22:10 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-02-21 07:29 - 2014-12-14 23:09 - 0007627 _____ () C:\Users\inFidel\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\inFidel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp3futq.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\inFidel\AppData\Local\Temp\sfareca00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-25 19:06

==================== End of log ============================

 

And here is the FRST Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:08-08-2015 01
Ran by inFidel (2015-08-08 17:27:43)
Running from C:\Users\inFidel\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4041656617-1838989228-2178339868-500 - Administrator - Disabled)
Guest (S-1-5-21-4041656617-1838989228-2178339868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4041656617-1838989228-2178339868-1004 - Limited - Enabled)
inFidel (S-1-5-21-4041656617-1838989228-2178339868-1000 - Administrator - Enabled) => C:\Users\inFidel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{A930C335-3FC8-A452-B8CA-F3998969CA3A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1600 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1600 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Futuremark SystemInfo (HKLM\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM\...\{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}) (Version: 2.1.0 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{7414C891-720D-4E86-85E5-C3AA898DA9EC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company)
HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM\...\{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}) (Version: 3.1.0.9791 - Hewlett-Packard Company)
HP Setup (HKLM\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6351.0 - IDT)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
iSkysoft Video Converter(Build 3.1.1.0) (HKLM\...\iSkysoft Video Converter_is1) (Version:  - iSkysoft Software)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lucid Dream Preparation (HKLM\...\Lucid Dream Preparation_is1) (Version:  - )
Magic ISO Maker v5.4 (build 0239) (HKLM\...\Magic ISO Maker v5.4 (build 0239)) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Osmo4/GPAC (remove only) (HKLM\...\Osmo4) (Version:  - )
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Ports Of Call Simulator 3d - Updater (HKLM\...\Ports Of Call Simulator 3d - Updater) (Version:  - )
Ports Of Call Simulator 3d (HKLM\...\Ports Of Call Simulator 3d) (Version:  - )
Ports Of Call XXL (HKLM\...\Ports Of Call XXL) (Version:  - )
Ports Of Call XXL WEB installer (HKLM\...\Ports Of Call XXL WEB installer) (Version: 1.0.13 - MMS Dipl.-Ing. Rolf-Dieter Klein)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Quintessential Player (HKLM\...\Quintessential Player) (Version: 4.51 - Quinnware)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd)
Recovery Manager (Version: 2.0.0 - Hewlett-Packard) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
Topaz  InFocus (HKLM\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (Version: 4.1.0 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (Version: 2.0.5 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (Version: 3.1.0 - Topaz Labs) Hidden
TunnelBear (HKLM\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (Version: 2.2.25.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{219D3EAA-D5B5-9D41-67F5-C9D57885EE5A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

06-08-2015 17:39:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-13 19:24 - 2014-08-30 00:52 - 00000924 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
google.com serena.costa.it
google.com onboardportal.serena.costa.it

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009986E1-084C-45EA-9604-7C8FC043A1B3} - System32\Tasks\RealCreateProcessScheduledTask1255228849S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {103AAA73-BD59-4F3F-9257-15810F30E961} - System32\Tasks\HPCeeScheduleForinFidel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {20E6881A-B853-4D82-82C7-F135398C8FCF} - System32\Tasks\{351260BE-BC63-47A8-966B-0729B8279AC5} => pcalua.exe -a C:\PROGRA~1\poc\pocxxl\UNWISE.EXE -c C:\PROGRA~1\poc\pocxxl\INSTAL~1.LOG
Task: {354FB93B-2CD8-4E84-B8F4-FB347026CEF3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4885BD6E-AB34-4F93-B1BF-6F00AC56797E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4BEFD5F4-9E85-4068-8279-BBDB61B181CB} - System32\Tasks\AdobeAAMUpdater-1.0-inFidel-1337-inFidel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {53A86098-E92D-465A-9992-5B0DE052377E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {55E475E8-CD21-4285-BC33-0BB31C3C0F3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {5AD50DD1-F8CB-44BD-8037-C916B4487505} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {5AD99B81-4044-4598-A14C-A96AA6485E44} - System32\Tasks\RealCreateProcessScheduledTask422498102S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {5E9E1543-5646-4D83-9217-C26BFFF0EB9A} - System32\Tasks\ReclaimerUpdateXML_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6283D386-3EE5-4D2C-9649-D392BC8BD632} - System32\Tasks\ReclaimerUpdateFiles_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6862C974-65DA-4679-BDFD-4822FAEBEF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {70EFD96E-15A1-4F5C-9D80-C7DF43B7FE07} - System32\Tasks\RealCreateProcessScheduledTask1816915314S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {71E639F9-8720-44DC-BCB3-361CCF47B5E9} - System32\Tasks\RNUpgradeHelperResumePrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {7D6D93E2-73C2-4AC5-A718-42BE28FC0578} - System32\Tasks\RealCreateProcessScheduledTask252138895S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {7F68AF9C-4412-453D-8D6E-5416A6416BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {82B34A9E-CDE5-485B-AB0D-18F493C00310} - System32\Tasks\RealCreateProcessScheduledTask1575878248S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {860EC9CB-A3CF-4BBB-AABD-71E1A4B14DA9} - System32\Tasks\RealCreateProcessScheduledTask3427956672S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {8F7EB076-1391-433B-8052-A4439A675A14} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {98CB750C-B919-409C-8666-BCE5246A5CB8} - System32\Tasks\RealCreateProcessScheduledTask977211496S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {9DD41417-F1DD-4A5E-AAD3-B08331EB3424} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A069C56C-0897-4BA2-8D03-F6053EF86B9D} - System32\Tasks\RNUpgradeHelperLogonPrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {A5FC74E8-BD6D-4D81-9B55-F1ADB1730C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B72CD943-73BF-44B2-B595-9696646795E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BD56AF2E-907C-44C8-897A-40C9806F3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {BED9992B-B1C6-4AB7-B3C5-C88E6B6520D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C2D86B3B-2BC1-431E-8AE1-473AC64CFB88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {C4878030-99B3-45D1-BC5A-106549CAD895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {C93C598B-FEB8-4255-8540-FA81DA29185A} - System32\Tasks\{C4DE863C-94D5-40D1-9C25-152C05E4A3BC} => pcalua.exe -a C:\PROGRA~1\MagicISO\UNWISE.EXE -c C:\PROGRA~1\MagicISO\INSTALL.LOG
Task: {CC2282AC-B4DA-4915-BB90-D9CB1E511BEE} - System32\Tasks\RealCreateProcessScheduledTask3586971720S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {CFF52379-353C-4C55-9ACF-0752840AB3FE} - System32\Tasks\RealCreateProcessScheduledTask3278052768S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {D05CC1AE-6F8F-46AA-B059-78292F4FA782} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {D44DD388-5750-4948-BAAE-C734BB0EADE8} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-07-07] (CyberLink)
Task: {DC16CBDE-AA9E-4210-A986-8D68EA498A7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0BA284D-66A1-45B7-81C3-26863D50B281} - System32\Tasks\RealCreateProcessScheduledTask3543218697S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {E7973815-D42D-4EDC-9FCF-88D6231943D2} - System32\Tasks\RealCreateProcessScheduledTask460272418S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {EDA8FD07-340F-4073-8D95-DB2FBBF08B12} - System32\Tasks\RealCreateProcessScheduledTask1257031909S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {FA930F2A-9ECB-4043-836C-6C803C2FB6D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForinFidel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\inFidel\Desktop\NEW-LOGO-2014.png:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.9.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TunnelBearMaintenance => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^inFidel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP CoolSense => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\update\realsched.exe"  -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13150711-637C-4B7B-B015-927C8AFD0B34}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8A11AF01-A2E1-42FE-A548-E27057A37A69}] => (Allow) LPort=2869
FirewallRules: [{8FC51FDF-9204-4114-B98C-FDE066FE7A42}] => (Allow) LPort=1900
FirewallRules: [{D7B0BF1F-5AC7-4BDE-95EA-48353153D9B2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B1C6C39-989E-45C0-85C8-30E9EE046446}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{EA72AEC1-BC41-41FC-8C9B-F2CC50E56246}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{503748D5-04FD-4FC0-BBEF-613EACE3B0B4}] => (Allow) C:\Program Files\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{25C05E15-0F88-43CA-BF88-A6699555192D}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{CDEB5FDC-6FE5-427D-970A-078496B66720}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4ABDBE74-524E-4004-A29E-964F100DDD72}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{596B2558-52B5-43EA-9382-68F871A3FE16}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20EDB504-9744-4606-A198-B9171F7071F8}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{29A5756D-6F75-4441-AEC2-96EAE6476ED7}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D7EC3FAC-2050-402C-A6B3-BCDC169A855D}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{BA03B495-55E6-4CE0-B8A0-5EED5450DD01}] => (Allow) LPort=1542
FirewallRules: [{9CD2D101-7391-45AF-94F1-2E464E048363}] => (Allow) LPort=1542
FirewallRules: [{1A48C6AB-4E1D-413C-9378-D793A3DAA5EB}] => (Allow) LPort=53
FirewallRules: [TCP Query User{5036818C-8EB0-4344-9929-64EF17FD885E}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60E77581-9FF8-4C73-A6F6-31EA5EDD5B70}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AEC02BD7-A6E1-421E-ADFC-D1F45C07C0FC}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{65367420-F09D-46F0-A7A8-8E3AFF5E2386}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{B74A1F15-39F3-4CE2-8A7C-5F2E46B37A39}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [UDP Query User{272B80D2-3BCE-42F7-B2C0-CDD78C884450}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [{C16841EF-920F-4323-99D5-3D3993DCD3F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9CAFFCC9-9E0A-4911-809B-CA1C52D63A48}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C4998E5E-82F4-44DB-A08C-94E5ABAFADD8}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{A2B7E03B-E010-4968-A99A-C82E2107E370}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8C81D482-2533-4D4C-938F-E257F60AF7F2}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{18AB7373-127E-42E2-AA72-B9FBC9C3951E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C421BD34-A57C-4D92-9AA3-E92DAA163EB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F8762FD3-57FF-4E15-8A90-90F2C5B5FE14}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{795010D6-440A-4A01-803D-57EA1877225B}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F38BFF15-E50E-4187-8426-369D6AABDF6D}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEA7936-A8B5-4B08-98AA-B3EB0A451214}] => (Allow) C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2015 04:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 31%
Total physical RAM: 3578.91 MB
Available physical RAM: 2442.13 MB
Total Virtual: 7156.13 MB
Available Virtual: 6071.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:50.44 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.73 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
Drive f: (Data) (Fixed) (Total:345.86 GB) (Free:152.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6500A13B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=365.6 GB) - (Type=OF Extended)

==================== End of log ============================

 

And here is the procexp log after 1 minute run:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    81.14    0 K    24 K    0        
procexp.exe    8.23    19.276 K    33.716 K    2788    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com
System    1.49    48 K    760 K    4        
firefox.exe    3.55    319.344 K    323.296 K    3320    Firefox    Mozilla Corporation
Interrupts    1.98    0 K    0 K    n/a    Hardware Interrupts and DPCs    
SynTPEnh.exe    1.66    7.276 K    9.748 K    2548    Synaptics TouchPad Enhancements    Synaptics Incorporated
csrss.exe    0.55    10.024 K    9.440 K    464    Client Server Runtime Process    Microsoft Corporation
dwm.exe    0.15    1.360 K    5.268 K    2312    Desktop Window Manager    Microsoft Corporation
explorer.exe    0.13    50.964 K    63.652 K    2320    Windows Explorer    Microsoft Corporation
svchost.exe    0.05    3.120 K    7.128 K    644    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.04    10.572 K    10.900 K    1476    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.03    44.608 K    27.788 K    4008    Host Process for Windows Services    Microsoft Corporation
SearchIndexer.exe    0.03    24.208 K    16.308 K    2824    Microsoft Windows Search Indexer    Microsoft Corporation
svchost.exe    0.01    5.196 K    9.260 K    956    Host Process for Windows Services    Microsoft Corporation
taskhost.exe    0.01    6.020 K    8.692 K    2152    Host Process for Windows Tasks    Microsoft Corporation
svchost.exe    0.01    12.424 K    12.728 K    1244    Host Process for Windows Services    Microsoft Corporation
WLIDSVC.EXE    0.01    4.512 K    10.796 K    1836    Microsoft® Windows Live ID Service    Microsoft Corp.
svchost.exe    < 0.01    21.840 K    33.892 K    1012    Host Process for Windows Services    Microsoft Corporation
csrss.exe        1.268 K    3.388 K    372    Client Server Runtime Process    Microsoft Corporation
svchost.exe    < 0.01    2.564 K    5.632 K    768    Host Process for Windows Services    Microsoft Corporation
WmiPrvSE.exe        1.892 K    4.716 K    984    WMI Provider Host    Microsoft Corporation
WLIDSVCM.EXE        652 K    2.388 K    1912    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
wlanext.exe        1.308 K    4.040 K    1352    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation
winlogon.exe        1.804 K    5.532 K    700    Windows Logon Application    Microsoft Corporation
wininit.exe        972 K    3.412 K    456    Windows Start-Up Application    Microsoft Corporation
SynTPHelper.exe        604 K    2.496 K    2704    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        73.152 K    79.564 K    900    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.288 K    4.044 K    1956    Host Process for Windows Services    Microsoft Corporation
svchost.exe        12.708 K    13.124 K    808    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.088 K    3.872 K    3700    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.452 K    4.896 K    1720    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.500 K    6.740 K    1604    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.768 K    4.508 K    2216    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.924 K    8.180 K    1560    Host Process for Windows Services    Microsoft Corporation
spoolsv.exe        5.572 K    10.116 K    1440    Spooler SubSystem App    Microsoft Corporation
smss.exe        264 K    772 K    260    Windows Session Manager    Microsoft Corporation
services.exe        3.592 K    6.584 K    504    Services and Controller app    Microsoft Corporation
lsm.exe        1.248 K    3.032 K    536    Local Session Manager Service    Microsoft Corporation
lsass.exe        4.232 K    10.652 K    528    Local Security Authority Process    Microsoft Corporation
GWX.exe        2.672 K    924 K    2944    GWX    Microsoft Corporation
conhost.exe        492 K    2.112 K    1364    Console Window Host    Microsoft Corporation
alg.exe        1.052 K    3.768 K    1288    Application Layer Gateway Service    Microsoft Corporation

  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

OK.  The SFC complaint is a MS mistake.  Nothing wrong there.  The System and Application errors are almost gone.  The remaining error:

 

Application errors:
==================
Error: (08/08/2015 04:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Has a Fixit for it but it's not important. 

 

http://support.microsoft.com/kb/2545227/en-us (This one says en-us.  You may need to search microsoft.com for KB 2545227 to find one in your language.

 

Right click on Computer and select Manage then Device manager.  View, Show Hidden Devices.  Look in the right pane for yellow or red flagged items.  You should at least see Bluetooth Peripheral Device with a flag.  Right click on it and Disable. 

 

I would uninstall Real Player.  It has too many tasks scheduled.  Let's uninstall it then run another FRST (with Addition) log to see if it took out its many tasks.  I expect we will need to remove them with FRST.  You can reinstall it later if it's something you use.

 

 

 

Process Explorer doesn't look too bad.  Just Interrupts are a tad high.  Are your videos still jerky?   What does Speedfan say about the temps?


  • 0

#27
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

I got the FixIt and run it. It says that Microsoft Fix has been processed. Should I scan for critical files again?

In Device Manager, the Bluetooth Peripheral Device was the only one with a yellow exclamation sign.

I've disabled it has some down arrow symbol instead.

I have uninstalled Real Player (I don't use it anyways) but also some other programs (around 10 of them). While checking the programs there I saw Java again. I thought that maybe it got back when I switched from Win10 to Win7 but when I tried to uninstall it I couldn't because it seems like the programs are atually missing even tho they are visible in the program list. Not sure what's going on with that.

 

Here is the FRST log after removing the programs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:08-08-2015 01
Ran by inFidel (administrator) on INFIDEL-1337 (08-08-2015 19:15:20)
Running from C:\Users\inFidel\Desktop\FRST
Loaded Profiles: inFidel (Available Profiles: inFidel)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{105A5B5F-4AF5-4AF1-ABB2-C5304DF513A9}: [DhcpNameServer] 192.168.101.99 194.25.0.60
Tcpip\..\Interfaces\{179481F9-0A44-409D-9AD9-2FE55069DD52}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A17A0D3A-9613-4F2B-A3D1-28C472C7F6A8}: [DhcpNameServer] 192.168.43.1

FireFox:
========
FF ProfilePath: C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @gpac/osmozilla,version=1.0 -> C:\Program Files\GPAC\nposmozilla.dll [2014-04-25] ( )
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-11-21] (Apple Inc.)
FF Extension: Youtube Accelerator Helper - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-07-14]
FF Extension: iMacros for Firefox - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-07-29]
FF Extension: Browsec - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: TinEye Reverse Image Search - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2012-06-29]
FF Extension: Search By Image (by Google) - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2012-06-29]
FF Extension: Adblock Plus - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]

Chrome:
=======
CHR Profile: C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Please enter your password) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-06-09]
CHR Extension: (YouTube) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-13]
CHR Extension: (Adblock Plus) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-19]
CHR Extension: (Pushbullet) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-01-02]
CHR Extension: (Google Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-13]
CHR Extension: (Search by Image (by Google)) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2012-12-16]
CHR Extension: (Tampermonkey) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-06-09]
CHR Extension: (Chrome Speak) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2015-02-23]
CHR Extension: (Stylish) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-09]
CHR Extension: (Select and Speak - Text to Speech) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2015-02-23]
CHR Extension: (Notty Notes) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbmjahbkbhakkfgjiggdclpmmpmhajn [2013-06-09]
CHR Extension: (Planetarium) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-06-09]
CHR Extension: (AdBlock) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-21]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-07-31]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-12-16]
CHR Extension: (TweetDeck by Twitter) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-09]
CHR Extension: (Eye Dropper) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Quick Note) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-06-09]
CHR Extension: (EXIF Reader) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-06-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (YT Repeat) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piicimoiaiblachamdicgngccadhlecl [2013-06-09]
CHR Extension: (Gmail) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-13]
StartMenuInternet: Google Chrome - C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-11-02] (ABBYY (BIT Software)) [File not signed]
S4 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282706 2011-07-01] (IDT, Inc.)
S4 TunnelBearMaintenance; C:\Program Files\TunnelBear\TBear.Maintenance.exe [26048 2014-07-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [142504 2011-07-15] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [551976 2011-07-15] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [76328 2011-07-15] (Broadcom Corporation.)
R2 CDRPDACC; C:\Program Files\Quintessential Player\cdrpdacc.sys [5273 2005-12-06] (Arrowkey) [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation                           )
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-06-17] (The OpenVPN Project)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-06-10] (Apple, Inc.) [File not signed]
U3 Winsock; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 18:52 - 2015-08-08 18:53 - 00671232 _____ C:\Users\inFidel\Desktop\MicrosoftFixit50688.msi
2015-08-08 17:08 - 2015-08-08 18:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-06 19:45 - 2015-08-08 19:15 - 00000000 ____D C:\Users\inFidel\Desktop\FRST
2015-08-06 18:11 - 2015-08-08 17:31 - 00003660 _____ C:\Users\inFidel\Desktop\Hardware Interrupts and DPCs.txt
2015-08-06 18:06 - 2015-08-06 18:07 - 00050385 _____ C:\Users\inFidel\Desktop\Addition.txt
2015-08-06 18:03 - 2015-08-06 18:07 - 00048514 _____ C:\Users\inFidel\Desktop\FRST.txt
2015-08-06 17:20 - 2015-08-06 17:20 - 00000000 ____D C:\$SysReset
2015-08-05 20:26 - 2015-08-05 21:06 - 00061440 _____ ( ) C:\Users\inFidel\Desktop\VEW.exe
2015-08-05 20:00 - 2015-08-08 19:15 - 00000684 _____ C:\Users\inFidel\Desktop\GTG reply.txt
2015-08-05 19:55 - 2015-08-05 19:57 - 05127432 _____ (Piriform Ltd) C:\Users\inFidel\Desktop\spsetup128.exe
2015-08-05 19:43 - 2015-08-05 19:43 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\inFidel\Desktop\procexp.exe
2015-08-05 19:21 - 2015-08-08 19:15 - 00000000 ____D C:\FRST
2015-08-04 15:46 - 2015-08-04 16:03 - 179110784 _____ (AMD Inc.) C:\Users\inFidel\Desktop\amd-catalyst-15.7.1-win10-32bit.exe
2015-08-04 15:39 - 2015-08-04 15:40 - 05455048 _____ (Advanced Micro Devices, Inc.) C:\Users\inFidel\Desktop\autodetectutility.exe
2015-07-30 05:28 - 2015-08-07 03:34 - 00000000 __SHD C:\Recovery
2015-07-30 04:58 - 2015-07-30 04:58 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-07-29 19:33 - 2015-08-04 16:03 - 00000000 ____D C:\AMD
2015-07-29 18:20 - 2015-07-29 20:14 - 00010449 _____ C:\Windows\diagerr.xml
2015-07-29 18:20 - 2015-07-29 20:14 - 00009528 _____ C:\Windows\diagwrn.xml
2015-07-29 02:33 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:33 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:33 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:33 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 02:26 - 2015-08-07 03:26 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 20:20 - 2015-07-28 20:20 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-28 20:20 - 2015-07-28 20:20 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-28 20:19 - 2015-07-28 20:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-27 20:49 - 2015-07-27 20:49 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-07-20 21:02 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 21:02 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-18 04:45 - 2015-07-18 04:45 - 00000000 ____D C:\Users\inFidel\AppData\Local\GWX
2015-07-15 16:20 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 16:20 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 16:20 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 16:20 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 16:20 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 16:20 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 16:20 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 16:20 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 16:20 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 16:20 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 16:19 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 16:19 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 16:19 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 16:19 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 16:19 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 16:17 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 16:17 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 16:16 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 16:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 16:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 16:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 16:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 16:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 16:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 16:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 16:06 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 16:06 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:06 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 16:06 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:06 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 16:06 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 16:06 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 16:06 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:06 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:06 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 16:06 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:06 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 16:06 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 16:06 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 16:06 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 16:06 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 16:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 16:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 16:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 16:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 16:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 16:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-10 13:17 - 2015-08-06 17:42 - 00000000 ___HD C:\$Windows.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 19:08 - 2014-07-03 00:41 - 00000000 ____D C:\Program Files\Futuremark
2015-08-08 19:05 - 2013-11-21 10:43 - 00000000 ____D C:\ProgramData\Apple
2015-08-08 19:03 - 2014-07-22 14:02 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-08-08 19:00 - 2012-07-02 21:01 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Real
2015-08-08 19:00 - 2012-07-02 21:01 - 00000000 ____D C:\Program Files\Real
2015-08-08 18:55 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-08 18:55 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-08 18:52 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-08 18:50 - 2011-10-24 10:57 - 01938563 ____N C:\Windows\WindowsUpdate.log
2015-08-08 18:48 - 2012-07-09 16:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-08 18:47 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-07 03:27 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-07 03:26 - 2015-05-09 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 03:26 - 2014-10-22 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-07 03:26 - 2014-08-02 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-07 03:26 - 2014-07-14 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2015-08-07 03:26 - 2014-07-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2015-08-07 03:26 - 2014-07-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-07 03:26 - 2014-07-03 00:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 03:26 - 2014-04-26 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-08-07 03:26 - 2014-04-26 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Osmo4
2015-08-07 03:26 - 2013-12-13 03:07 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2015-08-07 03:26 - 2013-11-21 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 03:26 - 2013-11-10 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0
2015-08-07 03:26 - 2013-04-15 05:15 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-15 05:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-14 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 03:26 - 2013-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-07 03:26 - 2012-12-29 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-08-07 03:26 - 2012-07-10 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 03:26 - 2012-07-10 00:30 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-07 03:26 - 2012-07-10 00:25 - 00000000 ____D C:\Windows\SHELLNEW
2015-08-07 03:26 - 2012-06-28 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALFA Wireless LAN Utility
2015-08-07 03:26 - 2012-06-28 21:12 - 00000000 ____D C:\Windows\system32\RtlGina
2015-08-07 03:26 - 2012-04-13 20:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quintessential Player
2015-08-07 03:26 - 2012-04-13 19:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 03:26 - 2012-04-11 22:21 - 00000000 ____D C:\Windows\system32\%COREALLUSERPATH%
2015-08-07 03:26 - 2011-10-24 11:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-08-07 03:26 - 2011-10-24 10:56 - 00000000 ____D C:\Program Files\IDT
2015-08-07 03:26 - 2011-08-12 11:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-07 03:26 - 2011-08-12 11:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-08-07 03:26 - 2011-08-12 11:04 - 00000000 ____D C:\Windows\system32\Adobe
2015-08-07 03:26 - 2011-08-12 11:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-07 03:26 - 2011-08-12 11:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-07 03:26 - 2011-08-12 10:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-07 03:26 - 2011-06-14 06:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-06 19:53 - 2015-06-22 22:37 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 19:53 - 2014-10-06 20:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 19:53 - 2012-04-13 19:06 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 17:54 - 2014-06-06 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-06 17:52 - 2014-07-03 15:24 - 00000000 ____D C:\Windows\pss
2015-08-06 17:44 - 2012-06-28 14:10 - 00000000 ___RD C:\Users\inFidel\Dropbox
2015-08-06 17:44 - 2012-06-28 14:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Dropbox
2015-08-06 17:42 - 2014-07-02 17:17 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-06 16:12 - 2012-04-12 18:30 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieUserList
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieSiteList
2015-08-06 13:59 - 2014-07-30 16:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\ViberPC
2015-08-06 13:59 - 2014-07-30 16:16 - 00000000 ____D C:\Users\inFidel\AppData\Local\Viber
2015-08-06 12:01 - 2014-07-02 20:29 - 00000000 ____D C:\Program Files\SpeedFan
2015-08-04 17:03 - 2013-09-08 19:30 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\vlc
2015-08-03 22:10 - 2013-07-20 00:02 - 00001456 _____ C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-30 01:55 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel\AppData\Local\VirtualStore
2015-07-29 20:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-29 19:59 - 2014-06-30 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 18:19 - 2007-01-02 01:53 - 00000000 ____D C:\Windows\Panther
2015-07-29 02:32 - 2015-06-22 22:37 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-29 02:23 - 2012-04-13 19:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-28 20:18 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-28 19:36 - 2014-07-02 20:29 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2015-07-28 02:04 - 2015-04-18 21:35 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForinFidel.job
2015-07-27 20:57 - 2015-04-05 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 19:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-25 17:25 - 2012-09-18 12:56 - 00000000 ____D C:\ProgramData\xml_param
2015-07-23 11:17 - 2012-06-28 22:19 - 00000000 ____D C:\Windows\Minidump
2015-07-23 11:00 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-21 21:00 - 2009-07-14 06:33 - 03823832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 23:02 - 2011-08-12 11:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-18 20:10 - 2014-07-02 17:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-16 15:00 - 2015-05-09 18:46 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:23 - 2013-11-19 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:52 - 2012-07-10 00:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2012-04-13 20:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 12:40 - 2011-08-12 10:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-07-04 14:08 - 2013-05-05 15:24 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-07-20 00:02 - 2015-08-03 22:10 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-02-21 07:29 - 2014-12-14 23:09 - 0007627 _____ () C:\Users\inFidel\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-25 19:06

==================== End of log ============================

 

And here is the FRST Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:08-08-2015 01
Ran by inFidel (2015-08-08 19:17:15)
Running from C:\Users\inFidel\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4041656617-1838989228-2178339868-500 - Administrator - Disabled)
Guest (S-1-5-21-4041656617-1838989228-2178339868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4041656617-1838989228-2178339868-1004 - Limited - Enabled)
inFidel (S-1-5-21-4041656617-1838989228-2178339868-1000 - Administrator - Enabled) => C:\Users\inFidel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
ATI Catalyst Install Manager (HKLM\...\{A930C335-3FC8-A452-B8CA-F3998969CA3A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1600 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1600 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Google Chrome (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM\...\{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}) (Version: 2.1.0 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{7414C891-720D-4E86-85E5-C3AA898DA9EC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company)
HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM\...\{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}) (Version: 3.1.0.9791 - Hewlett-Packard Company)
HP Setup (HKLM\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6351.0 - IDT)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
iSkysoft Video Converter(Build 3.1.1.0) (HKLM\...\iSkysoft Video Converter_is1) (Version:  - iSkysoft Software)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Osmo4/GPAC (remove only) (HKLM\...\Osmo4) (Version:  - )
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Ports Of Call Simulator 3d - Updater (HKLM\...\Ports Of Call Simulator 3d - Updater) (Version:  - )
Ports Of Call Simulator 3d (HKLM\...\Ports Of Call Simulator 3d) (Version:  - )
Ports Of Call XXL (HKLM\...\Ports Of Call XXL) (Version:  - )
Ports Of Call XXL WEB installer (HKLM\...\Ports Of Call XXL WEB installer) (Version: 1.0.13 - MMS Dipl.-Ing. Rolf-Dieter Klein)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Quintessential Player (HKLM\...\Quintessential Player) (Version: 4.51 - Quinnware)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd)
Recovery Manager (Version: 2.0.0 - Hewlett-Packard) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
Topaz  InFocus (HKLM\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (Version: 4.1.0 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (Version: 2.0.5 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (Version: 3.1.0 - Topaz Labs) Hidden
TunnelBear (HKLM\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (Version: 2.2.25.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{219D3EAA-D5B5-9D41-67F5-C9D57885EE5A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

06-08-2015 17:39:43 Windows Update
08-08-2015 18:53:41 Installed Microsoft Fix it 50688
08-08-2015 19:01:35 Removed iTunes
08-08-2015 19:04:43 Removed Apple Application Support
08-08-2015 19:05:50 Removed Apple Software Update
08-08-2015 19:06:39 Removed Apple Mobile Device Support
08-08-2015 19:07:13 Removed Bonjour
08-08-2015 19:08:31 Removed Futuremark SystemInfo

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-13 19:24 - 2014-08-30 00:52 - 00000924 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
google.com serena.costa.it
google.com onboardportal.serena.costa.it

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009986E1-084C-45EA-9604-7C8FC043A1B3} - System32\Tasks\RealCreateProcessScheduledTask1255228849S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {103AAA73-BD59-4F3F-9257-15810F30E961} - System32\Tasks\HPCeeScheduleForinFidel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {20E6881A-B853-4D82-82C7-F135398C8FCF} - System32\Tasks\{351260BE-BC63-47A8-966B-0729B8279AC5} => pcalua.exe -a C:\PROGRA~1\poc\pocxxl\UNWISE.EXE -c C:\PROGRA~1\poc\pocxxl\INSTAL~1.LOG
Task: {354FB93B-2CD8-4E84-B8F4-FB347026CEF3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {4885BD6E-AB34-4F93-B1BF-6F00AC56797E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4BEFD5F4-9E85-4068-8279-BBDB61B181CB} - System32\Tasks\AdobeAAMUpdater-1.0-inFidel-1337-inFidel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {53A86098-E92D-465A-9992-5B0DE052377E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {55E475E8-CD21-4285-BC33-0BB31C3C0F3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {5AD50DD1-F8CB-44BD-8037-C916B4487505} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {5AD99B81-4044-4598-A14C-A96AA6485E44} - System32\Tasks\RealCreateProcessScheduledTask422498102S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {5E9E1543-5646-4D83-9217-C26BFFF0EB9A} - System32\Tasks\ReclaimerUpdateXML_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6283D386-3EE5-4D2C-9649-D392BC8BD632} - System32\Tasks\ReclaimerUpdateFiles_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6862C974-65DA-4679-BDFD-4822FAEBEF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {70EFD96E-15A1-4F5C-9D80-C7DF43B7FE07} - System32\Tasks\RealCreateProcessScheduledTask1816915314S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {71E639F9-8720-44DC-BCB3-361CCF47B5E9} - System32\Tasks\RNUpgradeHelperResumePrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {7D6D93E2-73C2-4AC5-A718-42BE28FC0578} - System32\Tasks\RealCreateProcessScheduledTask252138895S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {7F68AF9C-4412-453D-8D6E-5416A6416BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {82B34A9E-CDE5-485B-AB0D-18F493C00310} - System32\Tasks\RealCreateProcessScheduledTask1575878248S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {860EC9CB-A3CF-4BBB-AABD-71E1A4B14DA9} - System32\Tasks\RealCreateProcessScheduledTask3427956672S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {8F7EB076-1391-433B-8052-A4439A675A14} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {98CB750C-B919-409C-8666-BCE5246A5CB8} - System32\Tasks\RealCreateProcessScheduledTask977211496S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {9DD41417-F1DD-4A5E-AAD3-B08331EB3424} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A069C56C-0897-4BA2-8D03-F6053EF86B9D} - System32\Tasks\RNUpgradeHelperLogonPrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {A5FC74E8-BD6D-4D81-9B55-F1ADB1730C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B72CD943-73BF-44B2-B595-9696646795E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BD56AF2E-907C-44C8-897A-40C9806F3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BED9992B-B1C6-4AB7-B3C5-C88E6B6520D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C2D86B3B-2BC1-431E-8AE1-473AC64CFB88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {C4878030-99B3-45D1-BC5A-106549CAD895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {C93C598B-FEB8-4255-8540-FA81DA29185A} - System32\Tasks\{C4DE863C-94D5-40D1-9C25-152C05E4A3BC} => pcalua.exe -a C:\PROGRA~1\MagicISO\UNWISE.EXE -c C:\PROGRA~1\MagicISO\INSTALL.LOG
Task: {CC2282AC-B4DA-4915-BB90-D9CB1E511BEE} - System32\Tasks\RealCreateProcessScheduledTask3586971720S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {CFF52379-353C-4C55-9ACF-0752840AB3FE} - System32\Tasks\RealCreateProcessScheduledTask3278052768S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {D05CC1AE-6F8F-46AA-B059-78292F4FA782} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {D44DD388-5750-4948-BAAE-C734BB0EADE8} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-07-07] (CyberLink)
Task: {DC16CBDE-AA9E-4210-A986-8D68EA498A7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E0BA284D-66A1-45B7-81C3-26863D50B281} - System32\Tasks\RealCreateProcessScheduledTask3543218697S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {E7973815-D42D-4EDC-9FCF-88D6231943D2} - System32\Tasks\RealCreateProcessScheduledTask460272418S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {EDA8FD07-340F-4073-8D95-DB2FBBF08B12} - System32\Tasks\RealCreateProcessScheduledTask1257031909S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe
Task: {FA930F2A-9ECB-4043-836C-6C803C2FB6D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForinFidel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\inFidel\Desktop\NEW-LOGO-2014.png:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.9.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TunnelBearMaintenance => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^inFidel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP CoolSense => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\update\realsched.exe"  -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13150711-637C-4B7B-B015-927C8AFD0B34}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8A11AF01-A2E1-42FE-A548-E27057A37A69}] => (Allow) LPort=2869
FirewallRules: [{8FC51FDF-9204-4114-B98C-FDE066FE7A42}] => (Allow) LPort=1900
FirewallRules: [{D7B0BF1F-5AC7-4BDE-95EA-48353153D9B2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B1C6C39-989E-45C0-85C8-30E9EE046446}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{EA72AEC1-BC41-41FC-8C9B-F2CC50E56246}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{503748D5-04FD-4FC0-BBEF-613EACE3B0B4}] => (Allow) C:\Program Files\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{25C05E15-0F88-43CA-BF88-A6699555192D}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{CDEB5FDC-6FE5-427D-970A-078496B66720}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4ABDBE74-524E-4004-A29E-964F100DDD72}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{596B2558-52B5-43EA-9382-68F871A3FE16}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20EDB504-9744-4606-A198-B9171F7071F8}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{29A5756D-6F75-4441-AEC2-96EAE6476ED7}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D7EC3FAC-2050-402C-A6B3-BCDC169A855D}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{BA03B495-55E6-4CE0-B8A0-5EED5450DD01}] => (Allow) LPort=1542
FirewallRules: [{9CD2D101-7391-45AF-94F1-2E464E048363}] => (Allow) LPort=1542
FirewallRules: [{1A48C6AB-4E1D-413C-9378-D793A3DAA5EB}] => (Allow) LPort=53
FirewallRules: [TCP Query User{5036818C-8EB0-4344-9929-64EF17FD885E}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60E77581-9FF8-4C73-A6F6-31EA5EDD5B70}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AEC02BD7-A6E1-421E-ADFC-D1F45C07C0FC}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{65367420-F09D-46F0-A7A8-8E3AFF5E2386}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{B74A1F15-39F3-4CE2-8A7C-5F2E46B37A39}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [UDP Query User{272B80D2-3BCE-42F7-B2C0-CDD78C884450}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [{C16841EF-920F-4323-99D5-3D3993DCD3F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9CAFFCC9-9E0A-4911-809B-CA1C52D63A48}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C4998E5E-82F4-44DB-A08C-94E5ABAFADD8}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{A2B7E03B-E010-4968-A99A-C82E2107E370}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8C81D482-2533-4D4C-938F-E257F60AF7F2}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{795010D6-440A-4A01-803D-57EA1877225B}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F38BFF15-E50E-4187-8426-369D6AABDF6D}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEA7936-A8B5-4B08-98AA-B3EB0A451214}] => (Allow) C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{1FB861E9-7B3C-4DBD-8B40-7B4A4BE0617E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FDE1279A-6854-4A56-8D47-6968BEA99D94}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2015 06:49:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2015 04:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/08/2015 06:47:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:34:47 on ‎8.‎8.‎2015 was unexpected.


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 3578.91 MB
Available physical RAM: 2375.72 MB
Total Virtual: 7156.13 MB
Available Virtual: 6032.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:51.18 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.73 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
Drive f: (Data) (Fixed) (Total:345.86 GB) (Free:152.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6500A13B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=365.6 GB) - (Type=OF Extended)

==================== End of log ============================

 

Regarding SpeedFan, the temperatures seem quite the same... Around 65 deegres C with one Mozilla Firefox (1 tab, this thread) opened, after doing the above actions. The laptop is on the table (no books around).

 

speedfan.png

 

After playing the same video as before, the temperatures raised again to 70-ish degrees C.

 

The same video was jerky again. Started lagging a bit at the beginning and after 20-ish seconds stopped completely, only auio continued.


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 60
JavaFX 2.1.1

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
 

 

No need to run SFC again. 

 

Do you have a vacuum cleaner with a hose?  See if holding the vacuum cleaner hose at the exhaust will keep the temps down while you play a video.  Does that make a difference?

 

What is the full model number of your notebook?


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Forgot to give you a new fixlist.

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.


  • 0

#30
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

I cannot clear the cache because I cannot open Java. It seems like it's there but I cannot open it and neither uninstall it.

 

The 2 Java programs are visible from the 'Programs and Features' window:

 

java4.png

 

But when I try to uninstall it the next windows (errors) appear:

 

java1.png

 

java2.png

 

java3.png

 

 

Should I try installing the latest Java and then try to clear the cache? Would that work?

 

I'll now do the fix and post the logs in the next reply.


  • 0






Similar Topics


Also tagged with one or more of these keywords: slow, windows 10, hp pavilion dm1, help, problem

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP