This topic is locked
Google Chrome on some sites not loading images, Youtube seems to load slower.
Did Malwarebytes scan and nothing came up, Eset scan pulled 4 viruses and removed it, Roguekiller showed Zeroaccess but decided to have the GTG experts chime in now!
Below are the FRST and ADDITION:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by pete626 (administrator) on PETE626-PC (02-09-2015 07:52:15)
Running from C:\Users\pete626\Desktop
Loaded Profiles: pete626 (Available Profiles: pete626)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.3\J2GDllCmd.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Aly Development LLC - tickStrike.com) C:\Users\pete626\AppData\Local\tickStrike\TickStrikePlayer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-07] (Greenshot)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-09-11] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-10-17] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-10-17] (CyberLink)
HKLM-x32\...\Run: [eFax 4.3] => C:\Program Files (x86)\eFax Messenger 4.3\J2GDllCmd.exe [116224 2007-03-06] (j2 Global Communications, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [DVDAgent] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2009-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-05-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL [2009-09-05] (SUPERAntiSpyware.com)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dllATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-13] (Google Inc.)
HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\Run: [SP TimeSync] => C:\Program Files (x86)\SP TimeSync 2.4\SP TimeSync.exe [94720 2010-02-07] ()
HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3490244186-3468089063-3122976493-1000\$7cf9f803af071ddeabee48c05c97df23\n.ATTENTION! ====> ZeroAccess?
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2009-03-09]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2009-02-17]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3490244186-3468089063-3122976493-1000] => http=127.0.0.1:25448
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{34654241-E3AE-46C7-94FA-22C7BC334DF8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{D1A1ECC8-031F-4BEA-8631-EAFA6816BD06}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt
SearchScopes: HKLM -> {89E6387E-E170-4FB9-9139-30BC1EF1797A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
SearchScopes: HKLM -> {B3A90B80-C73F-4695-9140-209782CFBC2D} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {89E6387E-E170-4FB9-9139-30BC1EF1797A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
SearchScopes: HKLM-x32 -> {B3A90B80-C73F-4695-9140-209782CFBC2D} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> {2A2F443E-213D-43CE-9DB6-6AD5F3A2FC57} URL = hxxp://search.yahoo.com/search?type=61107&fr=freecause&ei=utf-8&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z015&form=ZGAIDF
SearchScopes: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> {89E6387E-E170-4FB9-9139-30BC1EF1797A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> {B3A90B80-C73F-4695-9140-209782CFBC2D} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: No Name -> {99E00A4C-D35E-11DD-BA95-9B6A56D89593} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} hxxp://www.facebook.com/controls/contactx.dll
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: HKLM-x32 {8FD07749-EFFA-48C6-947C-45A8D7BF422F} hxxp://www.cyberlink.com/prog/vista/prog/CLVistaGenie.cab
DPF: HKLM-x32 {9A74E90C-0233-4E1F-8EA1-105991C6FA12} hxxp://www.dvrdns.net/activex/snoopy/webviewer/6.0.0.36/webviewer.cab
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1058
FireFox:
========
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\2007-04-19 ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-03-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-07-28] ()
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-05-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-05-16] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3490244186-3468089063-3122976493-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\pete626\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-3490244186-3468089063-3122976493-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\pete626\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3490244186-3468089063-3122976493-1000: @talk.google.com/O1DPlugin -> C:\Users\pete626\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3490244186-3468089063-3122976493-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3490244186-3468089063-3122976493-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pete626\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\pete626\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{EC086D52-1222-4C47-9546-CB59DB10DAFB}] - C:\Users\pete626\AppData\Local\{EC086D52-1222-4C47-9546-CB59DB10DAFB}
FF Extension: XULRunner - C:\Users\pete626\AppData\Local\{EC086D52-1222-4C47-9546-CB59DB10DAFB} [2011-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Google Search) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-06-28]
CHR Extension: (RealDownloader) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-05-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\pete626\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R2 HPBtnSrv; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512 2008-09-30] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [File not signed]
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-12-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-20] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2008-10-14] (Windows ® Codename Longhorn DDK provider)
S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-18] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [12872 2010-02-18] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [67656 2010-06-11] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [811264 2009-05-14] (Windows ® Codename Longhorn DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-01] ()
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-02 07:52 - 2015-09-02 07:52 - 00027737 _____ C:\Users\pete626\Desktop\FRST.txt
2015-09-01 20:06 - 2015-09-01 20:06 - 02870984 _____ (ESET) C:\Users\pete626\Downloads\esetsmartinstaller_enu (1).exe
2015-09-01 20:05 - 2015-09-01 20:05 - 02870984 _____ (ESET) C:\Users\pete626\Downloads\esetsmartinstaller_enu.exe
2015-09-01 20:00 - 2015-09-02 07:41 - 00000000 ____D C:\Users\pete626\AppData\Local\CrashDumps
2015-09-01 19:44 - 2015-09-01 20:26 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-01 19:44 - 2015-09-01 19:44 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-09-01 18:37 - 2015-09-02 07:52 - 00000000 ____D C:\FRST
2015-09-01 18:37 - 2015-09-01 18:37 - 02188800 _____ (Farbar) C:\Users\pete626\Desktop\FRST64.exe
2015-09-01 08:33 - 2015-07-31 15:03 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 08:33 - 2015-07-31 14:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-01 08:32 - 2015-07-10 14:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-01 08:32 - 2015-07-10 14:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-01 08:31 - 2015-07-11 12:13 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-01 08:31 - 2015-07-11 10:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-01 08:31 - 2015-07-09 09:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-01 08:31 - 2015-07-09 09:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-01 08:31 - 2015-07-09 09:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-01 08:30 - 2015-07-18 10:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-01 08:28 - 2015-07-21 15:59 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-01 08:28 - 2015-07-21 15:59 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-01 08:28 - 2015-07-21 10:50 - 04690880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-01 08:28 - 2015-07-21 10:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-09-01 08:28 - 2015-07-21 10:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-01 08:28 - 2015-07-21 10:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-01 08:28 - 2015-07-21 10:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-09-01 08:28 - 2015-07-21 10:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-01 08:28 - 2015-07-10 14:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-01 08:28 - 2015-07-10 14:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-01 08:28 - 2015-07-10 14:35 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-01 08:28 - 2015-07-10 14:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-01 08:22 - 2015-09-01 08:22 - 00000000 ____D C:\Users\pete626\AppData\Roaming\Sun
2015-09-01 08:22 - 2015-09-01 08:22 - 00000000 ____D C:\Users\pete626\.oracle_jre_usage
2015-09-01 08:19 - 2015-09-01 08:21 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-01 08:19 - 2015-07-31 17:31 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-01 08:19 - 2015-07-31 17:08 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-01 08:19 - 2015-07-31 16:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-09-01 08:19 - 2015-07-31 16:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-09-01 08:19 - 2015-07-31 16:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-09-01 08:19 - 2015-07-31 16:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-09-01 08:19 - 2015-07-31 16:44 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-09-01 08:19 - 2015-07-31 16:44 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-09-01 08:19 - 2015-07-31 16:44 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-09-01 08:19 - 2015-07-31 16:44 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-09-01 08:19 - 2015-07-31 16:26 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-01 08:19 - 2015-07-31 16:25 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-01 08:19 - 2015-07-31 16:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-01 08:19 - 2015-07-31 16:09 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-09-01 08:19 - 2015-07-31 16:00 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-09-01 08:19 - 2015-07-31 15:59 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-01 08:19 - 2015-07-31 15:59 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-01 08:19 - 2015-07-31 15:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-01 08:19 - 2015-07-31 15:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-09-01 08:19 - 2015-07-31 15:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-09-01 08:19 - 2015-07-31 15:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-01 08:19 - 2015-07-31 15:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-01 08:18 - 2015-07-09 09:31 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-01 08:18 - 2015-07-01 10:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-01 08:18 - 2015-07-01 10:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-01 08:17 - 2015-07-22 17:08 - 17889792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-01 08:17 - 2015-07-22 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-01 08:17 - 2015-07-22 16:56 - 02344448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-01 08:17 - 2015-07-22 16:55 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-01 08:17 - 2015-07-22 16:50 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-01 08:17 - 2015-07-22 16:50 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-01 08:17 - 2015-07-22 16:49 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-01 08:17 - 2015-07-22 16:49 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-01 08:17 - 2015-07-22 16:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-01 08:17 - 2015-07-22 16:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-01 08:17 - 2015-07-22 16:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-01 08:17 - 2015-07-22 16:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-01 08:17 - 2015-07-22 16:48 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-01 08:17 - 2015-07-22 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-01 08:17 - 2015-07-22 16:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-01 08:17 - 2015-07-22 16:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-01 08:17 - 2015-07-22 16:47 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-01 08:17 - 2015-07-22 16:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-01 08:17 - 2015-07-22 16:47 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-01 08:17 - 2015-07-22 16:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-01 08:17 - 2015-07-22 16:47 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-01 08:17 - 2015-07-22 16:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-01 08:17 - 2015-07-22 15:54 - 12386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-01 08:17 - 2015-07-22 15:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-01 08:17 - 2015-07-22 15:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-01 08:17 - 2015-07-22 15:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-01 08:17 - 2015-07-22 15:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-01 08:17 - 2015-07-22 15:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-01 08:17 - 2015-07-22 15:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-01 08:17 - 2015-07-22 15:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-09-01 08:17 - 2015-07-22 15:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-01 08:17 - 2015-07-22 15:44 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-01 08:17 - 2015-07-22 15:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-01 08:17 - 2015-07-22 15:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-01 08:17 - 2015-07-22 15:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-01 08:17 - 2015-07-22 15:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-01 08:17 - 2015-07-22 15:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-01 08:17 - 2015-07-22 15:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-01 08:17 - 2015-07-22 15:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-01 08:17 - 2015-07-22 15:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-01 08:17 - 2015-07-22 15:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-09-01 08:17 - 2015-07-22 15:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-09-01 08:17 - 2015-07-22 15:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-09-01 08:17 - 2015-07-22 15:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-01 07:48 - 2015-09-01 07:48 - 00000846 _____ C:\Windows\PFRO.log
2015-09-01 00:40 - 2015-09-01 00:40 - 00606433 _____ C:\Users\pete626\AppData\Local\census.cache
2015-09-01 00:40 - 2015-09-01 00:40 - 00196799 _____ C:\Users\pete626\AppData\Local\ars.cache
2015-08-31 20:20 - 2015-08-31 20:20 - 00000010 _____ C:\Users\pete626\AppData\Local\sponge.last.runtime.cache
2015-08-31 20:10 - 2015-08-31 20:10 - 02073512 _____ (Trend Micro Inc.) C:\Users\pete626\Downloads\HousecallLauncher.exe
2015-08-30 21:34 - 2015-08-30 21:34 - 00929360 _____ (Google Inc.) C:\Users\pete626\Downloads\ChromeSetup (1).exe
2015-08-30 21:33 - 2015-08-30 21:33 - 00929360 _____ (Google Inc.) C:\Users\pete626\Downloads\ChromeSetup.exe
2015-08-29 10:30 - 2015-09-01 18:22 - 00003642 _____ C:\Windows\IE9_main.log
2015-08-26 18:38 - 2015-08-26 18:39 - 00000000 ____D C:\Users\pete626\Desktop\A Trader ES
2015-08-12 07:24 - 2031-04-06 12:09 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3490244186-3468089063-3122976493-1000
2015-08-12 07:24 - 2031-04-06 12:09 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3490244186-3468089063-3122976493-1000
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00872528 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00681552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-02 07:47 - 2010-07-13 21:25 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000UA.job
2015-09-02 07:46 - 2010-07-13 21:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 07:38 - 2014-05-13 08:29 - 01145794 _____ C:\Windows\WindowsUpdate.log
2015-09-02 07:32 - 2013-05-12 12:22 - 00000392 _____ C:\Windows\Tasks\update-sys.job
2015-09-02 06:55 - 2006-11-02 10:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-02 06:55 - 2006-11-02 10:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-02 06:47 - 2010-07-13 21:25 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000Core.job
2015-09-02 04:11 - 2013-05-12 12:22 - 00000392 _____ C:\Windows\Tasks\update-S-1-5-21-3490244186-3468089063-3122976493-1000.job
2015-09-01 23:02 - 2015-07-16 09:03 - 00008132 _____ C:\Users\pete626\AppData\Local\d3d9caps.dat
2015-09-01 23:01 - 2009-02-17 05:17 - 00003582 _____ C:\Windows\System32\Tasks\HP Health Check
2015-09-01 23:01 - 2006-11-02 07:46 - 00840886 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-01 22:59 - 2014-01-14 08:39 - 00003370 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3490244186-3468089063-3122976493-1000
2015-09-01 22:59 - 2014-01-14 08:39 - 00003240 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3490244186-3468089063-3122976493-1000
2015-09-01 22:58 - 2010-07-13 21:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 22:55 - 2006-11-02 10:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 22:54 - 2009-05-07 20:24 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-09-01 22:54 - 2006-11-02 10:42 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-01 21:57 - 2014-08-06 07:56 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 18:52 - 2006-11-02 08:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-01 17:55 - 2006-11-02 10:21 - 00319024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-01 17:53 - 2009-02-17 05:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-01 17:52 - 2013-09-19 09:03 - 00000000 ____D C:\SierraChart
2015-09-01 17:52 - 2006-11-02 10:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-09-01 08:35 - 2010-06-04 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-01 08:33 - 2010-07-13 21:25 - 00000000 ____D C:\Users\pete626\AppData\Local\Google
2015-09-01 08:28 - 2014-08-07 03:38 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 08:23 - 2013-11-29 00:00 - 00000000 ____D C:\ProgramData\Oracle
2015-09-01 08:22 - 2014-11-12 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 08:22 - 2009-02-25 10:46 - 00000000 ____D C:\Users\pete626
2015-09-01 08:21 - 2009-03-21 12:34 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 08:20 - 2006-11-02 07:35 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-30 21:33 - 2014-06-01 13:09 - 00001987 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-28 17:26 - 2013-02-06 10:31 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-28 08:40 - 2013-05-01 19:31 - 00000000 ____D C:\Windows\Minidump
2015-08-28 08:40 - 2012-02-19 21:12 - 00000000 ____D C:\Users\pete626\AppData\Roaming\uTorrent
2015-08-28 06:42 - 2010-07-13 21:25 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000UA
2015-08-28 06:42 - 2010-07-13 21:25 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000Core
2015-08-27 22:41 - 2010-07-13 21:46 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 22:41 - 2010-07-13 21:46 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 01:38 - 2009-03-07 18:21 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-19 07:29 - 2010-04-16 08:16 - 00000000 ____D C:\Users\pete626\AppData\Roaming\HpUpdate
2015-08-19 07:29 - 2009-02-25 11:45 - 00000456 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-08-16 16:44 - 2015-04-27 09:11 - 00000000 ____D C:\Users\pete626\Desktop\House Plan Ideas
2015-08-15 14:59 - 2011-04-24 16:05 - 00013824 _____ C:\Users\pete626\Documents\Car Auto Service.xls
2015-08-12 20:36 - 2015-01-29 23:05 - 00000844 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-07 20:32 - 2015-07-23 19:14 - 00000000 ____D C:\Users\pete626\Desktop\Horst Charts
==================== Files in the root of some directories =======
2009-02-26 12:45 - 2009-02-26 12:45 - 0086093 _____ () C:\Program Files (x86)\TMUninstal.exe
2009-02-26 12:16 - 2009-02-26 12:16 - 0252894 _____ () C:\Program Files (x86)\ZSUninstal.exe
2010-02-22 21:04 - 2012-03-16 19:58 - 0001084 _____ () C:\Users\pete626\AppData\Roaming\wklnhst.dat
2013-01-18 21:34 - 2013-01-18 21:52 - 0006525 _____ () C:\Users\pete626\AppData\Local\ae0e8845-86ce-4d69-ab32-458c19632b17.crx
2015-09-01 00:40 - 2015-09-01 00:40 - 0196799 _____ () C:\Users\pete626\AppData\Local\ars.cache
2015-09-01 00:40 - 2015-09-01 00:40 - 0606433 _____ () C:\Users\pete626\AppData\Local\census.cache
2015-07-16 09:03 - 2015-09-01 23:02 - 0008132 _____ () C:\Users\pete626\AppData\Local\d3d9caps.dat
2009-02-25 11:45 - 2013-07-19 03:00 - 0001460 _____ () C:\Users\pete626\AppData\Local\d3d9caps64.dat
2009-04-04 13:53 - 2014-09-11 19:08 - 0058880 _____ () C:\Users\pete626\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-02 14:59 - 2012-09-02 14:59 - 0355638 _____ () C:\Users\pete626\AppData\Local\dd_vcredistMSI3C8F.txt
2012-09-02 14:59 - 2012-09-02 14:59 - 0011486 _____ () C:\Users\pete626\AppData\Local\dd_vcredistUI3C8F.txt
2009-10-08 19:59 - 2009-10-08 19:59 - 0000036 _____ () C:\Users\pete626\AppData\Local\housecall.guid.cache
2011-07-22 11:50 - 2011-07-24 21:23 - 0000120 _____ () C:\Users\pete626\AppData\Local\Ivoyimuwesebebe.dat
2015-08-31 20:20 - 2015-08-31 20:20 - 0000010 _____ () C:\Users\pete626\AppData\Local\sponge.last.runtime.cache
2013-05-12 12:22 - 2013-05-12 12:22 - 0000003 _____ () C:\Users\pete626\AppData\Local\updater.log
2013-05-12 12:22 - 2013-05-12 12:33 - 0000059 _____ () C:\Users\pete626\AppData\Local\UserProducts.xml
2011-07-22 11:50 - 2011-07-24 00:40 - 0000000 _____ () C:\Users\pete626\AppData\Local\Vpaxijoyi.bin
2013-06-26 21:58 - 2013-06-27 07:47 - 0000000 _____ () C:\ProgramData\as98213.txt
2014-01-19 17:25 - 2014-03-09 16:00 - 0000000 _____ () C:\ProgramData\keystore.xml
2013-02-06 10:15 - 2013-02-06 10:15 - 0000113 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-02-06 10:02 - 2013-02-06 10:02 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2010-02-16 21:21 - 2011-09-05 18:01 - 0001492 _____ () C:\ProgramData\ss.ini
2010-02-16 22:46 - 2010-02-16 22:46 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$7cf9f803af071ddeabee48c05c97df23
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3490244186-3468089063-3122976493-1000\$7cf9f803af071ddeabee48c05c97df23
Files to move or delete:
====================
C:\Users\pete626\gotomypc_438.exe
C:\Users\pete626\jagex_runescape_preferences.dat
C:\Users\pete626\jagex_runescape_preferences2.dat
Some files in TEMP:
====================
C:\Users\pete626\AppData\Local\Temp\dllnt_dump.dll
C:\Users\pete626\AppData\Local\Temp\jre-8u51-windows-au.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-01 23:03
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by pete626 (2015-09-02 07:52:46)
Running from C:\Users\pete626\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3490244186-3468089063-3122976493-500 - Administrator - Disabled)
Guest (S-1-5-21-3490244186-3468089063-3122976493-501 - Limited - Disabled)
pete626 (S-1-5-21-3490244186-3468089063-3122976493-1000 - Administrator - Enabled) => C:\Users\pete626
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.63 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avi to Mpeg 3.0 (HKLM-x32\...\{14BF164E-80A4-422E-BE43-39FB759666C2}_is1) (Version: 3.0 - Avi to Mpeg)
AVIcodec (remove only) (HKLM-x32\...\AVIcodec) (Version: - )
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
BlazeHDAV 6.0 (HKLM-x32\...\BlazeHDAV 6.0_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2111 - CyberLink Corp.)
DeepBurner v1.9.0.228 (HKLM-x32\...\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
E.M. PowerPoint Video Converter 3.20 (HKLM-x32\...\E.M. PowerPoint Video Converter_is1) (Version: - EffectMatrix, Inc.)
eFax Messenger 4.3 (HKLM-x32\...\{B3076A28-345A-4d89-90A3-B68866C0DFB8}) (Version: 4.3 - j2 Global Communications, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
FileZilla Client 3.2.2.1 (HKLM-x32\...\FileZilla Client) (Version: 3.2.2.1 - )
Free GIF2SWF Converter v1.0 (HKLM-x32\...\{003471DA-FA41-4ADE-83C6-56A3FED6E820}_is1) (Version: - ETC Company, Inc.)
Free MP3 WMA OGG Converter 8.1.2 (HKLM-x32\...\Free MP3 WMA OGG Converter_is1) (Version: - CyberPower Tech, Inc.)
FreeRIP v3.61 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.61 - MGShareware)
Gogo MP3 To CD Burner (HKLM-x32\...\Gogo MP3 To CD Burner_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GoToMeeting 7.0.5.2130 (HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\GoToMeeting) (Version: 7.0.5.2130 - CitrixOnline)
Greenshot 1.1.4.2622 (HKLM\...\Greenshot_is1) (Version: 1.1.4.2622 - Greenshot)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{64B9E2F5-558E-4C56-B419-A1679518F6E7}) (Version: 5.7.0.2784 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{F827B95C-1BF5-43B4-9E26-CDC596ECE3AE}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Backup (HKLM-x32\...\{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1) (Version: 1.0.7.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}) (Version: 2.0.8 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jigsaw Trading Tools (HKLM-x32\...\Jigsaw Trading Tools) (Version: - JigsawTrading)
join.me (HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\JoinMe) (Version: 1.10.1.258 - LogMeIn, Inc.)
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0904 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.0904 - CyberLink Corp.) Hidden
Leawo iTransfer version 1.5.0.412 (HKLM-x32\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.5.0.412 - Leawo Software)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{5BD0CB24-11AF-4BA8-A198-38D25257C656}) (Version: 1.14.25.1 - LightScribe)
LightSpeed SSL 7.0.149 (HKLM-x32\...\{BADD9FFA-4A37-5133-976C-0C3D24CD7B85}) (Version: 7.0.149 - Lightspeed Holdings, LLC)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MidnightReview (HKLM-x32\...\{F720FEE9-7FA8-4CE8-8E01-DA87B42DC579}) (Version: 1.1.0 - Garsworld)
Mortgage Loan Calculator Plus 2.0 (HKLM-x32\...\Mortgage Loan Calculator Plus_is1) (Version: - mortgageloancalculating.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{5BA013CE-61A6-EAD5-5C9C-FF4B3F920815}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
NetViewer (HKLM-x32\...\NetViewer_is1) (Version: - .)
NinjaTrader 7 (HKLM-x32\...\{C6E70CF4-7E25-4191-84B5-91713FFD2D85}) (Version: 7.0.1016 - NinjaTrader)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 11.10.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 11.10.13 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.0.7003 - ooVoo LLC.)
Opera 11.61 (HKLM-x32\...\Opera 11.61.1250) (Version: 11.61.1250 - Opera Software ASA)
Opera Mobile (HKLM-x32\...\{FA55C144-16EC-4C19-ABFF-2E172C26950D}_is1) (Version: - Opera Software ASA)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
PhotoWipe 1.0 (HKLM-x32\...\PhotoWipe_is1) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.7 - Hewlett-Packard Company)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2112 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2112 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2202 - CyberLink Corp.) Hidden
PowerScanRT (HKLM-x32\...\{1774604C-4E0D-42F4-9D2F-581DE975DF91}) (Version: 2.3.8 - Garsworld)
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5735 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RezEasy Standard 7.0 (HKLM-x32\...\RezEasy Standard 7.0) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDX Redistributable (June 2010) (HKLM-x32\...\{354D00E0-C7C9-4BC1-BC12-08C4977AA827}) (Version: 2.0.10.43 - SlimDX Group)
SMI Grabber Device (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.26 - Somagic)
SP TimeSync 2.4 (HKLM-x32\...\{F45E33EA-EFE6-43F5-8F05-F106467AE667}) (Version: 2.4 - Alexander Panchenko)
sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
StockVision-PS (HKLM-x32\...\{AFF163E2-6E59-465A-B084-88ECAD5F510D}) (Version: 3.1.5 - Garsworld)
SUPERAntiSpyware Free Edition (HKLM-x32\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.25.0.1014 - SUPERAntiSpyware.com)
TD AMERITRADE StrategyDesk 3.1 (HKLM-x32\...\{A5F8D657-ADBC-4259-A0C8-B1F1445E0218}) (Version: 3.1 - TD AMERITRADE)
TD AMERITRADE StrategyDesk 3.2_2 (C:\Program Files (x86)\TD AMERITRADE\StrategyDesk) (HKLM-x32\...\{AB7AB240-3EB1-4A81-A1E4-04E8D19EC768}) (Version: 3.2 - TD AMERITRADE)
TD AMERITRADE StrategyDesk 3.3_3 (C:\Program Files (x86)\TD AMERITRADE\StrategyDesk) (HKLM-x32\...\{FF3321CB-C36E-435F-AFBC-694DD1E13763}) (Version: 3.3 - TD AMERITRADE)
TD AMERITRADE StrategyDesk 3.4_4 (C:\Program Files (x86)\TD AMERITRADE\StrategyDesk) (HKLM-x32\...\{F7514EDE-1629-4FAC-8380-4C76E2AA337F}) (Version: 3.4 - TD AMERITRADE)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
The Imagination Station (remove only) (HKLM-x32\...\The Imagination Station) (Version: - )
tickStrike-24 (HKLM-x32\...\{0A6D0BE0-AA78-4E02-A7C3-0990A5088300}_is1) (Version: 24 - tickStrike.com)
TightVNC (HKLM\...\{49195D89-1266-4E6A-A9CD-D5FB2B949774}) (Version: 2.7.7.0 - GlavSoft LLC.)
TightVNC 1.3.9 (HKLM-x32\...\TightVNC_is1) (Version: 1.3.9 - TightVNC Group)
Trader Workstation 4.0 (HKLM-x32\...\Trader Workstation 4.0) (Version: - )
TradersUNITE (HKLM-x32\...\{856866F0-C2E0-4ECC-B230-49C629FEF986}) (Version: 1.84 - Garsworld)
Transaction Manager (HKLM-x32\...\Transaction Manager) (Version: - )
TWS Demo (HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\...\TWS Demo) (Version: - Interactive Brokers)
Uninstall Web Viewer (HKLM-x32\...\TibetSystem - Uninstall Web Viewer) (Version: Version 6.0.0.36 - )
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
WebEx Support Manager for Internet Explorer (HKLM-x32\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\pete626\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\msseedir.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\pete626\AppData\Local\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()
CustomCLSID: HKU\S-1-5-21-3490244186-3468089063-3122976493-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\pete626\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
09-08-2015 00:00:01 Scheduled Checkpoint
10-08-2015 00:00:01 Scheduled Checkpoint
11-08-2015 00:00:00 Scheduled Checkpoint
12-08-2015 11:34:10 Scheduled Checkpoint
13-08-2015 00:00:01 Scheduled Checkpoint
14-08-2015 00:00:01 Scheduled Checkpoint
15-08-2015 00:00:01 Scheduled Checkpoint
16-08-2015 00:00:01 Scheduled Checkpoint
17-08-2015 00:00:01 Scheduled Checkpoint
18-08-2015 09:21:23 Scheduled Checkpoint
19-08-2015 00:00:01 Scheduled Checkpoint
01-09-2015 08:17:24 Windows Update
06-04-2031 12:10:33 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07AD1FA7-B518-4773-B9A6-20E10586D4C8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {35D4A815-6902-4B63-A116-749390DB84D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000Core => C:\Users\pete626\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3E7F2D20-FF25-4457-84CB-6FC97131D2D5} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10] (PC-Doctor, Inc.)
Task: {459128C2-A4F1-49F4-A246-646A60221E32} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {48BCBF39-7226-4947-8BC9-F5A5AB481990} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {4A2EADEE-A639-431A-A121-D271622A21E2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {598055FA-6387-4CC8-B6A1-3EA177D22C0A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000UA => C:\Users\pete626\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {969D3F6B-A1A1-45D7-B033-C5C5B8BE7A0B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {9CC6ED65-1FAA-40E6-A183-AD8EADB35027} - System32\Tasks\{D9705BEB-BF7F-4A5D-A131-B00BE73C8FAC} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {A8A77C1F-77FF-4C20-AE23-9C401D6F64DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B19C1629-ECEE-4896-A5E9-9E8F511BD5C4} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - pete626 => C:\Program Files\Windows Calendar\wincal.exe [2008-01-20] (Microsoft Corporation)
Task: {B7FD2483-247D-4FB1-8E73-029381CA2170} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {BBAA9443-26B1-42E7-B5C6-A40FBFAE0909} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BE5AB681-8F9D-45B0-AFB4-B75F9D95FA34} - System32\Tasks\update-S-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {C1064FAE-30A2-4646-B797-C0F7B6F727A3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3490244186-3468089063-3122976493-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F121C944-AB92-4A79-8060-81CBB9BF1731} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000Core.job => C:\Users\pete626\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3490244186-3468089063-3122976493-1000UA.job => C:\Users\pete626\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml
Task: C:\Windows\Tasks\update-S-1-5-21-3490244186-3468089063-3122976493-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (Whitelisted) ==============
2009-02-17 04:58 - 2008-09-30 21:59 - 00192512 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-02-21 16:07 - 2009-02-21 16:07 - 00111616 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-05 18:08 - 2010-02-10 19:10 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 04:49 - 2014-05-12 04:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2011-10-07 04:39 - 2011-10-07 04:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-05-14 03:54 - 2015-05-14 03:54 - 09277440 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\SlimDX\edd39ebc0148ec8bb6e3fff6eb6d6830\SlimDX.ni.dll
2014-05-22 09:09 - 2014-05-22 09:09 - 03723264 _____ () C:\Windows\assembly\GAC_64\SlimDX\2.0.10.43__b1b0c32fd1ffe4f9\SlimDX.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-17 19:57 - 2008-10-17 19:57 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:157E1AD3
AlternateDataStreams: C:\ProgramData\Temp:9E2940E3
AlternateDataStreams: C:\Users\pete626\Documents\Bays Inn Satellite TV 213.avi:TOC.WMV
AlternateDataStreams: C:\Users\pete626\Documents\Capture.mpg:TOC.WMV
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3490244186-3468089063-3122976493-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pete626\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles(x86)%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles(x86)%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles(x86)%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles(x86)%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{1CF6A7B8-61BC-4707-9CAF-D24BB6052387}C:\users\pete626\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pete626\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BFD99818-1506-403A-89AB-B7ED4F3715B7}C:\users\pete626\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pete626\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{70F328F8-018C-491C-A7CF-4954D2D87976}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{9087BAA5-C099-480A-AC0C-ABA41C860518}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{F1CAEEC5-657D-419C-AE52-F79FF3414735}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{FC6F60A7-ACC9-42D8-933C-F9B6A1FA78F0}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [{DFB9C9CB-51AF-4379-A843-85FD6FFCEFF1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{94BF3AF0-44F9-46E7-B46E-FD075CE29752}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9B447A59-C0FF-4F1B-ACFB-2D9B56BB5496}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9CF7D16C-EEB2-45F1-A728-CF4B9856D2D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BD3AA4B7-BE1B-46C1-906A-1F539CC15EF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AFCF12F5-34DE-4D47-B9DF-0A514015921C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/02/2015 07:41:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application EXCEL.EXE, version 9.0.0.2719, time stamp 0x36f43422, faulting module SHLWAPI.dll, version 6.0.6002.18738, time stamp 0x50ada1fd, exception code 0xc0000005, fault offset 0x000258ea,
process id 0x1aa4, application start time 0xEXCEL.EXE0.
Error: (09/02/2015 07:40:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16684, time stamp 0x55b000e5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x094fad3b,
process id 0x1b98, application start time 0xiexplore.exe0.
Error: (09/02/2015 07:40:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16684, time stamp 0x55b000e5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x09f1ad3b,
process id 0x1be0, application start time 0xiexplore.exe0.
Error: (09/01/2015 10:58:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/01/2015 10:56:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2015 09:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16684, time stamp 0x55b000e5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x08efad3b,
process id 0xa28, application start time 0xiexplore.exe0.
Error: (09/01/2015 09:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16684, time stamp 0x55b000e5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0a2bad3b,
process id 0xea0, application start time 0xiexplore.exe0.
Error: (09/01/2015 09:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16684, time stamp 0x55b000e5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x09f1ad3b,
process id 0xf0, application start time 0xiexplore.exe0.
Error: (09/01/2015 08:05:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Error: (09/01/2015 08:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application EXCEL.EXE, version 9.0.0.2719, time stamp 0x36f43422, faulting module SHLWAPI.dll, version 6.0.6002.18738, time stamp 0x50ada1fd, exception code 0xc0000005, fault offset 0x000258ea,
process id 0x1818, application start time 0xEXCEL.EXE0.
System errors:
=============
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: SASDIFSV
SASKUTIL
SRTSP
SRTSPX
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SBSD Security Center Service%%1053
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000SBSD Security Center Service
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Norton Internet Security%%3
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: LMIGuardianSvc%%1053
Error: (09/01/2015 10:56:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000LMIGuardianSvc
Error: (09/01/2015 10:55:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (09/01/2015 10:55:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (09/01/2015 09:48:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pete626\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (09/01/2015 09:48:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pete626\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Microsoft Office:
=========================
Error: (09/02/2015 07:41:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: EXCEL.EXE9.0.0.271936f43422SHLWAPI.dll6.0.6002.1873850ada1fdc0000005000258ea1aa401d0e57ca0636bc0
Error: (09/02/2015 07:40:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1668455b000e5unknown0.0.0.000000000c0000005094fad3b1b9801d0e57c970643e0
Error: (09/02/2015 07:40:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1668455b000e5unknown0.0.0.000000000c000000509f1ad3b1be001d0e57c96d12a20
Error: (09/01/2015 10:58:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (09/01/2015 10:56:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2015 09:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1668455b000e5unknown0.0.0.000000000c000000508efad3ba2801d0e52adcc30840
Error: (09/01/2015 09:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1668455b000e5unknown0.0.0.000000000c00000050a2bad3bea001d0e52ad3a3d3c0
Error: (09/01/2015 09:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.1668455b000e5unknown0.0.0.000000000c000000509f1ad3bf001d0e52ad350aab0
Error: (09/01/2015 08:05:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifestC:\Users\pete626\Downloads\esetsmartinstaller_enu.exe
Error: (09/01/2015 08:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EXCEL.EXE9.0.0.271936f43422SHLWAPI.dll6.0.6002.1873850ada1fdc0000005000258ea181801d0e51ac4f47830
CodeIntegrity:
===================================
Date: 2015-09-02 07:52:21.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-02 07:52:21.288
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-02 07:52:20.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-02 07:52:20.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:51:19.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:51:19.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:51:18.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:51:18.346
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:07:22.285
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-01 22:07:21.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 42%
Total physical RAM: 6142.33 MB
Available physical RAM: 3514.65 MB
Total Virtual: 12499.68 MB
Available Virtual: 9432.8 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:451.38 GB) (Free:166.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.38 GB) (Free:1.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=451.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
, and I will be helping you with your issue today.
Sign In
Create Account
