The computer has been experiencing slowdowns like the screen being greyed out while the pinwheel spins. I have run CCleaner and Malwarebytes and MBam came up clean. Bitdefender AV is updated and comes up clean.
Is there a good uninstall program to use? I noticed that there are some things that should be cleaned up here after the all clear from an expert. Thanks for the help!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-05-2017
Ran by John (administrator) on JOHN-PC (13-05-2017 18:01:06)
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available Profiles: John)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Actual Tools) C:\Program Files\[TOOLS]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(Stardock Corporation) C:\Program Files\[TOOLS]\CursorFX\CursorFX.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Millennia Corporation 1-623-444-8918 (Sales number) 1-425-788-0932 (Support number) [email protected] hxxp:// C:\Program Files\Legacy8\Legacy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13] (Logitech, Inc.)
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\...\Run: [Actual Multiple Monitors] => C:\Program Files\[TOOLS]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1495880 2011-11-23] (Actual Tools)
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\...\Run: [CursorFX] => C:\Program Files\[TOOLS]\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation)
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{1918E76E-DE66-415C-92A0-50F02C668A34}: [DhcpNameServer]
Internet Explorer:
SearchScopes: HKU\S-1-5-21-2041274925-3586460229-1953501391-1001 -> DefaultScope {106AFA30-4D92-45FE-BE9A-5A1DD7567CCE} URL = hxxps://{searchTerms}
SearchScopes: HKU\S-1-5-21-2041274925-3586460229-1953501391-1001 -> {106AFA30-4D92-45FE-BE9A-5A1DD7567CCE} URL = hxxps://{searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default [2017-05-13]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\53yzrlxb.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\53yzrlxb.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\53yzrlxb.default -> chrome://fastdial/content/fastdial.html
FF Session Restore: Mozilla\Firefox\Profiles\53yzrlxb.default -> is enabled.
FF Keyword.URL: Mozilla\Firefox\Profiles\53yzrlxb.default -> hxxp://
FF NetworkProxy: Mozilla\Firefox\Profiles\53yzrlxb.default -> no_proxies_on", "*.local"
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-04-12]
FF Extension: (Fast Dial) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-12-12]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-05-01]
FF Extension: (Toggle animated GIFs) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-08-02]
FF Extension: (Browse By Name) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-04-27]
FF Extension: (Magic Actions for YouTube™) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-10-28]
FF Extension: (AlienTube) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2015-10-15]
FF Extension: (Weather Forecast Plus) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-09-28]
FF Extension: (YouTube Control Center) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-04-13]
FF Extension: (Reddit Enhancement Suite) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-05-08]
FF Extension: (Menu Icons Plus) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-04-28]
FF Extension: (Restartless Restart) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-04-27]
FF Extension: (Download Manager (S3)) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-04-02]
FF Extension: (Super Drag) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2016-04-28]
FF Extension: (LastPass: Free Password Manager) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-05-06]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-01-30]
FF Extension: (uBlock Origin) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\[email protected] [2017-04-16]
FF Extension: (Nuke Anything Enhanced) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}.xpi [2016-04-28]
FF Extension: (Flashblock) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-01-08]
FF Extension: (QuickNote) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}.xpi [2016-04-28]
FF Extension: (Show my Password) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2016-04-28]
FF Extension: (SearchPreview) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2016-10-26]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\ancestry---surnames.xml [2013-05-26]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\bible-gateway.xml [2013-12-09]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\buycom.xml [2013-06-29]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\imdb.xml [2014-12-11]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\newegg.xml [2013-12-09]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\53yzrlxb.default\searchplugins\youtube.xml [2014-12-11]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-03] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin:,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[TOOLS]\PDF XChange\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: -> disabled [No File]
FF Plugin:,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[TOOLS]\PDF XChange\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2041274925-3586460229-1953501391-1001: Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[TOOLS]\PDF XChange\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-02-08] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [67592 2016-03-08] (Bitdefender)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2122248 2016-09-02] (Electronic Arts)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-22] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-22] (Logitech, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [16768 2011-04-09] (Microsoft Corporation) [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-13 18:01 - 2017-05-13 18:01 - 00013206 _____ C:\Users\John\Desktop\FRST.txt
2017-05-13 18:00 - 2017-05-13 18:01 - 00000000 ____D C:\FRST
2017-05-13 17:58 - 2017-05-13 17:58 - 01769984 _____ (Farbar) C:\Users\John\Desktop\FRST.exe
2017-05-10 12:27 - 2017-04-27 17:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-05-10 12:27 - 2017-04-27 17:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 12:27 - 2017-04-27 17:36 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-10 12:27 - 2017-04-27 17:36 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-10 12:27 - 2017-04-27 17:34 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-10 12:27 - 2017-04-27 17:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-10 12:27 - 2017-04-27 17:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 12:27 - 2017-04-27 17:11 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-10 12:27 - 2017-04-27 17:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-10 12:27 - 2017-04-27 17:11 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 12:27 - 2017-04-27 17:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 12:27 - 2017-04-27 17:09 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-10 12:27 - 2017-04-27 17:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 12:27 - 2017-04-27 17:07 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 12:27 - 2017-04-27 17:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 12:27 - 2017-04-27 17:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-10 12:27 - 2017-04-27 17:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-10 12:27 - 2017-04-27 17:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-10 12:27 - 2017-04-27 17:07 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-10 12:27 - 2017-04-26 07:51 - 02400768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 12:27 - 2017-04-21 08:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-10 12:27 - 2017-04-19 16:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 07:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-10 12:27 - 2017-04-17 07:51 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-10 12:27 - 2017-04-17 07:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 07:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 07:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 12:27 - 2017-04-17 07:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 12:27 - 2017-04-16 01:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-10 12:27 - 2017-04-16 01:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-10 12:27 - 2017-04-16 01:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-10 12:27 - 2017-04-16 01:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 12:27 - 2017-04-16 01:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-10 12:27 - 2017-04-16 01:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-10 12:27 - 2017-04-16 01:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 12:27 - 2017-04-16 00:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 12:27 - 2017-04-16 00:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-10 12:27 - 2017-04-16 00:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-10 12:27 - 2017-04-16 00:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 12:27 - 2017-04-16 00:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-10 12:27 - 2017-04-16 00:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 12:27 - 2017-04-16 00:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-10 12:27 - 2017-04-16 00:47 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 12:27 - 2017-04-16 00:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-10 12:27 - 2017-04-16 00:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 12:27 - 2017-04-16 00:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-10 12:27 - 2017-04-16 00:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 12:27 - 2017-04-16 00:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 12:27 - 2017-04-16 00:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-10 12:27 - 2017-04-16 00:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-10 12:27 - 2017-04-16 00:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 12:27 - 2017-04-16 00:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 12:27 - 2017-04-16 00:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-10 12:27 - 2017-04-16 00:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 12:27 - 2017-04-16 00:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 12:27 - 2017-04-16 00:10 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 12:27 - 2017-04-16 00:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 12:27 - 2017-04-16 00:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 12:27 - 2017-04-16 00:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-10 12:27 - 2017-04-15 23:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 12:27 - 2017-04-15 23:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 12:27 - 2017-04-15 23:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 12:27 - 2017-04-15 23:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 12:27 - 2017-04-12 08:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-10 12:27 - 2017-04-12 08:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 12:27 - 2017-04-12 08:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-10 12:27 - 2017-04-12 08:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-10 12:27 - 2017-04-07 08:26 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 12:27 - 2017-04-07 08:26 - 00218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 12:27 - 2017-04-07 08:21 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 12:27 - 2017-04-07 08:20 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-10 12:27 - 2017-04-05 08:00 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 12:27 - 2017-04-05 08:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 12:27 - 2017-04-05 08:00 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-10 12:27 - 2017-04-04 08:25 - 01309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-10 12:27 - 2017-04-04 08:25 - 00240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-10 12:27 - 2017-04-04 08:25 - 00187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 12:27 - 2017-04-04 07:52 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-10 12:27 - 2017-04-04 07:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-10 12:27 - 2017-03-10 09:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-10 12:27 - 2017-03-10 09:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-10 12:27 - 2017-03-10 08:52 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-10 12:27 - 2017-03-10 08:51 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-10 12:27 - 2017-03-10 08:51 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-10 12:27 - 2017-03-09 09:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-06 09:13 - 2017-05-07 07:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-13 17:57 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\inf
2017-05-13 17:54 - 2016-11-18 10:37 - 00000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2017-05-13 17:43 - 2014-07-01 20:56 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-13 09:18 - 2009-07-13 21:34 - 00025088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-13 09:18 - 2009-07-13 21:34 - 00025088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-13 09:15 - 2013-02-09 14:38 - 00785794 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-13 09:10 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-11 11:58 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\rescache
2017-05-11 07:46 - 2013-02-09 16:44 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-05-11 07:46 - 2013-02-09 16:44 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-05-11 07:46 - 2013-02-09 16:44 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-11 07:35 - 2009-07-13 21:33 - 00460072 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 07:34 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 20:59 - 2013-07-23 17:40 - 00000000 ____D C:\Windows\system32\MRT
2017-05-10 20:57 - 2013-02-08 23:40 - 153591048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-09 06:54 - 2013-03-30 22:42 - 00000082 _____ C:\Windows\MPLAYER.INI
2017-05-09 06:54 - 2009-07-13 19:04 - 00000418 _____ C:\Windows\win.ini
2017-05-08 07:24 - 2013-02-09 16:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-05 08:28 - 2013-03-30 22:12 - 00000000 ____D C:\Users\John\AppData\LocalLow\LastPass
2017-05-04 08:46 - 2015-06-10 14:11 - 00000000 ____D C:\Program Files\Legacy8
2017-04-22 17:58 - 2015-07-27 07:50 - 00217760 ____H C:\Windows\system32\mlfcache.dat
==================== Files in the root of some directories =======
2013-05-06 09:28 - 2013-05-06 09:28 - 0003584 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-07 02:34 - 2014-07-07 02:34 - 0216406 _____ () C:\ProgramData\1404725599.bdinstall.bin
Some files in TEMP:
2013-02-14 18:01 - 2011-11-23 01:02 - 0489800 ____N (Actual Tools) C:\Users\John\AppData\Local\Temp\ammemb.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-13 13:36
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-05-2017
Ran by John (13-05-2017 18:01:23)
Running from C:\Users\John\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2013-02-09 21:36:13)
Boot Mode: Normal
==================== Accounts: =============================
Administrator (S-1-5-21-2041274925-3586460229-1953501391-500 - Administrator - Disabled)
Guest (S-1-5-21-2041274925-3586460229-1953501391-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2041274925-3586460229-1953501391-1004 - Limited - Enabled)
John (S-1-5-21-2041274925-3586460229-1953501391-1001 - Administrator - Enabled) => C:\Users\John
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Actual Multiple Monitors 3.4.2 (HKLM\...\Actual Multiple Monitors_is1) (Version: 3.4.2 - Actual Tools)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auslogics BoostSpeed 5.1 (HKLM\...\Auslogics BoostSpeed_is1) (Version: 5.1 - )
Bejeweled® 3 (HKLM\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: - Electronic Arts, Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: - Bitdefender)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: - Apple Inc.)
calibre (HKLM\...\{FEFD4E74-85EE-4BA6-AD02-E0F99BC3F51E}) (Version: 1.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CursorFX (HKLM\...\CursorFX) (Version: - Stardock Corporation)
CursorFX (Version: 2.00 - Stardock Corporation) Hidden
dBpoweramp [Calculate Audio CRC] Codec (HKLM\...\dBpoweramp [Calculate Audio CRC] Codec) (Version: - )
dBpoweramp Dalet Codec (HKLM\...\dBpoweramp Dalet Codec) (Version: - )
dBpoweramp FLAC Codec (HKLM\...\dBpoweramp FLAC Codec) (Version: - )
dBpoweramp m4a Codec (HKLM\...\dBpoweramp m4a Codec) (Version: Release 14 r2 - Illustrate)
dBpoweramp Monkeys Audio Codec (HKLM\...\dBpoweramp Monkeys Audio Codec) (Version: - )
dBpoweramp Mp2 and BwfMp2 codec (HKLM\...\dBpoweramp Mp2 and BwfMp2 codec) (Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (HKLM\...\dBpoweramp mp3 (Fraunhofer IIS) Codec) (Version: Release 2 (v4.0.3) - Illustrate)
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 13.1 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM\...\dBpoweramp Ogg Vorbis Codec) (Version: - )
dBpoweramp Real Audio (Helix) Encoder (HKLM\...\dBpoweramp Real Audio (Helix) Encoder) (Version: - )
dBPoweramp tooLame MP2 codec (HKLM\...\dBPoweramp tooLame MP2 codec) (Version: - )
dBpoweramp Wave64 Codec (HKLM\...\dBpoweramp Wave64 Codec) (Version: - )
dBpoweramp WavPack Codec (HKLM\...\dBpoweramp WavPack Codec) (Version: - )
dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 7 - Illustrate)
eReg (Version: - Logitech, Inc.) Hidden
Family Tree Maker 2006 (HKLM\...\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}) (Version: - )
GetDiz (HKLM\...\GetDiz) (Version: 4.8 - Outertech)
ImgBurn (HKLM\...\ImgBurn) (Version: - LIGHTNING UK!)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: - Apple Inc.)
Kyodai Mahjongg 2006 v1.42 (HKLM\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Legacy 8.0 (HKLM\...\Legacy 8.0) (Version: 8.0 - Millennia Corporation)
LibreOffice (HKLM\...\{8FA59B7B-1D26-408F-A798-BD11A65A68B9}) (Version: - The Document Foundation)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 53.0.2 (x86 en-US)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: - Mozilla)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Origin (HKLM\...\Origin) (Version: - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: - Tracker Software Products Ltd)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SSD Tweaker version 2.1.5 (HKLM\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 2.1.5 -
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - KMP Media co., Ltd)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2041274925-3586460229-1953501391-1001_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A8E0A25-A517-4E06-B83C-1B1EEE5A9638} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {41E39473-0326-4C21-AFC1-E95575678612} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {5EB1F216-BB07-4A30-977A-514AFDF8545D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {613CFAF4-50B7-49B4-97D6-77597EDD20FD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {75938DB0-87CE-4497-8C37-F82E4E3B51FF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {C05A945A-8FAF-412B-8EEC-358B3E2CA7CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\[TOOLS]\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {C9340A4A-1E20-437F-ADC2-5512F79C0B0A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {DC95B71F-5815-4D97-B9BA-DE4D89671B32} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\[TOOLS]\dBpoweramp Music Converter\Register dBpoweramp.lnk -> hxxp://
==================== Loaded Modules (Whitelisted) ==============
2016-03-08 08:12 - 2016-03-08 08:12 - 00522136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-03-08 08:13 - 2016-03-08 08:13 - 00105448 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2017-03-16 16:09 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:09 - 2015-12-17 19:39 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-09 19:24 - 2011-05-28 23:04 - 00140288 _____ () C:\Program Files\[TOOLS]\WinRAR\rarext.dll
2013-02-10 01:08 - 2011-10-26 18:41 - 00305664 _____ () C:\Program Files\[TOOLS]\TeraCopy\TeraCopyExt.dll
2010-03-23 07:17 - 2010-03-23 07:17 - 00059904 _____ () C:\Program Files\[TOOLS]\CursorFX\zlib1.dll
2017-03-16 16:08 - 2015-12-17 19:38 - 00237328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [149]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2041274925-3586460229-1953501391-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2C941BDD-BA24-49A1-ABC5-FC86F7D381A4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7FD81241-2921-4AF9-8FE5-153143B50BF2}] => (Allow) C:\Program Files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{48BC7DFC-8645-4B2B-9826-5AA03DB46589}] => (Allow) C:\Program Files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{714824D7-FC50-4335-9965-DB98753CB18F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{613B8CF6-55F6-4EC6-91B5-6D02CA7A0254}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C43CA49F-D004-49FA-B245-FEA4246A83DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{529A3780-3538-45A9-B6A4-2C2C3742D739}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{16905CCB-CC5F-453E-ADE1-78D7FA0A4090}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{175C0E31-9455-4B88-BD54-3E1EC8259F61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DD0039B6-C62E-497B-9916-FDBC82C7902B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{4D24FEC7-2F14-4505-8870-44E50A28BA0A}C:\windows\\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{9047385B-E6EE-494E-B6E0-2D9A683F6852}C:\windows\\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\\framework\v2.0.50727\vbc.exe
==================== Restore Points =========================
12-05-2017 07:00:05 Windows Backup
==================== Faulty Device Manager Devices =============
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer.
==================== Event log errors: =========================
Application errors:
Error: (05/13/2017 06:56:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/12/2017 07:12:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/11/2017 07:39:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/10/2017 07:26:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/09/2017 06:41:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/08/2017 07:30:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/07/2017 07:26:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/06/2017 07:11:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/05/2017 08:25:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (05/04/2017 06:54:40 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\common files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
Error: (04/24/2017 02:36:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (04/20/2017 11:36:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.
Error: (04/12/2017 11:14:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 01:02:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 12:33:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 11:59:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Acer - Display - Acer X223W (Digital).
Error: (04/12/2017 11:58:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 11:56:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 11:56:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
Error: (04/12/2017 11:55:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc driver update for AMD SMBus.
==================== Memory info ===========================
Processor: AMD Phenom II X4 B45 Processor
Percentage of memory in use: 42%
Total physical RAM: 3327.18 MB
Available physical RAM: 1909.4 MB
Total Virtual: 6652.68 MB
Available Virtual: 4388.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:59.53 GB) (Free:32.31 GB) NTFS
Drive z: (Storage) (Fixed) (Total:298.09 GB) (Free:67.7 GB) NTFS
==================== MBR & Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 45C88311)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: FDF28ACA)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================