Jump to content

Martin7365

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. HI Guys Thanks for all your help and suggestions regarding my PC issue, I really appreciate it. I will try the SevenForum as suggested by daledoc1, and now close this topic. Thanks again AdvancedSetup, David and daledoc1 Martin.
  2. Hi David I followed your instructions, and amended the Target line to include the /update-no command, but still being directed to install updates. Regards Martin.
  3. Hi David, I Looked at the article you directed me to, but I wasn't too sure how to proceed. If you can give me step by step directions, that would be great. Regards Martin
  4. Hi I disabled my Anti-virus but I am still getting the same error 9C57. I tried IE 10 and IE 11 in my Downloads Folder and also from Windows Updates.
  5. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01 Ran by Martin (administrator) on FAMILY-PC on 23-09-2014 11:01:28 Running from C:\Users\Martin\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2 HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: D - D:\Launch.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB9AE14C9AFC7CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {FE8A66E2-CFDD-44C0-A697-FB531AA5D172} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB81004D20140420&p={SearchTerms} SearchScopes: HKCU - {FE8A66E2-CFDD-44C0-A697-FB531AA5D172} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB81004D20140420&p={SearchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Martin\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05] FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2014-09-23] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-04-20] FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05] Chrome: ======= CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19] CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19] CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-20] CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19] CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19] CHR Extension: (Google Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19] CHR Extension: (SiteAdvisor) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-09-20] CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19] CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM-x32\...\Chrome\Extension: [oedoknoijoakeplhlghdcggkclkbmaje] - C:\Users\Callum\AppData\Local\PriceMeter Express\PriceMeterExpress.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BFBackupUtilityService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe [320888 2010-04-28] (BUFFALO INC.) R2 BFBackupUtilityVSSService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe [359288 2010-04-28] (BUFFALO INC.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation) R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation) S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed] S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation) S3 WMZuneComm; C:\zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation) S3 ZuneNetworkSvc; C:\zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation) S3 ZuneWlanCfgSvc; C:\zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation) R3 WinHttpAutoProxySvc; winhttp.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 bftpdskc64; C:\Windows\System32\drivers\bftpdskc64.sys [67712 2010-01-12] (BUFFALO INC.) R3 bftpusbx64; C:\Windows\System32\drivers\bftpusbx64.sys [20608 2010-01-18] (BUFFALO INC.) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-09-13] () S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed] S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X] S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X] S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X] S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X] S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X] S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-23 11:01 - 2014-09-23 11:01 - 00019247 _____ () C:\Users\Martin\Desktop\FRST.txt 2014-09-23 10:57 - 2014-09-23 10:57 - 02105856 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe 2014-09-23 10:52 - 2014-09-23 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-09-23 10:26 - 2014-09-23 10:26 - 00448512 _____ (OldTimer Tools) C:\Users\Martin\Desktop\TFC.exe 2014-09-23 10:10 - 2014-09-23 10:56 - 00001207 _____ () C:\Users\Martin\Desktop\JavaRa.log 2014-09-23 10:04 - 2014-09-23 10:08 - 00000000 ____D () C:\Users\Martin\Desktop\JavaRemove 2014-09-23 09:58 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2014-09-23 09:58 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2014-09-23 09:18 - 2014-09-23 09:32 - 00000000 ____D () C:\Users\Martin\Documents\LocaleMetaData 2014-09-23 09:18 - 2014-09-23 09:18 - 21041152 _____ () C:\Users\Martin\Desktop\ChkdskLog.evtx 2014-09-22 11:23 - 2014-09-22 11:23 - 00003536 ____N () C:\bootsqm.dat 2014-09-22 08:55 - 2014-09-22 08:55 - 00000000 ____D () C:\Users\Martin\Desktop\WindowsSearchResultReport_files 2014-09-22 08:51 - 2014-09-22 08:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.Search.RNP.1334803051337718.1.1.Run.exe 2014-09-21 16:27 - 2014-09-21 17:01 - 00005661 _____ () C:\Users\Callum\Documents\Littleman.odt 2014-09-21 12:45 - 2014-09-21 12:46 - 00000134 _____ () C:\Users\Martin\Desktop\Internet Explorer Troubleshooting.url 2014-09-21 10:44 - 2014-09-21 10:44 - 00235933 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2786081-x64 (1).msu 2014-09-20 21:32 - 2014-09-23 10:46 - 00000000 ___RD () C:\Users\Martin\iCloudDrive 2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Apple Inc 2014-09-20 21:09 - 2014-09-20 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-09-20 21:08 - 2014-09-20 21:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iTunes 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iPod 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-20 20:23 - 2014-09-20 20:23 - 01373475 _____ () C:\Users\Martin\Downloads\adwcleaner_3.310.exe 2014-09-20 17:08 - 2014-09-20 17:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe 2014-09-20 17:02 - 2014-09-20 17:02 - 00002963 _____ () C:\Users\Martin\Desktop\HiJackThis.lnk 2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\Desktop\Hijackthis 2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis 2014-09-20 16:47 - 2014-09-20 16:47 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns 2014-09-20 16:46 - 2014-09-23 09:47 - 01868287 _____ () C:\Users\Martin\Downloads\Autoruns.zip 2014-09-20 16:14 - 2014-09-20 16:14 - 00013638 _____ () C:\Users\Callum\Desktop\hijackthis.log 2014-09-20 16:12 - 2014-09-20 16:13 - 00013638 _____ () C:\Users\Callum\Downloads\hijackthis.log 2014-09-20 16:11 - 2014-09-20 16:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Callum\Downloads\HijackThis.exe 2014-09-20 14:17 - 2014-09-20 14:17 - 07814408 _____ () C:\Users\Martin\Downloads\saSetup4.exe 2014-09-20 13:11 - 2014-09-20 13:11 - 44335120 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE10-Windows6.1-x64-en-us.exe 2014-09-20 12:30 - 2014-09-20 12:30 - 00274672 _____ () C:\Windows\Minidump\092014-20014-01.dmp 2014-09-20 11:50 - 2014-09-20 11:50 - 00002259 _____ () C:\Users\Conor\Desktop\Google Chrome.lnk 2014-09-20 11:50 - 2014-09-20 11:50 - 00000004 _____ () C:\Users\Conor\AppData\Roaming\appdataFr2.bin 2014-09-20 11:19 - 2014-09-20 11:19 - 00000004 _____ () C:\Users\Callum\AppData\Roaming\appdataFr2.bin 2014-09-19 21:07 - 2014-09-19 21:07 - 12789816 _____ () C:\Users\Conor\Downloads\Warriors-MP3.zip 2014-09-19 11:41 - 2014-09-19 11:41 - 00002259 _____ () C:\Users\Martin\Desktop\Google Chrome.lnk 2014-09-19 09:38 - 2014-09-19 09:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Desktop\MicrosoftFixit.IEPerformance.FISC.24833454657388370.1.1.Run.exe 2014-09-19 09:34 - 2014-09-19 09:34 - 00985600 _____ () C:\Users\Martin\Desktop\MicrosoftFixit50123.msi 2014-09-18 17:40 - 2014-09-18 17:40 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FAMILY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-09-18 17:39 - 2014-09-18 17:39 - 00000000 ____D () C:\RegBackup 2014-09-15 19:26 - 2014-09-15 19:26 - 00002334 _____ () C:\Users\Callum\Downloads\WCS (1).RDP 2014-09-15 19:25 - 2014-09-15 19:25 - 00002334 _____ () C:\Users\Callum\Downloads\WCS.RDP 2014-09-14 20:12 - 2014-09-14 20:13 - 00004871 _____ () C:\Users\Callum\Documents\What it was like to live in Mississippi in the 1930.odt 2014-09-14 16:45 - 2014-09-14 16:45 - 00023070 _____ () C:\Users\Callum\Documents\Profile of Emmeline Pankhurst and Millicent Fawcett.odt 2014-09-14 15:27 - 2014-09-14 15:27 - 00002163 _____ () C:\Users\Martin\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com 2014-09-14 15:25 - 2014-09-14 15:25 - 09526552 _____ () C:\Users\Martin\Desktop\tweaking.com_windows_repair_aio_setup.exe 2014-09-14 14:28 - 2014-09-14 14:28 - 00000000 ____D () C:\Windows\CheckSur 2014-09-14 14:25 - 2014-09-14 14:28 - 551293744 _____ () C:\Users\Martin\Desktop\Windows6.1-KB947821-v33-x64.msuSurtool.msu 2014-09-14 13:04 - 2014-09-14 13:04 - 00005461 _____ () C:\AdwCleaner[s1].txt 2014-09-14 12:58 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310 (1).exe 2014-09-14 12:57 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310.exe 2014-09-14 12:48 - 2014-09-14 12:48 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67 (1).exe 2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Windows\Sun 2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Oracle 2014-09-14 12:34 - 2014-09-14 12:34 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67.exe 2014-09-13 14:07 - 2014-09-13 10:20 - 03326176 _____ (Microsoft Corporation) C:\Users\Martin\Documents\OutlookConnector.exe 2014-09-13 10:22 - 2014-09-13 10:22 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-09-12 19:03 - 2014-09-17 18:52 - 00000000 ____D () C:\Users\Conor\Documents\Visual Studio 2010 2014-09-12 09:15 - 2014-09-13 13:52 - 00001343 _____ () C:\Users\Martin\Desktop\BT Cloud.lnk 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Cloud 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\F-Secure 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\F-Secure 2014-09-12 09:15 - 2013-08-23 07:44 - 00000000 ____D () C:\Users\Martin\BT Cloud Sync 2014-09-12 09:14 - 2014-09-12 09:14 - 29128240 _____ (F-Secure Corporation) C:\Users\Martin\Desktop\BTCloudWindows.exe 2014-09-12 09:14 - 2014-09-12 09:14 - 00000000 ____D () C:\Users\Martin\AppData\Local\F-Secure 2014-09-11 22:32 - 2014-09-11 22:32 - 00000000 ____D () C:\Users\Conor\Documents\7 Days To Die 2014-09-10 19:43 - 2014-09-10 19:43 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\HpUpdate 2014-09-10 18:44 - 2014-09-10 18:44 - 00039222 _____ () C:\Users\Conor\Downloads\720720 UseDiagram.asta 2014-09-10 18:31 - 2014-09-10 18:31 - 00318890 _____ () C:\Users\Callum\Documents\Frecnh.odt 2014-09-06 12:53 - 2014-09-19 20:52 - 00000000 ____D () C:\Users\Conor\Documents\A2 College HW 2014-09-03 21:32 - 2014-09-03 21:32 - 00245624 _____ (Software Installer ) C:\Users\Martin\Downloads\Setup.exe 2014-09-03 20:22 - 2014-09-03 20:22 - 00415707 _____ () C:\Users\Martin\Downloads\Fix IE.zip 2014-09-03 20:20 - 2014-09-03 20:21 - 00014012 _____ () C:\Users\Martin\Downloads\iefix.zip 2014-09-03 20:04 - 2014-09-03 20:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.wu.LB.132333201779340213.1.1.Run.exe 2014-09-03 19:50 - 2011-09-22 21:07 - 00105832 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL 2014-09-03 19:50 - 2011-09-22 21:06 - 00109416 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll 2014-09-03 19:50 - 2011-09-22 17:18 - 00073064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll 2014-09-03 19:49 - 2014-09-03 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0 2014-09-03 19:40 - 2014-09-03 19:40 - 00985600 _____ () C:\Users\Martin\Downloads\MicrosoftFixit50123 (2).msi 2014-09-03 19:36 - 2014-09-03 19:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.19933319997370014.4.1.Run.exe 2014-09-03 19:14 - 2014-09-03 19:14 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\Program Files\CPUID 2014-09-03 19:13 - 2014-09-03 19:13 - 01500512 _____ ( ) C:\Users\Martin\Downloads\cpu-z_1.70-setup-en.exe 2014-08-27 07:28 - 2014-08-27 07:28 - 02041176 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2888049-x64.msu 2014-08-27 07:28 - 2014-08-27 07:28 - 01003796 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2834140-v2-x64.msu 2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT 2014-08-26 21:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-08-26 21:51 - 2014-09-20 20:37 - 00000000 ____D () C:\AdwCleaner 2014-08-26 19:52 - 2014-09-20 20:20 - 00000000 ____D () C:\Users\Martin\Documents\pc1 2014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt 2014-08-26 19:44 - 2014-08-26 19:47 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++ 2014-08-26 19:14 - 2014-09-23 11:01 - 00000000 ____D () C:\FRST 2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe 2014-08-26 11:41 - 2014-09-23 10:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-26 11:41 - 2014-08-26 12:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-26 11:41 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-26 11:41 - 2014-05-12 08:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-26 11:41 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F} 2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} 2014-08-26 11:05 - 2014-08-26 11:06 - 00000000 ____D () C:\Users\Martin\.nbi 2014-08-26 10:44 - 2014-09-19 10:04 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin 2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ____D () C:\OneDriveTemp 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan 2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe 2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard 2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} 2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory 2014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b 2014-08-24 16:14 - 2014-09-23 10:26 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator 2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe 2014-08-24 15:48 - 2014-09-03 18:53 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate 2014-08-24 15:48 - 2014-08-25 16:39 - 00000000 ____D () C:\ProgramData\HP Photo Creations 2014-08-24 15:48 - 2014-08-25 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-24 15:48 - 2014-08-24 16:14 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk 2014-08-24 15:48 - 2014-08-24 16:14 - 00000000 ____D () C:\ProgramData\Visan 2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations 2014-08-24 15:48 - 2012-10-17 04:31 - 00741480 _____ (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAF11.dll 2014-08-24 15:47 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP 2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini 2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP 2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe 2014-08-24 15:42 - 2014-08-24 16:16 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP 2014-08-24 15:40 - 2014-08-24 15:47 - 00000000 ____D () C:\ProgramData\HP ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-23 11:01 - 2014-09-23 11:01 - 00019247 _____ () C:\Users\Martin\Desktop\FRST.txt 2014-09-23 11:01 - 2014-08-26 19:14 - 00000000 ____D () C:\FRST 2014-09-23 10:57 - 2014-09-23 10:57 - 02105856 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe 2014-09-23 10:56 - 2014-09-23 10:10 - 00001207 _____ () C:\Users\Martin\Desktop\JavaRa.log 2014-09-23 10:52 - 2014-09-23 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-09-23 10:52 - 2014-04-20 15:58 - 00001844 _____ () C:\Users\Public\Desktop\BT NetProtect Plus.lnk 2014-09-23 10:52 - 2009-07-14 05:45 - 00022064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-23 10:52 - 2009-07-14 05:45 - 00022064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-23 10:50 - 2011-04-19 22:16 - 01139891 _____ () C:\Windows\WindowsUpdate.log 2014-09-23 10:50 - 2009-07-14 06:13 - 00880170 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-23 10:47 - 2014-08-26 11:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-23 10:46 - 2014-09-20 21:32 - 00000000 ___RD () C:\Users\Martin\iCloudDrive 2014-09-23 10:46 - 2011-05-23 19:38 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-23 10:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-23 10:46 - 2009-07-14 05:51 - 00187235 _____ () C:\Windows\setupact.log 2014-09-23 10:45 - 2010-11-21 04:47 - 02885266 _____ () C:\Windows\PFRO.log 2014-09-23 10:44 - 2014-03-31 17:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-23 10:26 - 2014-09-23 10:26 - 00448512 _____ (OldTimer Tools) C:\Users\Martin\Desktop\TFC.exe 2014-09-23 10:26 - 2014-08-24 16:14 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-09-23 10:19 - 2011-05-23 19:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-23 10:08 - 2014-09-23 10:04 - 00000000 ____D () C:\Users\Martin\Desktop\JavaRemove 2014-09-23 10:02 - 2014-07-23 10:26 - 00000000 ____D () C:\Users\Martin\Documents\Visual Studio 2010 2014-09-23 09:47 - 2014-09-20 16:46 - 01868287 _____ () C:\Users\Martin\Downloads\Autoruns.zip 2014-09-23 09:39 - 2014-05-28 10:07 - 00000000 ____D () C:\Users\Martin\Documents\Outlook Files 2014-09-23 09:38 - 2014-05-28 10:07 - 00000000 ____D () C:\Users\Martin\AppData\Local\E0E18595-2AAF-491D-BA98-806CD1D4784E.aplzod 2014-09-23 09:32 - 2014-09-23 09:18 - 00000000 ____D () C:\Users\Martin\Documents\LocaleMetaData 2014-09-23 09:18 - 2014-09-23 09:18 - 21041152 _____ () C:\Users\Martin\Desktop\ChkdskLog.evtx 2014-09-22 23:14 - 2011-12-04 13:02 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\Skype 2014-09-22 22:15 - 2013-09-20 22:02 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-22 11:23 - 2014-09-22 11:23 - 00003536 ____N () C:\bootsqm.dat 2014-09-22 08:55 - 2014-09-22 08:55 - 00000000 ____D () C:\Users\Martin\Desktop\WindowsSearchResultReport_files 2014-09-22 08:51 - 2014-09-22 08:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.Search.RNP.1334803051337718.1.1.Run.exe 2014-09-21 17:01 - 2014-09-21 16:27 - 00005661 _____ () C:\Users\Callum\Documents\Littleman.odt 2014-09-21 12:46 - 2014-09-21 12:45 - 00000134 _____ () C:\Users\Martin\Desktop\Internet Explorer Troubleshooting.url 2014-09-21 12:46 - 2013-05-27 21:06 - 00573299 _____ () C:\Windows\IE10_main.log 2014-09-21 10:44 - 2014-09-21 10:44 - 00235933 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2786081-x64 (1).msu 2014-09-20 22:04 - 2013-11-23 13:27 - 00555619 _____ () C:\Windows\IE11_main.log 2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Apple Inc 2014-09-20 21:32 - 2011-04-19 22:16 - 00000000 ____D () C:\Users\Martin 2014-09-20 21:13 - 2011-05-09 20:46 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Apple Computer 2014-09-20 21:09 - 2014-09-20 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-09-20 21:08 - 2014-09-20 21:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iTunes 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iPod 2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-20 20:37 - 2014-08-26 21:51 - 00000000 ____D () C:\AdwCleaner 2014-09-20 20:23 - 2014-09-20 20:23 - 01373475 _____ () C:\Users\Martin\Downloads\adwcleaner_3.310.exe 2014-09-20 20:20 - 2014-08-26 19:52 - 00000000 ____D () C:\Users\Martin\Documents\pc1 2014-09-20 17:18 - 2013-03-31 14:42 - 00000000 ___RD () C:\Users\Martin\SkyDrive 2014-09-20 17:08 - 2014-09-20 17:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe 2014-09-20 17:02 - 2014-09-20 17:02 - 00002963 _____ () C:\Users\Martin\Desktop\HiJackThis.lnk 2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\Desktop\Hijackthis 2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis 2014-09-20 16:47 - 2014-09-20 16:47 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns 2014-09-20 16:14 - 2014-09-20 16:14 - 00013638 _____ () C:\Users\Callum\Desktop\hijackthis.log 2014-09-20 16:13 - 2014-09-20 16:12 - 00013638 _____ () C:\Users\Callum\Downloads\hijackthis.log 2014-09-20 16:11 - 2014-09-20 16:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Callum\Downloads\HijackThis.exe 2014-09-20 14:19 - 2014-04-20 15:55 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-09-20 14:17 - 2014-09-20 14:17 - 07814408 _____ () C:\Users\Martin\Downloads\saSetup4.exe 2014-09-20 13:11 - 2014-09-20 13:11 - 44335120 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE10-Windows6.1-x64-en-us.exe 2014-09-20 12:33 - 2014-06-30 11:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-20 12:30 - 2014-09-20 12:30 - 00274672 _____ () C:\Windows\Minidump\092014-20014-01.dmp 2014-09-20 12:30 - 2011-04-20 15:32 - 664473650 _____ () C:\Windows\MEMORY.DMP 2014-09-20 12:30 - 2011-04-20 15:32 - 00000000 ____D () C:\Windows\Minidump 2014-09-20 12:05 - 2014-04-20 15:35 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-09-20 11:50 - 2014-09-20 11:50 - 00002259 _____ () C:\Users\Conor\Desktop\Google Chrome.lnk 2014-09-20 11:50 - 2014-09-20 11:50 - 00000004 _____ () C:\Users\Conor\AppData\Roaming\appdataFr2.bin 2014-09-20 11:29 - 2012-11-28 19:19 - 00002259 _____ () C:\Users\Callum\Desktop\Google Chrome.lnk 2014-09-20 11:28 - 2011-04-22 07:23 - 00108816 _____ () C:\Users\Callum\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-20 11:27 - 2011-04-23 14:25 - 00000282 __RSH () C:\Users\Callum\ntuser.pol 2014-09-20 11:27 - 2011-04-22 07:23 - 00000000 ____D () C:\Users\Callum 2014-09-20 11:19 - 2014-09-20 11:19 - 00000004 _____ () C:\Users\Callum\AppData\Roaming\appdataFr2.bin 2014-09-20 11:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-09-19 21:07 - 2014-09-19 21:07 - 12789816 _____ () C:\Users\Conor\Downloads\Warriors-MP3.zip 2014-09-19 20:52 - 2014-09-06 12:53 - 00000000 ____D () C:\Users\Conor\Documents\A2 College HW 2014-09-19 11:41 - 2014-09-19 11:41 - 00002259 _____ () C:\Users\Martin\Desktop\Google Chrome.lnk 2014-09-19 10:04 - 2014-08-26 10:44 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin 2014-09-19 09:38 - 2014-09-19 09:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Desktop\MicrosoftFixit.IEPerformance.FISC.24833454657388370.1.1.Run.exe 2014-09-19 09:34 - 2014-09-19 09:34 - 00985600 _____ () C:\Users\Martin\Desktop\MicrosoftFixit50123.msi 2014-09-18 20:51 - 2011-04-22 07:21 - 00108816 _____ () C:\Users\Conor\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-18 18:21 - 2011-04-20 01:31 - 00108816 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-18 18:20 - 2009-07-14 05:45 - 00415968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-18 18:14 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini 2014-09-18 17:40 - 2014-09-18 17:40 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FAMILY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-09-18 17:39 - 2014-09-18 17:39 - 00000000 ____D () C:\RegBackup 2014-09-18 17:26 - 2013-05-13 20:01 - 00000000 ____D () C:\Windows\pss 2014-09-17 18:52 - 2014-09-12 19:03 - 00000000 ____D () C:\Users\Conor\Documents\Visual Studio 2010 2014-09-16 19:15 - 2011-07-23 16:12 - 00000000 ____D () C:\Users\Conor\AppData\Local\CrashDumps 2014-09-15 19:26 - 2014-09-15 19:26 - 00002334 _____ () C:\Users\Callum\Downloads\WCS (1).RDP 2014-09-15 19:25 - 2014-09-15 19:25 - 00002334 _____ () C:\Users\Callum\Downloads\WCS.RDP 2014-09-14 20:13 - 2014-09-14 20:12 - 00004871 _____ () C:\Users\Callum\Documents\What it was like to live in Mississippi in the 1930.odt 2014-09-14 16:45 - 2014-09-14 16:45 - 00023070 _____ () C:\Users\Callum\Documents\Profile of Emmeline Pankhurst and Millicent Fawcett.odt 2014-09-14 15:27 - 2014-09-14 15:27 - 00002163 _____ () C:\Users\Martin\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com 2014-09-14 15:25 - 2014-09-14 15:25 - 09526552 _____ () C:\Users\Martin\Desktop\tweaking.com_windows_repair_aio_setup.exe 2014-09-14 14:28 - 2014-09-14 14:28 - 00000000 ____D () C:\Windows\CheckSur 2014-09-14 14:28 - 2014-09-14 14:25 - 551293744 _____ () C:\Users\Martin\Desktop\Windows6.1-KB947821-v33-x64.msuSurtool.msu 2014-09-14 13:05 - 2012-10-02 14:14 - 00000000 ____D () C:\ProgramData\Origin 2014-09-14 13:04 - 2014-09-14 13:04 - 00005461 _____ () C:\AdwCleaner[s1].txt 2014-09-14 13:03 - 2012-10-02 14:14 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-14 12:58 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310 (1).exe 2014-09-14 12:58 - 2014-09-14 12:57 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310.exe 2014-09-14 12:48 - 2014-09-14 12:48 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67 (1).exe 2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Windows\Sun 2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Oracle 2014-09-14 12:37 - 2014-06-05 15:46 - 00000000 ____D () C:\ProgramData\Oracle 2014-09-14 12:34 - 2014-09-14 12:34 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67.exe 2014-09-13 16:19 - 2014-07-01 20:10 - 00153786 _____ () C:\Users\Callum\Documents\The Rock Cycle.odt 2014-09-13 13:53 - 2011-04-21 17:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-09-13 13:52 - 2014-09-12 09:15 - 00001343 _____ () C:\Users\Martin\Desktop\BT Cloud.lnk 2014-09-13 10:22 - 2014-09-13 10:22 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-09-13 10:20 - 2014-09-13 14:07 - 03326176 _____ (Microsoft Corporation) C:\Users\Martin\Documents\OutlookConnector.exe 2014-09-12 09:18 - 2013-10-27 15:07 - 00000000 ____D () C:\Users\Martin\Documents\TomTom 2014-09-12 09:18 - 2012-11-20 18:59 - 00000000 ____D () C:\Users\Martin\Documents\Visual Studio 2012 2014-09-12 09:18 - 2012-08-03 11:30 - 00000000 ____D () C:\Users\Martin\Documents\Electronic Arts 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Cloud 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\F-Secure 2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\F-Secure 2014-09-12 09:14 - 2014-09-12 09:14 - 29128240 _____ (F-Secure Corporation) C:\Users\Martin\Desktop\BTCloudWindows.exe 2014-09-12 09:14 - 2014-09-12 09:14 - 00000000 ____D () C:\Users\Martin\AppData\Local\F-Secure 2014-09-11 22:32 - 2014-09-11 22:32 - 00000000 ____D () C:\Users\Conor\Documents\7 Days To Die 2014-09-10 23:38 - 2012-11-20 10:22 - 00864036 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 23:28 - 2013-08-16 14:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 23:28 - 2011-04-21 21:18 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-10 19:43 - 2014-09-10 19:43 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\HpUpdate 2014-09-10 18:44 - 2014-09-10 18:44 - 00039222 _____ () C:\Users\Conor\Downloads\720720 UseDiagram.asta 2014-09-10 18:31 - 2014-09-10 18:31 - 00318890 _____ () C:\Users\Callum\Documents\Frecnh.odt 2014-09-10 11:25 - 2011-04-26 10:57 - 00000008 __RSH () C:\Users\Julie\ntuser.pol 2014-09-10 11:25 - 2011-04-22 07:18 - 00000000 ____D () C:\Users\Julie 2014-09-09 21:44 - 2014-03-31 17:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-09 20:44 - 2012-04-09 11:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-09 20:44 - 2012-01-28 13:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-09 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas 2014-09-06 12:50 - 2011-04-22 12:53 - 00000008 __RSH () C:\Users\Conor\ntuser.pol 2014-09-06 12:50 - 2011-04-22 07:21 - 00000000 ____D () C:\Users\Conor 2014-09-06 12:49 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media 2014-09-05 08:55 - 2011-06-07 19:43 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps 2014-09-03 21:59 - 2014-03-16 14:32 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-09-03 21:59 - 2011-04-23 03:38 - 00000008 __RSH () C:\Users\Martin\ntuser.pol 2014-09-03 21:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2014-09-03 21:50 - 2011-04-21 17:47 - 00000000 ____D () C:\Users\Martin\Downloads\Security Info 2014-09-03 21:32 - 2014-09-03 21:32 - 00245624 _____ (Software Installer ) C:\Users\Martin\Downloads\Setup.exe 2014-09-03 20:47 - 2013-06-25 23:14 - 00006656 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-03 20:22 - 2014-09-03 20:22 - 00415707 _____ () C:\Users\Martin\Downloads\Fix IE.zip 2014-09-03 20:21 - 2014-09-03 20:20 - 00014012 _____ () C:\Users\Martin\Downloads\iefix.zip 2014-09-03 20:13 - 2011-04-21 16:43 - 00659282 _____ () C:\Windows\IE9_main.log 2014-09-03 20:04 - 2014-09-03 20:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.wu.LB.132333201779340213.1.1.Run.exe 2014-09-03 19:59 - 2012-11-20 10:31 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-09-03 19:59 - 2012-11-20 10:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-09-03 19:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas 2014-09-03 19:49 - 2014-09-03 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0 2014-09-03 19:49 - 2014-07-23 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2014-09-03 19:40 - 2014-09-03 19:40 - 00985600 _____ () C:\Users\Martin\Downloads\MicrosoftFixit50123 (2).msi 2014-09-03 19:36 - 2014-09-03 19:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.19933319997370014.4.1.Run.exe 2014-09-03 19:20 - 2011-04-19 22:23 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information 2014-09-03 19:16 - 2011-06-25 18:03 - 00000000 ____D () C:\Users\Martin\AppData\Local\Unity 2014-09-03 19:14 - 2014-09-03 19:14 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\Program Files\CPUID 2014-09-03 19:13 - 2014-09-03 19:13 - 01500512 _____ ( ) C:\Users\Martin\Downloads\cpu-z_1.70-setup-en.exe 2014-09-03 18:53 - 2014-08-24 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate 2014-08-27 07:28 - 2014-08-27 07:28 - 02041176 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2888049-x64.msu 2014-08-27 07:28 - 2014-08-27 07:28 - 01003796 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2834140-v2-x64.msu 2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT 2014-08-26 22:07 - 2013-07-08 13:30 - 00000000 ____D () C:\Users\Conor\AppData\Local\CRE 2014-08-26 21:46 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt 2014-08-26 19:47 - 2014-08-26 19:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++ 2014-08-26 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-08-26 12:43 - 2014-08-26 11:41 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe 2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-26 11:10 - 2011-04-21 16:52 - 00000000 ____D () C:\ProgramData\Norton 2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F} 2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} 2014-08-26 11:06 - 2014-08-26 11:05 - 00000000 ____D () C:\Users\Martin\.nbi 2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ____D () C:\OneDriveTemp 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan 2014-08-25 16:39 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\HP Photo Creations 2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe 2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard 2014-08-25 16:38 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} 2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory 2014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b 2014-08-24 16:16 - 2014-08-24 15:42 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP 2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator 2014-08-24 16:14 - 2014-08-24 15:48 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk 2014-08-24 16:14 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Visan 2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe 2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations 2014-08-24 15:48 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files (x86)\HP 2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini 2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP 2014-08-24 15:47 - 2014-08-24 15:40 - 00000000 ____D () C:\ProgramData\HP 2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe 2014-08-24 15:18 - 2014-04-20 15:49 - 00002182 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-18 19:05 ==================== End Of Log ============================ Addition.txt
  6. I hope I have done everything you needed, Good Luck. Log Name: Application Source: Microsoft-Windows-Wininit Date: 22/09/2014 11:25:42 Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: Family-PC Description: Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 432640 file records processed. File verification completed. 1957 large file records processed. 0 bad file records processed. 0 EA records processed. 109 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 556662 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 432640 file SDs/SIDs processed. Cleaning up 1864 unused index entries from index $SII of file 0x9. Cleaning up 1864 unused index entries from index $SDH of file 0x9. Cleaning up 1864 unused security descriptors. Security descriptor verification completed. 62012 data files processed. CHKDSK is verifying Usn Journal... 36820776 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 432624 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 198370166 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. Windows has made corrections to the file system. 976663551 KB total disk space. 182449468 KB in 324288 files. 165880 KB in 62013 indexes. 0 KB in bad sectors. 567539 KB in use by the system. 65536 KB occupied by the log file. 793480664 KB available on disk. 4096 bytes in each allocation unit. 244165887 total allocation units on disk. 198370166 allocation units available on disk. Internal Info: 00 9a 06 00 09 e5 05 00 30 d2 09 00 00 00 00 00 ........0....... f1 08 00 00 6d 00 00 00 00 00 00 00 00 00 00 00 ....m........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" /> <EventID Qualifiers="16384">1001</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-09-22T10:25:42.000000000Z" /> <EventRecordID>193678</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>Family-PC</Computer> <Security /> </System> <EventData> <Data> Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 432640 file records processed. File verification completed. 1957 large file records processed. 0 bad file records processed. 0 EA records processed. 109 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 556662 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 432640 file SDs/SIDs processed. Cleaning up 1864 unused index entries from index $SII of file 0x9. Cleaning up 1864 unused index entries from index $SDH of file 0x9. Cleaning up 1864 unused security descriptors. Security descriptor verification completed. 62012 data files processed. CHKDSK is verifying Usn Journal... 36820776 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 432624 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 198370166 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. Windows has made corrections to the file system. 976663551 KB total disk space. 182449468 KB in 324288 files. 165880 KB in 62013 indexes. 0 KB in bad sectors. 567539 KB in use by the system. 65536 KB occupied by the log file. 793480664 KB available on disk. 4096 bytes in each allocation unit. 244165887 total allocation units on disk. 198370166 allocation units available on disk. Internal Info: 00 9a 06 00 09 e5 05 00 30 d2 09 00 00 00 00 00 ........0....... f1 08 00 00 6d 00 00 00 00 00 00 00 00 00 00 00 ....m........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts. </Data> </EventData> </Event> JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Sep 23 10:10:57 2014 Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Microsoft\Internet Explorer\Low Rights Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATs Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetrics Found and removed: SOFTWARE\MozillaPlugins ------------------------------------ Finished reporting.
  7. When I Run IE10, it automatically starts to install updates, stops, and advises you to GET UPDATE or CANCEL, there is no other option given. Regards Martin
  8. Hi David, IE 10 starts to install saying it is getting required updates, it then stops and directs me to go online to get an update. support.microsoft.com/kb/2818833 is the page where prerequisite updates are located. I try all 5 updates using x64 package and get the message every time that the update is not applicable to my computer. This is as far as I can go. Regards Martin.
  9. Windows update fails to update IE 11, always displays the error code 9C57. Can anyone help with this issue. Regards Martin Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014Ran by Martin (administrator) on FAMILY-PC on 20-09-2014 22:46:46Running from C:\Users\Martin\DesktopPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 9Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: D - D:\Launch.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB9AE14C9AFC7CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GBHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {FE8A66E2-CFDD-44C0-A697-FB531AA5D172} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB81004D20140420&p={SearchTerms}SearchScopes: HKCU - {FE8A66E2-CFDD-44C0-A697-FB531AA5D172} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB81004D20140420&p={SearchTerms}BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No FileDPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cabDPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileFilter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileFilter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileFilter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileFilter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileFilter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No FileTcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No FileFF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Martin\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtensionFF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05]FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNSTFF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2014-09-20]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-04-20]FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtensionFF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05] Chrome: =======CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-20]CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]CHR Extension: (Google Sheets) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]CHR Extension: (SiteAdvisor) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-09-20]CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-09-20]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]CHR HKLM-x32\...\Chrome\Extension: [oedoknoijoakeplhlghdcggkclkbmaje] - C:\Users\Callum\AppData\Local\PriceMeter Express\PriceMeterExpress.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BFBackupUtilityService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe [320888 2010-04-28] (BUFFALO INC.)R2 BFBackupUtilityVSSService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe [359288 2010-04-28] (BUFFALO INC.)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)S3 WMZuneComm; C:\zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)S3 ZuneNetworkSvc; C:\zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)S3 ZuneWlanCfgSvc; C:\zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)R3 WinHttpAutoProxySvc; winhttp.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 bftpdskc64; C:\Windows\System32\drivers\bftpdskc64.sys [67712 2010-01-12] (BUFFALO INC.)R3 bftpusbx64; C:\Windows\System32\drivers\bftpusbx64.sys [20608 2010-01-18] (BUFFALO INC.)R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-09-13] ()S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-20] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)S3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek)S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X]S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-20 22:46 - 2014-09-20 22:47 - 00023501 _____ () C:\Users\Martin\Desktop\FRST.txt2014-09-20 22:46 - 2014-09-20 22:46 - 00000000 ____D () C:\Users\Martin\Desktop\FRST-OlderVersion2014-09-20 22:03 - 2014-09-20 22:03 - 00000134 _____ () C:\Users\Martin\Desktop\Internet Explorer Troubleshooting.url2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ___RD () C:\Users\Martin\iCloudDrive2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Apple Inc2014-09-20 21:17 - 2014-09-20 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-09-20 21:09 - 2014-09-20 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud2014-09-20 21:08 - 2014-09-20 21:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iTunes2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iPod2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-09-20 20:23 - 2014-09-20 20:23 - 01373475 _____ () C:\Users\Martin\Downloads\adwcleaner_3.310.exe2014-09-20 17:08 - 2014-09-20 17:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe2014-09-20 17:02 - 2014-09-20 17:02 - 00002963 _____ () C:\Users\Martin\Desktop\HiJackThis.lnk2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\Desktop\Hijackthis2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2014-09-20 16:47 - 2014-09-20 16:47 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns2014-09-20 16:46 - 2014-09-20 16:46 - 00511633 _____ () C:\Users\Martin\Downloads\Autoruns.zip2014-09-20 16:14 - 2014-09-20 16:14 - 00013638 _____ () C:\Users\Callum\Desktop\hijackthis.log2014-09-20 16:12 - 2014-09-20 16:13 - 00013638 _____ () C:\Users\Callum\Downloads\hijackthis.log2014-09-20 16:11 - 2014-09-20 16:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Callum\Downloads\HijackThis.exe2014-09-20 14:17 - 2014-09-20 14:17 - 07814408 _____ () C:\Users\Martin\Downloads\saSetup4.exe2014-09-20 13:11 - 2014-09-20 13:11 - 44335120 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE10-Windows6.1-x64-en-us.exe2014-09-20 12:30 - 2014-09-20 12:30 - 00274672 _____ () C:\Windows\Minidump\092014-20014-01.dmp2014-09-20 11:50 - 2014-09-20 11:50 - 00002259 _____ () C:\Users\Conor\Desktop\Google Chrome.lnk2014-09-20 11:50 - 2014-09-20 11:50 - 00000004 _____ () C:\Users\Conor\AppData\Roaming\appdataFr2.bin2014-09-20 11:19 - 2014-09-20 11:19 - 00000004 _____ () C:\Users\Callum\AppData\Roaming\appdataFr2.bin2014-09-19 21:07 - 2014-09-19 21:07 - 12789816 _____ () C:\Users\Conor\Downloads\Warriors-MP3.zip2014-09-19 11:41 - 2014-09-19 11:41 - 00002259 _____ () C:\Users\Martin\Desktop\Google Chrome.lnk2014-09-19 09:38 - 2014-09-19 09:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Desktop\MicrosoftFixit.IEPerformance.FISC.24833454657388370.1.1.Run.exe2014-09-19 09:34 - 2014-09-19 09:34 - 00985600 _____ () C:\Users\Martin\Desktop\MicrosoftFixit50123.msi2014-09-18 17:40 - 2014-09-18 17:40 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FAMILY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-09-18 17:39 - 2014-09-18 17:39 - 00000000 ____D () C:\RegBackup2014-09-15 19:26 - 2014-09-15 19:26 - 00002334 _____ () C:\Users\Callum\Downloads\WCS (1).RDP2014-09-15 19:25 - 2014-09-15 19:25 - 00002334 _____ () C:\Users\Callum\Downloads\WCS.RDP2014-09-14 20:12 - 2014-09-14 20:13 - 00004871 _____ () C:\Users\Callum\Documents\What it was like to live in Mississippi in the 1930.odt2014-09-14 16:45 - 2014-09-14 16:45 - 00023070 _____ () C:\Users\Callum\Documents\Profile of Emmeline Pankhurst and Millicent Fawcett.odt2014-09-14 15:27 - 2014-09-14 15:27 - 00002163 _____ () C:\Users\Martin\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-09-14 15:25 - 2014-09-14 15:25 - 09526552 _____ () C:\Users\Martin\Desktop\tweaking.com_windows_repair_aio_setup.exe2014-09-14 14:28 - 2014-09-14 14:28 - 00000000 ____D () C:\Windows\CheckSur2014-09-14 14:25 - 2014-09-14 14:28 - 551293744 _____ () C:\Users\Martin\Desktop\Windows6.1-KB947821-v33-x64.msuSurtool.msu2014-09-14 13:04 - 2014-09-14 13:04 - 00005461 _____ () C:\AdwCleaner[s1].txt2014-09-14 12:58 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310 (1).exe2014-09-14 12:57 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310.exe2014-09-14 12:48 - 2014-09-14 12:48 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67 (1).exe2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Windows\Sun2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Oracle2014-09-14 12:36 - 2014-09-14 12:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-09-14 12:36 - 2014-09-14 12:36 - 00000000 ____D () C:\Program Files (x86)\Java2014-09-14 12:34 - 2014-09-14 12:34 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67.exe2014-09-13 14:07 - 2014-09-13 10:20 - 03326176 _____ (Microsoft Corporation) C:\Users\Martin\Documents\OutlookConnector.exe2014-09-13 10:22 - 2014-09-13 10:22 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-09-12 19:03 - 2014-09-17 18:52 - 00000000 ____D () C:\Users\Conor\Documents\Visual Studio 20102014-09-12 09:15 - 2014-09-13 13:52 - 00001343 _____ () C:\Users\Martin\Desktop\BT Cloud.lnk2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Cloud2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\F-Secure2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\F-Secure2014-09-12 09:15 - 2013-08-23 07:44 - 00000000 ____D () C:\Users\Martin\BT Cloud Sync2014-09-12 09:14 - 2014-09-12 09:14 - 29128240 _____ (F-Secure Corporation) C:\Users\Martin\Desktop\BTCloudWindows.exe2014-09-12 09:14 - 2014-09-12 09:14 - 00000000 ____D () C:\Users\Martin\AppData\Local\F-Secure2014-09-11 22:32 - 2014-09-11 22:32 - 00000000 ____D () C:\Users\Conor\Documents\7 Days To Die2014-09-10 19:43 - 2014-09-10 19:43 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\HpUpdate2014-09-10 18:44 - 2014-09-10 18:44 - 00039222 _____ () C:\Users\Conor\Downloads\720720 UseDiagram.asta2014-09-10 18:31 - 2014-09-10 18:31 - 00318890 _____ () C:\Users\Callum\Documents\Frecnh.odt2014-09-06 12:53 - 2014-09-19 20:52 - 00000000 ____D () C:\Users\Conor\Documents\A2 College HW2014-09-03 21:32 - 2014-09-03 21:32 - 00245624 _____ (Software Installer ) C:\Users\Martin\Downloads\Setup.exe2014-09-03 20:22 - 2014-09-03 20:22 - 00415707 _____ () C:\Users\Martin\Downloads\Fix IE.zip2014-09-03 20:20 - 2014-09-03 20:21 - 00014012 _____ () C:\Users\Martin\Downloads\iefix.zip2014-09-03 20:04 - 2014-09-03 20:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.wu.LB.132333201779340213.1.1.Run.exe2014-09-03 19:50 - 2011-09-22 21:07 - 00105832 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL2014-09-03 19:50 - 2011-09-22 21:06 - 00109416 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll2014-09-03 19:50 - 2011-09-22 17:18 - 00073064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll2014-09-03 19:49 - 2014-09-03 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.02014-09-03 19:40 - 2014-09-03 19:40 - 00985600 _____ () C:\Users\Martin\Downloads\MicrosoftFixit50123 (2).msi2014-09-03 19:36 - 2014-09-03 19:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.19933319997370014.4.1.Run.exe2014-09-03 19:14 - 2014-09-03 19:14 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\Program Files\CPUID2014-09-03 19:13 - 2014-09-03 19:13 - 01500512 _____ ( ) C:\Users\Martin\Downloads\cpu-z_1.70-setup-en.exe2014-08-27 07:28 - 2014-08-27 07:28 - 02041176 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2888049-x64.msu2014-08-27 07:28 - 2014-08-27 07:28 - 01003796 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2834140-v2-x64.msu2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT2014-08-26 21:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-08-26 21:51 - 2014-09-20 20:37 - 00000000 ____D () C:\AdwCleaner2014-08-26 19:52 - 2014-09-20 20:20 - 00000000 ____D () C:\Users\Martin\Documents\pc12014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt2014-08-26 19:44 - 2014-08-26 19:47 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++2014-08-26 19:14 - 2014-09-20 22:46 - 00000000 ____D () C:\FRST2014-08-26 19:12 - 2014-09-20 22:46 - 02105856 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe2014-08-26 11:41 - 2014-09-20 22:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-08-26 11:41 - 2014-08-26 12:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-08-26 11:41 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-08-26 11:41 - 2014-05-12 08:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-08-26 11:41 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F}2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889}2014-08-26 11:05 - 2014-08-26 11:06 - 00000000 ____D () C:\Users\Martin\.nbi2014-08-26 10:44 - 2014-09-19 10:04 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ____D () C:\OneDriveTemp2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8}2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory2014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b2014-08-24 16:14 - 2014-09-20 22:26 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe2014-08-24 15:48 - 2014-09-03 18:53 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate2014-08-24 15:48 - 2014-08-25 16:39 - 00000000 ____D () C:\ProgramData\HP Photo Creations2014-08-24 15:48 - 2014-08-25 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP2014-08-24 15:48 - 2014-08-24 16:14 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk2014-08-24 15:48 - 2014-08-24 16:14 - 00000000 ____D () C:\ProgramData\Visan2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations2014-08-24 15:48 - 2012-10-17 04:31 - 00741480 _____ (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAF11.dll2014-08-24 15:47 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe2014-08-24 15:42 - 2014-08-24 16:16 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP2014-08-24 15:40 - 2014-08-24 15:47 - 00000000 ____D () C:\ProgramData\HP ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-20 22:47 - 2014-09-20 22:46 - 00023501 _____ () C:\Users\Martin\Desktop\FRST.txt2014-09-20 22:46 - 2014-09-20 22:46 - 00000000 ____D () C:\Users\Martin\Desktop\FRST-OlderVersion2014-09-20 22:46 - 2014-08-26 19:14 - 00000000 ____D () C:\FRST2014-09-20 22:46 - 2014-08-26 19:12 - 02105856 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe2014-09-20 22:44 - 2014-03-31 17:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-09-20 22:31 - 2011-04-19 22:16 - 02069582 _____ () C:\Windows\WindowsUpdate.log2014-09-20 22:26 - 2014-08-24 16:14 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job2014-09-20 22:19 - 2011-05-23 19:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-09-20 22:18 - 2014-08-26 11:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-09-20 22:04 - 2013-11-23 13:27 - 00555619 _____ () C:\Windows\IE11_main.log2014-09-20 22:03 - 2014-09-20 22:03 - 00000134 _____ () C:\Users\Martin\Desktop\Internet Explorer Troubleshooting.url2014-09-20 21:53 - 2009-07-14 05:45 - 00022064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-09-20 21:53 - 2009-07-14 05:45 - 00022064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-09-20 21:33 - 2014-05-28 10:07 - 00000000 ____D () C:\Users\Martin\AppData\Local\E0E18595-2AAF-491D-BA98-806CD1D4784E.aplzod2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ___RD () C:\Users\Martin\iCloudDrive2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Apple Inc2014-09-20 21:32 - 2011-04-19 22:16 - 00000000 ____D () C:\Users\Martin2014-09-20 21:17 - 2014-09-20 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-09-20 21:17 - 2014-04-20 15:58 - 00001844 _____ () C:\Users\Public\Desktop\BT NetProtect Plus.lnk2014-09-20 21:16 - 2009-07-14 06:13 - 00880170 _____ () C:\Windows\system32\PerfStringBackup.INI2014-09-20 21:13 - 2011-05-23 19:38 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-09-20 21:13 - 2011-05-09 20:46 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Apple Computer2014-09-20 21:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-09-20 21:11 - 2009-07-14 05:51 - 00186507 _____ () C:\Windows\setupact.log2014-09-20 21:09 - 2014-09-20 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud2014-09-20 21:08 - 2014-09-20 21:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iTunes2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files\iPod2014-09-20 21:08 - 2014-09-20 21:08 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-09-20 20:37 - 2014-08-26 21:51 - 00000000 ____D () C:\AdwCleaner2014-09-20 20:29 - 2010-11-21 04:47 - 02884290 _____ () C:\Windows\PFRO.log2014-09-20 20:23 - 2014-09-20 20:23 - 01373475 _____ () C:\Users\Martin\Downloads\adwcleaner_3.310.exe2014-09-20 20:20 - 2014-08-26 19:52 - 00000000 ____D () C:\Users\Martin\Documents\pc12014-09-20 17:18 - 2013-03-31 14:42 - 00000000 ___RD () C:\Users\Martin\SkyDrive2014-09-20 17:08 - 2014-09-20 17:08 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe2014-09-20 17:02 - 2014-09-20 17:02 - 00002963 _____ () C:\Users\Martin\Desktop\HiJackThis.lnk2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\Desktop\Hijackthis2014-09-20 17:02 - 2014-09-20 17:02 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2014-09-20 16:47 - 2014-09-20 16:47 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns2014-09-20 16:46 - 2014-09-20 16:46 - 00511633 _____ () C:\Users\Martin\Downloads\Autoruns.zip2014-09-20 16:14 - 2014-09-20 16:14 - 00013638 _____ () C:\Users\Callum\Desktop\hijackthis.log2014-09-20 16:13 - 2014-09-20 16:12 - 00013638 _____ () C:\Users\Callum\Downloads\hijackthis.log2014-09-20 16:11 - 2014-09-20 16:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Callum\Downloads\HijackThis.exe2014-09-20 14:19 - 2014-04-20 15:55 - 00000000 ____D () C:\Program Files (x86)\McAfee2014-09-20 14:17 - 2014-09-20 14:17 - 07814408 _____ () C:\Users\Martin\Downloads\saSetup4.exe2014-09-20 13:56 - 2013-09-20 22:02 - 00000000 ____D () C:\Program Files (x86)\Steam2014-09-20 13:12 - 2013-05-27 21:06 - 00551198 _____ () C:\Windows\IE10_main.log2014-09-20 13:11 - 2014-09-20 13:11 - 44335120 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE10-Windows6.1-x64-en-us.exe2014-09-20 12:33 - 2014-06-30 11:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-09-20 12:30 - 2014-09-20 12:30 - 00274672 _____ () C:\Windows\Minidump\092014-20014-01.dmp2014-09-20 12:30 - 2011-04-20 15:32 - 664473650 _____ () C:\Windows\MEMORY.DMP2014-09-20 12:30 - 2011-04-20 15:32 - 00000000 ____D () C:\Windows\Minidump2014-09-20 12:05 - 2014-04-20 15:35 - 00000000 ____D () C:\Program Files\Common Files\McAfee2014-09-20 11:50 - 2014-09-20 11:50 - 00002259 _____ () C:\Users\Conor\Desktop\Google Chrome.lnk2014-09-20 11:50 - 2014-09-20 11:50 - 00000004 _____ () C:\Users\Conor\AppData\Roaming\appdataFr2.bin2014-09-20 11:29 - 2012-11-28 19:19 - 00002259 _____ () C:\Users\Callum\Desktop\Google Chrome.lnk2014-09-20 11:28 - 2011-04-22 07:23 - 00108816 _____ () C:\Users\Callum\AppData\Local\GDIPFONTCACHEV1.DAT2014-09-20 11:27 - 2011-04-23 14:25 - 00000282 __RSH () C:\Users\Callum\ntuser.pol2014-09-20 11:27 - 2011-04-22 07:23 - 00000000 ____D () C:\Users\Callum2014-09-20 11:19 - 2014-09-20 11:19 - 00000004 _____ () C:\Users\Callum\AppData\Roaming\appdataFr2.bin2014-09-20 11:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports2014-09-19 22:23 - 2011-12-04 13:02 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\Skype2014-09-19 21:07 - 2014-09-19 21:07 - 12789816 _____ () C:\Users\Conor\Downloads\Warriors-MP3.zip2014-09-19 20:52 - 2014-09-06 12:53 - 00000000 ____D () C:\Users\Conor\Documents\A2 College HW2014-09-19 11:41 - 2014-09-19 11:41 - 00002259 _____ () C:\Users\Martin\Desktop\Google Chrome.lnk2014-09-19 10:04 - 2014-08-26 10:44 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin2014-09-19 09:38 - 2014-09-19 09:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Desktop\MicrosoftFixit.IEPerformance.FISC.24833454657388370.1.1.Run.exe2014-09-19 09:34 - 2014-09-19 09:34 - 00985600 _____ () C:\Users\Martin\Desktop\MicrosoftFixit50123.msi2014-09-18 20:51 - 2011-04-22 07:21 - 00108816 _____ () C:\Users\Conor\AppData\Local\GDIPFONTCACHEV1.DAT2014-09-18 18:21 - 2011-04-20 01:31 - 00108816 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT2014-09-18 18:20 - 2009-07-14 05:45 - 00415968 _____ () C:\Windows\system32\FNTCACHE.DAT2014-09-18 18:14 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini2014-09-18 17:40 - 2014-09-18 17:40 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FAMILY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat2014-09-18 17:39 - 2014-09-18 17:39 - 00000000 ____D () C:\RegBackup2014-09-18 17:26 - 2013-05-13 20:01 - 00000000 ____D () C:\Windows\pss2014-09-17 18:52 - 2014-09-12 19:03 - 00000000 ____D () C:\Users\Conor\Documents\Visual Studio 20102014-09-16 19:15 - 2011-07-23 16:12 - 00000000 ____D () C:\Users\Conor\AppData\Local\CrashDumps2014-09-15 19:26 - 2014-09-15 19:26 - 00002334 _____ () C:\Users\Callum\Downloads\WCS (1).RDP2014-09-15 19:25 - 2014-09-15 19:25 - 00002334 _____ () C:\Users\Callum\Downloads\WCS.RDP2014-09-14 20:13 - 2014-09-14 20:12 - 00004871 _____ () C:\Users\Callum\Documents\What it was like to live in Mississippi in the 1930.odt2014-09-14 16:45 - 2014-09-14 16:45 - 00023070 _____ () C:\Users\Callum\Documents\Profile of Emmeline Pankhurst and Millicent Fawcett.odt2014-09-14 15:27 - 2014-09-14 15:27 - 00002163 _____ () C:\Users\Martin\Desktop\Tweaking.com - Windows Repair (All in One).lnk2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com2014-09-14 15:27 - 2014-09-14 15:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com2014-09-14 15:25 - 2014-09-14 15:25 - 09526552 _____ () C:\Users\Martin\Desktop\tweaking.com_windows_repair_aio_setup.exe2014-09-14 14:28 - 2014-09-14 14:28 - 00000000 ____D () C:\Windows\CheckSur2014-09-14 14:28 - 2014-09-14 14:25 - 551293744 _____ () C:\Users\Martin\Desktop\Windows6.1-KB947821-v33-x64.msuSurtool.msu2014-09-14 13:05 - 2012-10-02 14:14 - 00000000 ____D () C:\ProgramData\Origin2014-09-14 13:04 - 2014-09-14 13:04 - 00005461 _____ () C:\AdwCleaner[s1].txt2014-09-14 13:03 - 2012-10-02 14:14 - 00000000 ____D () C:\Program Files (x86)\Origin2014-09-14 12:58 - 2014-09-14 12:58 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310 (1).exe2014-09-14 12:58 - 2014-09-14 12:57 - 01373475 _____ () C:\Users\Julie\Downloads\adwcleaner_3.310.exe2014-09-14 12:48 - 2014-09-14 12:48 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67 (1).exe2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Windows\Sun2014-09-14 12:38 - 2014-09-14 12:38 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\Oracle2014-09-14 12:37 - 2014-06-05 15:46 - 00000000 ____D () C:\ProgramData\Oracle2014-09-14 12:36 - 2014-09-14 12:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-09-14 12:36 - 2014-09-14 12:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-09-14 12:36 - 2014-09-14 12:36 - 00000000 ____D () C:\Program Files (x86)\Java2014-09-14 12:34 - 2014-09-14 12:34 - 00918440 _____ (Oracle Corporation) C:\Users\Julie\Downloads\chromeinstall-7u67.exe2014-09-13 16:19 - 2014-07-01 20:10 - 00153786 _____ () C:\Users\Callum\Documents\The Rock Cycle.odt2014-09-13 14:00 - 2014-05-28 10:07 - 00000000 ____D () C:\Users\Martin\Documents\Outlook Files2014-09-13 13:53 - 2011-04-21 17:37 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-09-13 13:52 - 2014-09-12 09:15 - 00001343 _____ () C:\Users\Martin\Desktop\BT Cloud.lnk2014-09-13 10:22 - 2014-09-13 10:22 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-09-13 10:20 - 2014-09-13 14:07 - 03326176 _____ (Microsoft Corporation) C:\Users\Martin\Documents\OutlookConnector.exe2014-09-12 09:18 - 2013-10-27 15:07 - 00000000 ____D () C:\Users\Martin\Documents\TomTom2014-09-12 09:18 - 2012-11-20 18:59 - 00000000 ____D () C:\Users\Martin\Documents\Visual Studio 20122014-09-12 09:18 - 2012-08-03 11:30 - 00000000 ____D () C:\Users\Martin\Documents\Electronic Arts2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Cloud2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\F-Secure2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\F-Secure2014-09-12 09:14 - 2014-09-12 09:14 - 29128240 _____ (F-Secure Corporation) C:\Users\Martin\Desktop\BTCloudWindows.exe2014-09-12 09:14 - 2014-09-12 09:14 - 00000000 ____D () C:\Users\Martin\AppData\Local\F-Secure2014-09-11 22:32 - 2014-09-11 22:32 - 00000000 ____D () C:\Users\Conor\Documents\7 Days To Die2014-09-10 23:38 - 2012-11-20 10:22 - 00864036 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-09-10 23:28 - 2013-08-16 14:27 - 00000000 ____D () C:\Windows\system32\MRT2014-09-10 23:28 - 2011-04-21 21:18 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-09-10 19:43 - 2014-09-10 19:43 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\HpUpdate2014-09-10 18:44 - 2014-09-10 18:44 - 00039222 _____ () C:\Users\Conor\Downloads\720720 UseDiagram.asta2014-09-10 18:31 - 2014-09-10 18:31 - 00318890 _____ () C:\Users\Callum\Documents\Frecnh.odt2014-09-10 11:25 - 2011-04-26 10:57 - 00000008 __RSH () C:\Users\Julie\ntuser.pol2014-09-10 11:25 - 2011-04-22 07:18 - 00000000 ____D () C:\Users\Julie2014-09-09 21:44 - 2014-03-31 17:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-09-09 20:44 - 2012-04-09 11:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-09-09 20:44 - 2012-01-28 13:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-09-09 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas2014-09-06 12:50 - 2011-04-22 12:53 - 00000008 __RSH () C:\Users\Conor\ntuser.pol2014-09-06 12:50 - 2011-04-22 07:21 - 00000000 ____D () C:\Users\Conor2014-09-06 12:49 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media2014-09-05 08:55 - 2011-06-07 19:43 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps2014-09-03 21:59 - 2014-03-16 14:32 - 00000008 __RSH () C:\ProgramData\ntuser.pol2014-09-03 21:59 - 2011-04-23 03:38 - 00000008 __RSH () C:\Users\Martin\ntuser.pol2014-09-03 21:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy2014-09-03 21:50 - 2011-04-21 17:47 - 00000000 ____D () C:\Users\Martin\Downloads\Security Info2014-09-03 21:32 - 2014-09-03 21:32 - 00245624 _____ (Software Installer ) C:\Users\Martin\Downloads\Setup.exe2014-09-03 20:47 - 2013-06-25 23:14 - 00006656 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-09-03 20:22 - 2014-09-03 20:22 - 00415707 _____ () C:\Users\Martin\Downloads\Fix IE.zip2014-09-03 20:21 - 2014-09-03 20:20 - 00014012 _____ () C:\Users\Martin\Downloads\iefix.zip2014-09-03 20:13 - 2011-04-21 16:43 - 00659282 _____ () C:\Windows\IE9_main.log2014-09-03 20:04 - 2014-09-03 20:04 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.wu.LB.132333201779340213.1.1.Run.exe2014-09-03 19:59 - 2012-11-20 10:31 - 00000000 ____D () C:\Program Files\Microsoft SQL Server2014-09-03 19:59 - 2012-11-20 10:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server2014-09-03 19:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas2014-09-03 19:49 - 2014-09-03 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.02014-09-03 19:49 - 2014-07-23 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 20082014-09-03 19:40 - 2014-09-03 19:40 - 00985600 _____ () C:\Users\Martin\Downloads\MicrosoftFixit50123 (2).msi2014-09-03 19:36 - 2014-09-03 19:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.19933319997370014.4.1.Run.exe2014-09-03 19:20 - 2011-04-19 22:23 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information2014-09-03 19:16 - 2011-06-25 18:03 - 00000000 ____D () C:\Users\Martin\AppData\Local\Unity2014-09-03 19:14 - 2014-09-03 19:14 - 00000869 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID2014-09-03 19:14 - 2014-09-03 19:14 - 00000000 ____D () C:\Program Files\CPUID2014-09-03 19:13 - 2014-09-03 19:13 - 01500512 _____ ( ) C:\Users\Martin\Downloads\cpu-z_1.70-setup-en.exe2014-09-03 18:53 - 2014-08-24 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate2014-08-27 07:28 - 2014-08-27 07:28 - 02041176 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2888049-x64.msu2014-08-27 07:28 - 2014-08-27 07:28 - 01003796 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2834140-v2-x64.msu2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT2014-08-26 22:07 - 2013-07-08 13:30 - 00000000 ____D () C:\Users\Conor\AppData\Local\CRE2014-08-26 21:46 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt2014-08-26 19:47 - 2014-08-26 19:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++2014-08-26 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat2014-08-26 12:43 - 2014-08-26 11:41 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe2014-08-26 11:10 - 2011-04-21 16:52 - 00000000 ____D () C:\ProgramData\Norton2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F}2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889}2014-08-26 11:06 - 2014-08-26 11:05 - 00000000 ____D () C:\Users\Martin\.nbi2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ____D () C:\OneDriveTemp2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan2014-08-25 16:39 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\HP Photo Creations2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard2014-08-25 16:38 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8}2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory2014-08-25 15:25 - 2014-07-23 10:26 - 00000000 ____D () C:\Users\Martin\Documents\Visual Studio 20102014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b2014-08-24 16:16 - 2014-08-24 15:42 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator2014-08-24 16:14 - 2014-08-24 15:48 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk2014-08-24 16:14 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Visan2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations2014-08-24 15:48 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files (x86)\HP2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP2014-08-24 15:47 - 2014-08-24 15:40 - 00000000 ____D () C:\ProgramData\HP2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe2014-08-24 15:18 - 2014-04-20 15:49 - 00002182 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk Some content of TEMP:====================C:\Users\Conor\AppData\Local\Temp\SkypeSetup.exeC:\Users\Julie\AppData\Local\Temp\Quarantine.exeC:\Users\Martin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-18 19:05 ==================== End Of Log ============================Addition.txt
  10. Hi Adam I agree with you that I should continue with the computer Tech guy, I appreciate the help you have provided so far and it has been a good experience for a first time user on this forum. Thank You Martin
  11. Hi Adam. PC is now operable again and I am running through your instructions. JRT Removal tool still not operating Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02 Ran by Martin at 2014-09-03 21:52:59 Run:1 Running from C:\Users\Martin\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** start () C:\Program Files (x86)\wrapper_inst\file_to_run.exe HKLM-x32\...\Run: [] => [X] HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [] => [X] HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [VoiceMaster] => [X] HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: D - D:\Launch.exe HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: {cc559e94-5585-11e1-9a14-1c6f65c60541} - H:\LaunchU3.exe -a GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-2497641722-1424367119-3422776657-1005\User: Group Policy restriction detected <======= ATTENTION SearchScopes: HKLM - {B0C31C54-4775-48C9-9045-7D46E172A44B} URL = SearchScopes: HKLM-x32 - {9EC485FA-C11E-474E-8E6F-DD5C55EFC99C} URL = Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 pcregservice; C:\Program Files (x86)\wrapper_inst\file_to_run.exe [31344 2013-09-20] () C:\Program Files (x86)\wrapper_inst\ 2014-08-26 13:45 - 2013-09-20 22:03 - 00000000 ____D () C:\Program Files\wrapper_inst 2014-08-25 16:49 - 2014-08-25 16:49 - 01296096 _____ (VideoPerformer) C:\Users\Martin\Downloads\VideoPerformerSetup.exe Task: {3B642E53-27B9-4B28-8287-4503C5BBB5A3} - \pricemeterwatcher No Task File <==== ATTENTION Task: {2627A67C-55B4-400B-9F0D-EA04FA709680} - System32\Tasks\pcreg => C:\Program Files\wrapper_inst\service.exe Task: {F0ED12D6-CE9C-4527-A7FF-B7114287EC95} - \BackgroundContainer Startup Task No Task File <==== ATTENTION Task: {FB9FC6E2-FE96-49C6-A5FB-8828D8557930} - \pricemetertask No Task File <==== ATTENTION Task: {038140A9-D0DA-4B00-B3EB-C6B53B7BD2C0} - System32\Tasks\IHUninstallTrackingTASK => CMD 2014-07-27 20:57 - 2014-07-27 20:57 - 00056375 _____ () C:\Users\Callum\Downloads\EuroTruckSimulator2_1_10_1_setup.exe.torrent 2014-07-27 20:47 - 2014-07-27 20:47 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (7).exe 2014-07-27 20:43 - 2014-07-27 20:43 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (6).exe 2014-07-27 20:42 - 2014-07-27 20:42 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (5).exe 2014-07-27 20:38 - 2014-07-27 20:38 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (4).exe Folder: C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} Folder: C:\Users\Martin\.nbi Folder: C:\ProgramData\ShoppingDealFactory Folder: C:\ProgramData\ffd8e8a8a13f665b CMD: ipconfig /flushdns CMD: netsh winsock reset all CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset CMD: bitsadmin /reset /allusers EmptyTemp: end ***************** [3024] C:\Program Files (x86)\wrapper_inst\file_to_run.exe => Process closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found. HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\Software\Microsoft\Windows\CurrentVersion\Run\\VoiceMaster => value deleted successfully. "HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2497641722-1424367119-3422776657-1000" => Key not found. "HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc559e94-5585-11e1-9a14-1c6f65c60541}" => Key deleted successfully. "HKCR\CLSID\{cc559e94-5585-11e1-9a14-1c6f65c60541}" => Key not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2497641722-1424367119-3422776657-1005\User => Moved successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0C31C54-4775-48C9-9045-7D46E172A44B}" => Key deleted successfully. "HKCR\CLSID\{B0C31C54-4775-48C9-9045-7D46E172A44B}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9EC485FA-C11E-474E-8E6F-DD5C55EFC99C}" => Key not found. "HKCR\Wow6432Node\CLSID\{9EC485FA-C11E-474E-8E6F-DD5C55EFC99C}" => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} => value deleted successfully. "HKCR\Wow6432Node\CLSID\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}" => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. pcregservice => Service deleted successfully. C:\Program Files (x86)\wrapper_inst => Moved successfully. C:\Program Files\wrapper_inst => Moved successfully. "C:\Users\Martin\Downloads\VideoPerformerSetup.exe" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B642E53-27B9-4B28-8287-4503C5BBB5A3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B642E53-27B9-4B28-8287-4503C5BBB5A3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pricemeterwatcher" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2627A67C-55B4-400B-9F0D-EA04FA709680}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2627A67C-55B4-400B-9F0D-EA04FA709680}" => Key deleted successfully. C:\Windows\System32\Tasks\pcreg => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0ED12D6-CE9C-4527-A7FF-B7114287EC95}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0ED12D6-CE9C-4527-A7FF-B7114287EC95}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB9FC6E2-FE96-49C6-A5FB-8828D8557930}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB9FC6E2-FE96-49C6-A5FB-8828D8557930}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pricemetertask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{038140A9-D0DA-4B00-B3EB-C6B53B7BD2C0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{038140A9-D0DA-4B00-B3EB-C6B53B7BD2C0}" => Key deleted successfully. C:\Windows\System32\Tasks\IHUninstallTrackingTASK => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK" => Key deleted successfully. C:\Users\Callum\Downloads\EuroTruckSimulator2_1_10_1_setup.exe.torrent => Moved successfully. C:\Users\Callum\Downloads\Euro Truck Simulator 2 (7).exe => Moved successfully. C:\Users\Callum\Downloads\Euro Truck Simulator 2 (6).exe => Moved successfully. C:\Users\Callum\Downloads\Euro Truck Simulator 2 (5).exe => Moved successfully. C:\Users\Callum\Downloads\Euro Truck Simulator 2 (4).exe => Moved successfully. ========================= Folder: C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} ======================== ====== End of Folder: ====== ========================= Folder: C:\Users\Martin\.nbi ======================== 2014-08-26 11:05 - 2014-08-26 11:05 - 0002371 _____ () C:\Users\Martin\.nbi\registry.xml 2014-08-26 11:05 - 2014-08-26 11:05 - 0000000 ____D () C:\Users\Martin\.nbi\downloads 2014-08-26 11:05 - 2014-08-26 11:06 - 0000000 ____D () C:\Users\Martin\.nbi\log 2014-08-26 11:05 - 2014-08-26 11:05 - 0021938 _____ () C:\Users\Martin\.nbi\log\20140826110520.log 2014-08-26 11:06 - 2014-08-26 11:06 - 0019654 _____ () C:\Users\Martin\.nbi\log\20140826110612.log 2014-08-26 11:05 - 2014-08-26 11:05 - 0000000 ____D () C:\Users\Martin\.nbi\product-cache 2014-08-26 11:05 - 2014-08-26 11:05 - 0000000 ____D () C:\Users\Martin\.nbi\wd ====== End of Folder: ====== ========================= Folder: C:\ProgramData\ShoppingDealFactory ======================== 2014-08-25 15:46 - 2014-08-25 15:46 - 0381799 _____ (Igor Pavlov) C:\ProgramData\ShoppingDealFactory\ShoppingDealFactory.exe ====== End of Folder: ====== ========================= Folder: C:\ProgramData\ffd8e8a8a13f665b ======================== 2014-08-25 09:47 - 2014-08-25 09:47 - 0000494 _____ () C:\ProgramData\ffd8e8a8a13f665b\c6fe71eb0df19321edd27c3d4f44f9c9.ini ====== End of Folder: ====== ========= ipconfig /flushdns ========= 'ipconfig' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ========= netsh winsock reset all ========= 'netsh' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ========= netsh int ipv4 reset ========= 'netsh' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= 'netsh' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= 'bitsadmin' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= EmptyTemp: => Removed 16.1 GB temporary data. The system needed a reboot. ==== End of Fixlog ==== These Files are not being found for Virustotal.com to scan, I am searching in local disc C: C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F} C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} Result of System look C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} The man who got my PC up and running again did so very quickly but I did mention I lost use of PC because I wanted to Download IE11 as PC is on IE9. Note: by entering the bios menu, I messed up PC, not the downloading of IE11. It is proving difficult to download with windows update along with 3 other files windows update is showing. Thought I would mention this, the computer guy has left to do a bit more research. I realise this is a seperate issue to the one your helping me with. Regards Martin.
  12. Hi Adam, I should be up and running by Thursday, thanks for not forgetting me Regards Martin
  13. Hi Adam, I did send an email reply to your last post explaining I now have a more serious problem with my PC totally unrelated to the help you have been providing. I am posting here to make doubly sure you have that information. My PC may not be operable till next Tuesday, as someone has to visit to repair. Currently my PC is showing a black screen saying" missing operating system" after I entered the Bios Menu. If I am able to use my desktop, I will post again on Tuesday. Regards Martin
  14. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014 Ran by Martin at 2014-08-26 23:03:18 Running from C:\Users\Martin\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.) AMD APP SDK Runtime (Version: 2.4.595.9 - Advanced Micro Devices Inc.) Hidden AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden Amnesia: The Dark Descent Demo (HKLM-x32\...\Steam App 57310) (Version: - Frictional Games) Ancient Wars - Sparta (HKLM-x32\...\{554532CE-43E2-4B4F-BBDE-27742A32C236}) (Version: 1.00.0000 - PlayLogic) Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{47B188E2-2447-5C40-15B6-9D49DC90BF5B}) (Version: 3.0.816.0 - ATI Technologies, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BT NetProtect Plus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.) BUFFALO Backup Utility (HKLM-x32\...\UN091222) (Version: - ) BUFFALO BuffaloTools Launcher (HKLM-x32\...\UN091201) (Version: - ) BUFFALO TurboCopy (HKLM-x32\...\UN091114) (Version: - ) BUFFALO TurboPC for FLASH/HDD (HKLM-x32\...\UN091111) (Version: - ) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center (x32 Version: 2011.0308.2325.42017 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0308.2325.42017 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0308.2325.42017 - ATI Technologies, Inc.) Hidden CCC Help English (x32 Version: 2011.0308.2324.42017 - ATI) Hidden ccc-utility64 (Version: 2011.0308.2325.42017 - ATI) Hidden CDDRV_Installer (Version: 4.60 - Logitech) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts) EA SPORTS Gameface Browser Plugin 1.3.1.0 (HKCU\...\EA SPORTS Gameface Browser Plugin) (Version: 1.3.1.0 - Electronic Arts) Easy Tune 6 B10.1216.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B10.1216.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC) FLV Player (remove only) (HKLM-x32\...\FLVM Player) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Greenfoot (HKLM-x32\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.2.1 - Greenfoot Team) Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP) HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.) Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle) Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle) Java SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Jurassic Park Operation Genesis (HKLM-x32\...\InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D}) (Version: 1.00.0000 - Universal Interactive) Jurassic Park Operation Genesis (x32 Version: 1.00.0000 - Universal Interactive) Hidden KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (Version: - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetBeans IDE 7.2.1 (HKLM\...\nbi-nb-base-7.2.1.0.201210100934) (Version: 7.2.1 - NetBeans.org) Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia) Nokia Ovi Suite (HKLM-x32\...\Nokia Ovi Suite) (Version: 3.1.0.91 - Nokia) Nokia Ovi Suite (x32 Version: 3.1.0.91 - Nokia) Hidden Nokia Ovi Suite Software Updater (HKLM-x32\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - ) Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2142 - Electronic Arts, Inc.) Ovi Desktop Sync Engine (x32 Version: 1.5.257.0 - Nokia) Hidden OviMPlatform (x32 Version: 2.7.66.0 - Nokia) Hidden PC Connectivity Solution (HKLM-x32\...\{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}) (Version: 11.4.16.0 - Nokia) PowerLine Utility (HKLM-x32\...\{BA6144AE-88CE-4DAF-A185-CA416470A873}) (Version: 1.1.413 - TP-LINK) Praetorians (HKLM-x32\...\{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}) (Version: - Pyro Studios) Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - ) Rapport (Version: 3.5.1201.94 - Trusteer) Hidden Rapport (x32 Version: 3.5.1307.93 - Trusteer) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds) RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - ) Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts) The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version: - Galactic Cafe) TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.93 - Trusteer) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 1.6.2_8001 - Over The Edge I/S) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{3786efc1-59ff-4908-8cd6-dc85ec87209e}) (Version: 11.0.50727 - Microsoft Corporation) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation) Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden ZoneAlarm Security Toolbar on IE and Chrome (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version: 1.8.11.11 - Check Point Software Technologies LTD) Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - ) Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2497641722-1424367119-3422776657-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2497641722-1424367119-3422776657-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2497641722-1424367119-3422776657-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2497641722-1424367119-3422776657-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2497641722-1424367119-3422776657-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 31-07-2014 09:12:49 Windows Update 02-08-2014 10:35:53 Windows Update 02-08-2014 17:00:12 Windows Update 02-08-2014 17:24:33 Windows Update 08-08-2014 21:44:13 Windows Update 24-08-2014 14:19:33 Windows Update 24-08-2014 16:20:27 Windows Update 25-08-2014 09:03:33 Windows Update 25-08-2014 10:05:42 Windows Update 25-08-2014 16:56:37 Windows Update 26-08-2014 09:17:44 Windows Update 26-08-2014 13:53:15 Windows Update 26-08-2014 17:00:13 Windows Update 26-08-2014 20:04:16 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-06-05 16:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {038140A9-D0DA-4B00-B3EB-C6B53B7BD2C0} - System32\Tasks\IHUninstallTrackingTASK => CMD Task: {1240C259-B680-42A7-ABAD-3C82C18DCBEA} - System32\Tasks\{8CBFE665-BB65-4FFA-820F-1786D07D1DA5} => D:\SetupUbi.exe Task: {2627A67C-55B4-400B-9F0D-EA04FA709680} - System32\Tasks\pcreg => C:\Program Files\wrapper_inst\service.exe Task: {3B642E53-27B9-4B28-8287-4503C5BBB5A3} - \pricemeterwatcher No Task File <==== ATTENTION Task: {3CE2C992-4278-41FD-8FEE-FA9BBAAD780A} - System32\Tasks\{F7483298-0107-425C-AA9A-A752E07400B4} => D:\setup.exe Task: {472AB3EA-AC34-4A20-8DA5-4661EB1EA2EF} - System32\Tasks\{627E9B71-F2F8-4EB0-B2F4-DA349569E278} => D:\setup.exe Task: {49F87D99-69C8-43DE-882C-18FCF1843A1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23] (Google Inc.) Task: {58ACD185-8343-4278-A31C-ABB2AA1F475A} - System32\Tasks\{E6FE8B9D-EA00-4F8E-A6CC-06291CDF8D95} => D:\setup.exe Task: {5E99D35E-D6BC-482C-8E93-96C6CBE8B934} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {7052C5CD-B25C-4CC3-B476-4E8E518CD409} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-26] (Adobe Systems Incorporated) Task: {7E1B0FA7-D644-4204-A41A-07E80C4CF3E6} - System32\Tasks\{2A04A191-4FB4-45BB-AB72-FE83FB190005} => D:\Launch.exe Task: {86A7CA1F-90D5-4034-8A5E-8415EE7E8EA9} - System32\Tasks\{3B0A6952-CAB2-4356-8D8D-019C5FB3A364} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.) Task: {953E9572-5E64-4AD1-B662-26245D158954} - System32\Tasks\{D608A33C-8691-4F96-972C-D6CAA445B8E9} => D:\setup.exe Task: {98D20B38-81B3-423E-81F7-9617625A3872} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-23] (Google Inc.) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe Task: {C7073DA4-BED3-48B8-9C7B-B6A55663FBCA} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] () Task: {D1F5D817-2068-4A04-ACF1-A3C2801C0065} - System32\Tasks\{6D38E227-9A08-45B5-88BF-242EE930BFC1} => D:\Launch.exe Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe Task: {F0ED12D6-CE9C-4527-A7FF-B7114287EC95} - \BackgroundContainer Startup Task No Task File <==== ATTENTION Task: {F9FCB2E4-2E21-4BD0-BDBB-17CF3CB0F5C8} - System32\Tasks\{84E654FC-DFEE-48F2-A5D3-F27C36FFF419} => D:\Launch.exe Task: {FB9FC6E2-FE96-49C6-A5FB-8828D8557930} - \pricemetertask No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Loaded Modules (whitelisted) ============= 2011-02-09 01:56 - 2011-02-09 01:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll 2013-09-20 22:03 - 2013-09-20 22:03 - 00031344 _____ () C:\Program Files (x86)\wrapper_inst\file_to_run.exe 2012-01-19 22:33 - 2014-06-30 12:53 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll 2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2012-11-18 13:03 - 2012-11-18 13:03 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0ee312cdae6a18e040f873e6419f3db4\IsdiInterop.ni.dll 2011-04-19 22:24 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-08-24 15:29 - 2014-08-07 04:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll 2014-08-24 15:29 - 2014-08-07 04:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll 2014-08-24 15:29 - 2014-08-07 04:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-24 15:29 - 2014-08-07 04:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-24 15:29 - 2014-08-07 04:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: RapportMgmtService => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TomTomHOMEService => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Backup Utility TaskTray Tool => "C:\Program Files (x86)\BUFFALO\Backup_Utility\BUTray.exe" MSCONFIG\startupreg: BuffaloTools => C:\Program Files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/26/2014 10:11:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 09:47:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 06:31:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 05:42:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. . Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary SPPD. System Error: The system cannot find the file specified. . Error: (08/26/2014 01:46:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532 Faulting module name: QtCore4.dll, version: 4.8.4.0, time stamp: 0x51352df8 Exception code: 0xc0000005 Fault offset: 0x0010ebb3 Faulting process id: 0x1c08 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (08/26/2014 00:28:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 196c Start Time: 01cfc12046aae54c Termination Time: 0 Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Report Id: 181449cf-2d14-11e4-8cd4-1c6f65c60541 System errors: ============= Error: (08/26/2014 10:07:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (08/26/2014 10:07:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (08/26/2014 10:07:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (08/26/2014 10:07:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (08/26/2014 10:07:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (08/26/2014 10:07:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/26/2014 10:05:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (08/26/2014 10:05:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (08/26/2014 10:05:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (08/26/2014 10:05:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= Error: (08/26/2014 10:11:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 09:47:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 06:31:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 05:42:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed System Error: The system cannot find the file specified. Error: (08/26/2014 02:53:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary SPPD. System Error: The system cannot find the file specified. Error: (08/26/2014 01:46:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbam.exe1.0.0.53253518532QtCore4.dll4.8.4.051352df8c00000050010ebb31c0801cfc122fedc3790C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\QtCore4.dll0066ea90-2d1f-11e4-8cd4-1c6f65c60541 Error: (08/26/2014 00:28:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: mbam.exe1.0.0.532196c01cfc12046aae54c0C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe181449cf-2d14-11e4-8cd4-1c6f65c60541 ==================== Memory info =========================== Processor: Intel® Core i5-2500K CPU @ 3.30GHz Percentage of memory in use: 52% Total physical RAM: 4079.39 MB Available physical RAM: 1939.77 MB Total Pagefile: 8156.96 MB Available Pagefile: 5490.85 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.42 GB) (Free:749.12 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F4D986DD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  15. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014 Ran by Martin (administrator) on FAMILY-PC on 26-08-2014 22:54:08 Running from C:\Users\Martin\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\zune\ZuneLauncher.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Microsoft Corporation) C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe () C:\Program Files (x86)\wrapper_inst\file_to_run.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Zune Launcher] => C:\zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2 HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [] => [X] HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [VoiceMaster] => [X] HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [Driver Restore] => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe /applicationMode:systemTray /showWelcome:false HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [skyDrive] => C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-24] (Microsoft Corporation) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Run: [HP Photosmart 6520 series (NET)] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: D - D:\Launch.exe HKU\S-1-5-21-2497641722-1424367119-3422776657-1000\...\MountPoints2: {cc559e94-5585-11e1-9a14-1c6f65c60541} - H:\LaunchU3.exe -a GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-2497641722-1424367119-3422776657-1005\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC81038EBBF0ACF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {B0C31C54-4775-48C9-9045-7D46E172A44B} URL = SearchScopes: HKLM-x32 - {9EC485FA-C11E-474E-8E6F-DD5C55EFC99C} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @otee.dk/UnityWebPlayer -> C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll (OverTheEdge I/S) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Martin\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05] FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2014-08-26] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-04-20] FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05] Chrome: ======= CHR HomePage: Default -> CHR StartupUrls: Default -> "https://www.google.co.uk/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-09] CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-09] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27] CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-20] CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-20] CHR Extension: (Hush private bookmarking) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmoaenjknbdehbiaeeijcppnljflkff [2014-08-25] CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13] CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM-x32\...\Chrome\Extension: [oedoknoijoakeplhlghdcggkclkbmaje] - C:\Users\Callum\AppData\Local\PriceMeter Express\PriceMeterExpress.crx [2014-06-28] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BFBackupUtilityService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe [320888 2010-04-28] (BUFFALO INC.) R2 BFBackupUtilityVSSService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe [359288 2010-04-28] (BUFFALO INC.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation) R2 pcregservice; C:\Program Files (x86)\wrapper_inst\file_to_run.exe [31344 2013-09-20] () R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1886488 2014-06-23] (Trusteer Ltd.) S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed] S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S3 WMZuneComm; C:\zune\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation) S3 ZuneNetworkSvc; C:\zune\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation) S3 ZuneWlanCfgSvc; C:\zune\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation) R3 WinHttpAutoProxySvc; winhttp.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 bftpdskc64; C:\Windows\System32\drivers\bftpdskc64.sys [67712 2010-01-12] (BUFFALO INC.) S3 bftpusbx64; C:\Windows\System32\drivers\bftpusbx64.sys [20608 2010-01-18] (BUFFALO INC.) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-09-13] () S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R1 RapportCerberus_69108; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69108.sys [631128 2014-06-30] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [299736 2014-06-23] (Trusteer Ltd.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [358616 2014-06-23] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [414296 2014-06-23] (Trusteer Ltd.) S3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X] S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X] S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X] S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X] S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X] S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-26 22:35 - 2014-08-26 22:35 - 01016261 _____ (Thisisu) C:\Users\Martin\Downloads\JRT (1).exe 2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT 2014-08-26 22:15 - 2014-08-26 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-08-26 21:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-08-26 21:51 - 2014-08-26 22:07 - 00000000 ____D () C:\AdwCleaner 2014-08-26 21:49 - 2014-08-26 21:51 - 01364531 _____ () C:\Users\Martin\Downloads\AdwCleaner.exe 2014-08-26 20:29 - 2014-08-26 20:29 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns 2014-08-26 20:28 - 2014-08-26 20:28 - 00511306 _____ () C:\Users\Martin\Downloads\Autoruns.zip 2014-08-26 19:52 - 2014-08-26 22:14 - 00000000 ____D () C:\Users\Martin\Documents\pc1 2014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt 2014-08-26 19:44 - 2014-08-26 19:47 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++ 2014-08-26 19:16 - 2014-08-26 19:16 - 00057052 _____ () C:\Users\Martin\Downloads\Addition.txt 2014-08-26 19:15 - 2014-08-26 22:54 - 00026584 _____ () C:\Users\Martin\Downloads\FRST.txt 2014-08-26 19:14 - 2014-08-26 22:54 - 00000000 ____D () C:\FRST 2014-08-26 19:12 - 2014-08-26 19:14 - 02103296 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe 2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe 2014-08-26 11:41 - 2014-08-26 22:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-26 11:41 - 2014-08-26 12:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-26 11:41 - 2014-08-26 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-26 11:41 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-26 11:41 - 2014-05-12 08:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-26 11:41 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F} 2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} 2014-08-26 11:05 - 2014-08-26 11:06 - 00000000 ____D () C:\Users\Martin\.nbi 2014-08-26 10:44 - 2014-08-26 10:44 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin 2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ___HD () C:\OneDriveTemp 2014-08-25 16:49 - 2014-08-25 16:49 - 01296096 _____ (VideoPerformer) C:\Users\Martin\Downloads\VideoPerformerSetup.exe 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan 2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe 2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard 2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} 2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory 2014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b 2014-08-24 16:14 - 2014-08-26 22:26 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator 2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe 2014-08-24 15:48 - 2014-08-25 16:39 - 00000000 ____D () C:\ProgramData\HP Photo Creations 2014-08-24 15:48 - 2014-08-25 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-24 15:48 - 2014-08-24 16:14 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk 2014-08-24 15:48 - 2014-08-24 16:14 - 00000000 ____D () C:\ProgramData\Visan 2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations 2014-08-24 15:48 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAF11.dll 2014-08-24 15:47 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP 2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini 2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP 2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe 2014-08-24 15:42 - 2014-08-24 16:16 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP 2014-08-24 15:40 - 2014-08-24 15:47 - 00000000 ____D () C:\ProgramData\HP 2014-07-29 15:33 - 2014-07-29 16:12 - 00000000 ____D () C:\Users\Callum\Documents\Flight Simulator Files 2014-07-28 19:18 - 2014-07-28 19:18 - 06580602 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2731771-x64 (3).msu 2014-07-28 19:18 - 2014-07-28 19:18 - 04904874 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2731771-x86.msu 2014-07-28 19:14 - 2014-07-28 19:15 - 55915216 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE11-Windows6.1-x64-en-us.exe 2014-07-28 18:22 - 2014-07-28 18:22 - 01005568 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\dotNetFx45_Full_setup.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-07-28 10:26 - 2014-07-28 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-28 10:23 - 2014-07-28 10:23 - 31012264 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u65-windows-x64.exe 2014-07-28 10:23 - 2014-07-28 10:23 - 31012264 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u65-windows-x64 (1).exe 2014-07-28 10:14 - 2014-07-28 10:14 - 00000000 ____D () C:\ProgramData\VS 2014-07-27 20:57 - 2014-07-27 20:57 - 00056375 _____ () C:\Users\Callum\Downloads\EuroTruckSimulator2_1_10_1_setup.exe.torrent 2014-07-27 20:47 - 2014-07-27 20:47 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (7).exe 2014-07-27 20:43 - 2014-07-27 20:43 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (6).exe 2014-07-27 20:42 - 2014-07-27 20:42 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (5).exe 2014-07-27 20:38 - 2014-07-27 20:38 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (4).exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-26 22:54 - 2014-08-26 19:15 - 00026584 _____ () C:\Users\Martin\Downloads\FRST.txt 2014-08-26 22:54 - 2014-08-26 19:14 - 00000000 ____D () C:\FRST 2014-08-26 22:44 - 2014-08-26 11:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-26 22:44 - 2014-03-31 17:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-26 22:35 - 2014-08-26 22:35 - 01016261 _____ (Thisisu) C:\Users\Martin\Downloads\JRT (1).exe 2014-08-26 22:26 - 2014-08-24 16:14 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-08-26 22:19 - 2011-05-23 19:38 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Windows\ERUNT 2014-08-26 22:17 - 2009-07-14 05:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-26 22:17 - 2009-07-14 05:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-26 22:15 - 2014-08-26 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-08-26 22:15 - 2014-04-20 15:58 - 00001844 _____ () C:\Users\Public\Desktop\BT NetProtect Plus.lnk 2014-08-26 22:14 - 2014-08-26 19:52 - 00000000 ____D () C:\Users\Martin\Documents\pc1 2014-08-26 22:12 - 2011-04-19 22:16 - 01367181 _____ () C:\Windows\WindowsUpdate.log 2014-08-26 22:10 - 2013-03-31 14:42 - 00000000 ___RD () C:\Users\Martin\SkyDrive 2014-08-26 22:09 - 2011-05-23 19:38 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-26 22:09 - 2010-11-21 04:47 - 02452066 _____ () C:\Windows\PFRO.log 2014-08-26 22:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-26 22:09 - 2009-07-14 05:51 - 00182475 _____ () C:\Windows\setupact.log 2014-08-26 22:07 - 2014-08-26 21:51 - 00000000 ____D () C:\AdwCleaner 2014-08-26 22:07 - 2013-07-08 13:30 - 00000000 ____D () C:\Users\Conor\AppData\Local\CRE 2014-08-26 21:51 - 2014-08-26 21:49 - 01364531 _____ () C:\Users\Martin\Downloads\AdwCleaner.exe 2014-08-26 21:46 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-26 21:05 - 2013-11-23 13:27 - 00290150 _____ () C:\Windows\IE11_main.log 2014-08-26 20:29 - 2014-08-26 20:29 - 00000000 ____D () C:\Users\Martin\Downloads\Autoruns 2014-08-26 20:28 - 2014-08-26 20:28 - 00511306 _____ () C:\Users\Martin\Downloads\Autoruns.zip 2014-08-26 19:47 - 2014-08-26 19:47 - 00110240 _____ () C:\Users\Martin\pc1.txt 2014-08-26 19:47 - 2014-08-26 19:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Notepad++ 2014-08-26 19:47 - 2011-04-19 22:16 - 00000000 ____D () C:\Users\Martin 2014-08-26 19:16 - 2014-08-26 19:16 - 00057052 _____ () C:\Users\Martin\Downloads\Addition.txt 2014-08-26 19:14 - 2014-08-26 19:12 - 02103296 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe 2014-08-26 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-08-26 13:46 - 2011-06-07 19:43 - 00000000 ____D () C:\Users\Martin\AppData\Local\CrashDumps 2014-08-26 13:45 - 2013-09-20 22:03 - 00000000 ____D () C:\Program Files\wrapper_inst 2014-08-26 12:43 - 2014-08-26 11:41 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-08-26 12:43 - 2014-08-26 11:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-26 12:42 - 2014-08-26 12:42 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam_premium.exe 2014-08-26 11:41 - 2014-08-26 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-26 11:22 - 2014-08-26 11:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martin\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-26 11:14 - 2013-09-20 22:02 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-26 11:10 - 2011-04-21 16:52 - 00000000 ____D () C:\ProgramData\Norton 2014-08-26 11:07 - 2014-08-26 11:07 - 00003110 _____ () C:\Windows\System32\Tasks\{48F43E3A-9C7A-4535-87A1-033D6EE7FF1F} 2014-08-26 11:06 - 2014-08-26 11:06 - 00003092 _____ () C:\Windows\System32\Tasks\{9D4A2211-7B31-4A21-8019-D4F06E80C889} 2014-08-26 11:06 - 2014-08-26 11:05 - 00000000 ____D () C:\Users\Martin\.nbi 2014-08-26 10:44 - 2014-08-26 10:44 - 00000004 _____ () C:\Users\Martin\AppData\Roaming\appdataFr2.bin 2014-08-26 10:19 - 2014-03-31 17:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-26 10:19 - 2012-04-09 11:30 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-26 10:19 - 2012-01-28 13:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-26 10:16 - 2014-08-26 10:16 - 00000000 ___HD () C:\OneDriveTemp 2014-08-25 16:49 - 2014-08-25 16:49 - 01296096 _____ (VideoPerformer) C:\Users\Martin\Downloads\VideoPerformerSetup.exe 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ___RD () C:\Users\Martin\Documents\HP Photo Creations 2014-08-25 16:39 - 2014-08-25 16:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Visan 2014-08-25 16:39 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\HP Photo Creations 2014-08-25 16:38 - 2014-08-25 16:38 - 02959504 _____ (Hewlett-Packard ) C:\Users\Martin\Downloads\hpusetup.exe 2014-08-25 16:38 - 2014-08-25 16:38 - 00000000 ____D () C:\Windows\Hewlett-Packard 2014-08-25 16:38 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-25 15:48 - 2014-08-25 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\{BBD73DC1-3AF5-4DC4-AEFD-1DF4104BFCA8} 2014-08-25 15:46 - 2014-08-25 15:46 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory 2014-08-25 15:25 - 2014-07-23 10:26 - 00000000 ____D () C:\Users\Martin\Documents\Visual Studio 2010 2014-08-25 09:47 - 2014-08-25 09:47 - 00000000 ____D () C:\ProgramData\ffd8e8a8a13f665b 2014-08-25 09:30 - 2011-04-21 17:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-24 17:35 - 2013-08-16 14:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-24 17:22 - 2011-04-21 21:18 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-24 16:21 - 2014-04-20 15:55 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-08-24 16:16 - 2014-08-24 15:42 - 00000000 ____D () C:\Users\Martin\AppData\Local\HP 2014-08-24 16:14 - 2014-08-24 16:14 - 00003350 _____ () C:\Windows\System32\Tasks\HP Photo Creations Communicator 2014-08-24 16:14 - 2014-08-24 15:48 - 00002172 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk 2014-08-24 16:14 - 2014-08-24 15:48 - 00000000 ____D () C:\ProgramData\Visan 2014-08-24 16:13 - 2014-08-24 16:13 - 43243608 _____ (HP) C:\Users\Martin\Downloads\hpphotocreations.exe 2014-08-24 15:48 - 2014-08-24 15:48 - 00002248 _____ () C:\Users\Public\Desktop\HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 6520 series.lnk 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\HpUpdate 2014-08-24 15:48 - 2014-08-24 15:48 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations 2014-08-24 15:48 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files (x86)\HP 2014-08-24 15:47 - 2014-08-24 15:47 - 00000057 _____ () C:\ProgramData\Ament.ini 2014-08-24 15:47 - 2014-08-24 15:47 - 00000000 ____D () C:\Program Files\HP 2014-08-24 15:47 - 2014-08-24 15:40 - 00000000 ____D () C:\ProgramData\HP 2014-08-24 15:45 - 2014-08-24 15:45 - 72558696 _____ () C:\Users\Martin\Downloads\PS6520_1315-1.exe 2014-08-24 15:40 - 2009-07-14 06:13 - 00880170 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-24 15:27 - 2014-04-20 15:35 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-08-24 15:18 - 2014-04-20 15:49 - 00002182 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-08-13 14:48 - 2013-09-20 18:29 - 00000000 ____D () C:\Users\Conor\AppData\Local\PMB Files 2014-08-13 14:21 - 2011-12-04 13:02 - 00000000 ____D () C:\Users\Conor\AppData\Roaming\Skype 2014-08-13 14:20 - 2014-07-05 21:00 - 00000000 ____D () C:\Users\Conor\AppData\Local\Battle.net 2014-08-13 13:27 - 2014-07-05 21:00 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-08-08 18:53 - 2014-07-05 21:01 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-08-08 18:41 - 2011-06-02 10:51 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-07-31 09:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-29 16:12 - 2014-07-29 15:33 - 00000000 ____D () C:\Users\Callum\Documents\Flight Simulator Files 2014-07-28 20:28 - 2011-04-22 10:15 - 00000000 ____D () C:\Program Files\Google 2014-07-28 20:28 - 2011-04-22 10:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-28 19:18 - 2014-07-28 19:18 - 06580602 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2731771-x64 (3).msu 2014-07-28 19:18 - 2014-07-28 19:18 - 04904874 _____ () C:\Users\Martin\Downloads\Windows6.1-KB2731771-x86.msu 2014-07-28 19:16 - 2013-05-27 21:06 - 00540570 _____ () C:\Windows\IE10_main.log 2014-07-28 19:15 - 2014-07-28 19:14 - 55915216 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\IE11-Windows6.1-x64-en-us.exe 2014-07-28 19:05 - 2011-04-23 18:20 - 00000000 ____D () C:\ProgramData\Google 2014-07-28 19:05 - 2011-04-23 18:03 - 00000000 ____D () C:\Users\Martin\AppData\Local\Google 2014-07-28 18:59 - 2014-07-23 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2014-07-28 18:52 - 2012-11-20 10:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-28 18:51 - 2012-11-20 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0 2014-07-28 18:50 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-07-28 18:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-28 18:41 - 2012-11-20 10:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-07-28 18:22 - 2014-07-28 18:22 - 01005568 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\dotNetFx45_Full_setup.exe 2014-07-28 18:12 - 2014-06-29 11:39 - 00029340 _____ () C:\Windows\SysWOW64\console.log 2014-07-28 18:10 - 2013-03-16 14:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-28 18:10 - 2011-05-15 21:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-28 10:26 - 2014-07-28 10:26 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-07-28 10:26 - 2014-07-28 10:26 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-07-28 10:26 - 2014-07-28 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-28 10:26 - 2014-06-05 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2014-07-28 10:25 - 2012-07-05 21:16 - 00000000 ____D () C:\Program Files\Java 2014-07-28 10:23 - 2014-07-28 10:23 - 31012264 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u65-windows-x64.exe 2014-07-28 10:23 - 2014-07-28 10:23 - 31012264 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u65-windows-x64 (1).exe 2014-07-28 10:14 - 2014-07-28 10:14 - 00000000 ____D () C:\ProgramData\VS 2014-07-28 10:06 - 2013-03-16 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-27 20:57 - 2014-07-27 20:57 - 00056375 _____ () C:\Users\Callum\Downloads\EuroTruckSimulator2_1_10_1_setup.exe.torrent 2014-07-27 20:48 - 2011-04-22 11:49 - 00000000 ____D () C:\Users\Callum\AppData\Local\CrashDumps 2014-07-27 20:47 - 2014-07-27 20:47 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (7).exe 2014-07-27 20:43 - 2014-07-27 20:43 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (6).exe 2014-07-27 20:42 - 2014-07-27 20:42 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (5).exe 2014-07-27 20:38 - 2014-07-27 20:38 - 00516296 _____ (Popeller, sl) C:\Users\Callum\Downloads\Euro Truck Simulator 2 (4).exe Some content of TEMP: ==================== C:\Users\Callum\AppData\Local\Temp\BackupSetup.exe C:\Users\Callum\AppData\Local\Temp\dlLogic.exe C:\Users\Callum\AppData\Local\Temp\EBU65C4.exe C:\Users\Callum\AppData\Local\Temp\EBU8FEF.exe C:\Users\Callum\AppData\Local\Temp\ICReinstall_winzip18-lan_en.exe C:\Users\Callum\AppData\Local\Temp\nsd431C.exe C:\Users\Callum\AppData\Local\Temp\nseDCFF.exe C:\Users\Callum\AppData\Local\Temp\nsj5E0D.exe C:\Users\Callum\AppData\Local\Temp\nso2B48.exe C:\Users\Callum\AppData\Local\Temp\nsyF14A.exe C:\Users\Callum\AppData\Local\Temp\optprosetup.exe C:\Users\Callum\AppData\Local\Temp\ReimagePackage.exe C:\Users\Callum\AppData\Local\Temp\ReimageRepair.exe C:\Users\Callum\AppData\Local\Temp\SecondStepInstaller.exe C:\Users\Callum\AppData\Local\Temp\SPSetup.exe C:\Users\Callum\AppData\Local\Temp\spstub.exe C:\Users\Conor\AppData\Local\Temp\CmdLineExt01.dll C:\Users\Conor\AppData\Local\Temp\CmdLineExt02.dll C:\Users\Conor\AppData\Local\Temp\comver.dll C:\Users\Conor\AppData\Local\Temp\DefaultAssets.exe C:\Users\Conor\AppData\Local\Temp\DefaultOfflineContent.exe C:\Users\Conor\AppData\Local\Temp\drm_dialogs.dll C:\Users\Conor\AppData\Local\Temp\dxwebsetup.exe C:\Users\Conor\AppData\Local\Temp\EXEtender_OutBrowse_Bundle_DL_ChickIn3.exe C:\Users\Conor\AppData\Local\Temp\Findr.exe C:\Users\Conor\AppData\Local\Temp\HSS-2-88-install-plain-506-plain.exe C:\Users\Conor\AppData\Local\Temp\NLStubInstallerResources.dll C:\Users\Conor\AppData\Local\Temp\nsaB761.exe C:\Users\Conor\AppData\Local\Temp\nsk812.exe C:\Users\Conor\AppData\Local\Temp\nspA2CB.exe C:\Users\Conor\AppData\Local\Temp\nsu7F8F.exe C:\Users\Conor\AppData\Local\Temp\PC-Registry-EXE-0808.exe C:\Users\Conor\AppData\Local\Temp\PCCheckupInstaller.exe C:\Users\Conor\AppData\Local\Temp\PCCU_Installer.exe C:\Users\Conor\AppData\Local\Temp\SecondStepInstaller.exe C:\Users\Conor\AppData\Local\Temp\SIntf16.dll C:\Users\Conor\AppData\Local\Temp\SIntf32.dll C:\Users\Conor\AppData\Local\Temp\SIntfNT.dll C:\Users\Conor\AppData\Local\Temp\SkypeSetup.exe C:\Users\Conor\AppData\Local\Temp\softonic_121_3.exe C:\Users\Conor\AppData\Local\Temp\SPStub.exe C:\Users\Conor\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Conor\AppData\Local\Temp\ToolbarHelper.exe C:\Users\Conor\AppData\Local\Temp\VMSetup2.0.0.92.exe C:\Users\Conor\AppData\Local\Temp\xmlUpdater.exe C:\Users\Conor\AppData\Local\Temp\zatbSetup_110_000_064.exe C:\Users\Julie\AppData\Local\Temp\EADF584.exe C:\Users\Julie\AppData\Local\Temp\SecondStepInstaller.exe C:\Users\Julie\AppData\Local\Temp\SPSetup.exe C:\Users\Julie\AppData\Local\Temp\UninstallEADM.dll C:\Users\Martin\AppData\Local\Temp\ose00000.exe C:\Users\Martin\AppData\Local\Temp\Quarantine.exe C:\Users\Martin\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-25 11:04 ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.