Jump to content

Can't Access Google Or Yahoo Using IE11


Recommended Posts

Using Internet Explorwer 11, can't access google.com. and yahoo.com. Links and buttons on yahoo.com and msn.com don't work. Google Chrome browser works normally.


Found similar problem on your forum and tried to replicate your recommended solution. Ran Malwarebytes Pro, Malwarebytes Anti-Rootkit, ESET, Hitman, Combofix,Adwcleaner etc. Found and removed several infections. Scans now run clean but no success in accessing google.com or getting yahoo or msn to work normall


Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Hello Jurgen-Thank you for your help. I am looking forward to working with you. Here is the Farbar scan and additional text:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014

Ran by Richard (administrator) on RICHARD-PC on 28-07-2014 06:55:05

Running from C:\Users\Richard\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\ioloGovernor64.exe

(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe

(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe

(Dropbox, Inc.) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe

() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

() C:\Program Files (x86)\Epubor\ultimate\converter.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()

HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard)

HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-06-19] (Check Point Software Technologies LTD)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2010-12-23] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [scanSnap WIA Service Checker] => C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)

HKLM-x32\...\Run: [syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [720384 2014-03-07] ()

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3262438419-2781910495-2142345371-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)

HKU\S-1-5-21-3262438419-2781910495-2142345371-1000\...\Run: [GoogleChromeAutoLaunch_29A699B01FEEF335BD09EDAD4C8A90AE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)

HKU\S-1-5-21-3262438419-2781910495-2142345371-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)

HKU\S-1-5-21-3262438419-2781910495-2142345371-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-06-04] (SUPERAntiSpyware)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CardMinder Viewer.lnk

ShortcutTarget: CardMinder Viewer.lnk -> C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe (PFU LIMITED)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Conversion to PDF with ScanSnap Organizer.lnk

ShortcutTarget: Conversion to PDF with ScanSnap Organizer.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe (PFU LIMITED)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk

ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk

ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk

ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

BootExecute: autocheck

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {35136925-F7ED-443D-80DE-CCBE024F9313} URL = 

BHO: No Name -> {711AE6FB-4C1E-2FF4-2865-64D38A65158E} ->  No File

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: No Name -> {7A7D0C91-45F5-02CE-C8A7-2E01AC20280A} ->  No File

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

Chrome: 

=======

CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3325290&octid=EB_ORIGINAL_CTID&ISID=MB226C762-40C0-4B88-AD75-9D50F0A88AD7&SearchSource=55&CUI=&UM=2&UP=SPF5B0D29A-D422-4A02-9F97-405BB8B3D4F2&SSPV=

CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3325290&octid=EB_ORIGINAL_CTID&ISID=MB226C762-40C0-4B88-AD75-9D50F0A88AD7&SearchSource=55&CUI=&UM=2&UP=SPF5B0D29A-D422-4A02-9F97-405BB8B3D4F2&SSPV=", "hxxp://www.google.com/", "https://www.google.com/calendar/render?tab=wc", "hxxp://websearch.fastsearchings.info/?pid=714&r=2014/07/16&hid=4093734464631692182&lg=EN&cc=US&unqvl=56"

CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-18]

CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-18]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]

CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-18]

CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-18]

CHR Extension: (Google Calendar) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-16]

CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]

CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-18]

CHR Extension: (Google Similar Pages) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2013-10-18]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe [29912 2014-04-08] (AOMEI Tech Co., Ltd.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-07-16] (iolo technologies, LLC)

R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-06-19] (Check Point Software Technologies LTD)

R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2013-05-07] () [File not signed]

R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2013-05-07] () [File not signed]

R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2013-02-06] () [File not signed]

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [31432 2012-04-17] (EldoS Corporation)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-17] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-07-16] (EldoS Corporation)

S3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)

R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-11-01] (Realtek Semiconductor Corporation                           )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29160 2014-07-17] ()

R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-03-17] ()

R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-03-17] ()

R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-03-17] ()

R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [451096 2013-06-13] (Check Point Software Technologies LTD)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-28 06:48 - 2014-07-28 06:55 - 00024275 _____ () C:\Users\Richard\Downloads\FRST.txt

2014-07-28 06:46 - 2014-07-28 06:46 - 02093568 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\Ultimate

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Ultimate

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\.Ultimate

2014-07-25 09:27 - 2014-07-25 09:27 - 00000000 ____D () C:\Users\Richard\Downloads\ultimate.html

2014-07-25 09:26 - 2014-07-25 09:26 - 02058180 _____ () C:\Users\Richard\Downloads\ultimate.html.zip

2014-07-25 09:26 - 2014-07-25 09:26 - 00001133 _____ () C:\Users\Public\Desktop\Epubor Ultimate.lnk

2014-07-25 09:26 - 2014-07-25 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epubor

2014-07-25 09:24 - 2014-07-25 09:24 - 00000000 ____D () C:\Users\Richard\Downloads\UltimateConverter304

2014-07-25 09:18 - 2014-07-25 09:22 - 65523491 _____ () C:\Users\Richard\Downloads\UltimateConverter304.zip

2014-07-25 00:11 - 2014-07-25 00:11 - 00000000 ____D () C:\Users\Richard\AppData\Local\Adobe

2014-07-22 08:59 - 2014-07-22 09:00 - 00050351 _____ () C:\Users\Richard\Desktop\Addition.txt

2014-07-22 08:58 - 2014-07-22 09:00 - 00064576 _____ () C:\Users\Richard\Desktop\FRST.txt

2014-07-22 08:55 - 2014-07-22 08:55 - 02090496 _____ (Farbar) C:\Users\Richard\Desktop\FRST64 (2).exe

2014-07-22 08:38 - 2014-07-28 06:55 - 00000000 ____D () C:\FRST

2014-07-22 00:45 - 2014-07-22 00:45 - 00001487 _____ () C:\Users\Richard\Desktop\LiveBoost.lnk

2014-07-22 00:44 - 2014-07-16 08:30 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys

2014-07-21 00:49 - 2014-07-21 00:50 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (5).exe

2014-07-21 00:27 - 2014-07-21 00:27 - 01354223 _____ () C:\Users\Richard\Downloads\AdwCleaner (3).exe

2014-07-21 00:25 - 2014-07-21 00:25 - 00000635 _____ () C:\Users\Richard\Desktop\JRT.txt

2014-07-21 00:13 - 2014-07-21 00:13 - 01016261 _____ (Thisisu) C:\Users\Richard\Downloads\JRT (1).exe

2014-07-21 00:11 - 2014-07-21 00:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller.exe

2014-07-20 22:42 - 2014-07-20 22:42 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\SUPERAntiSpyware.com

2014-07-20 22:41 - 2014-07-20 22:41 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-07-20 22:40 - 2014-07-20 22:41 - 20181352 _____ (SUPERAntiSpyware) C:\Users\Richard\Downloads\SUPERAntiSpyware (1).exe

2014-07-20 22:36 - 2014-07-20 22:36 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Richard\Downloads\rkill.exe

2014-07-20 22:36 - 2014-07-20 22:36 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Richard\Downloads\rkill64.exe

2014-07-20 22:34 - 2014-07-20 22:35 - 00002776 _____ () C:\Users\Richard\Downloads\FSS.txt

2014-07-20 22:33 - 2014-07-20 22:33 - 00415232 _____ (Farbar) C:\Users\Richard\Downloads\FSS.exe

2014-07-20 19:49 - 2014-07-28 06:26 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\Users\Richard\AppData\Local\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\ProgramData\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-07-20 19:48 - 2014-07-20 19:48 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\SkypeSetup (1).exe

2014-07-18 15:04 - 2014-07-18 15:04 - 00000004 _____ () C:\Users\Richard\Downloads\ATT00001.txt

2014-07-18 11:15 - 2014-07-18 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-18 11:15 - 2014-07-18 11:15 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-18 10:28 - 2014-07-18 10:28 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-18 10:28 - 2014-07-18 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-18 10:28 - 2014-07-18 10:28 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-18 10:27 - 2014-07-18 10:27 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (3).exe

2014-07-18 10:17 - 2014-07-18 10:17 - 00001270 _____ () C:\Users\Richard\Desktop\Revo Uninstaller.lnk

2014-07-18 10:16 - 2014-07-18 10:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Richard\Downloads\revosetup.exe

2014-07-18 10:16 - 2014-07-18 10:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-18 10:14 - 2014-07-18 10:14 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Oracle

2014-07-18 10:08 - 2014-07-18 10:08 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (2).exe

2014-07-18 10:06 - 2014-07-18 10:06 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (1).exe

2014-07-18 10:04 - 2014-07-18 10:04 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65.exe

2014-07-18 08:58 - 2014-07-18 08:59 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Richard\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-18 08:55 - 2014-07-18 08:55 - 00688992 _____ (Swearware) C:\Users\Richard\Downloads\dds.scr

2014-07-18 08:41 - 2014-07-18 09:28 - 00000000 ____D () C:\ComboFix

2014-07-18 08:23 - 2014-07-18 08:23 - 01354223 _____ () C:\Users\Richard\Downloads\adwcleaner_3.216.exe

2014-07-18 08:20 - 2014-07-18 08:20 - 00401920 _____ (Farbar) C:\Users\Richard\Downloads\MiniToolBox (2).exe

2014-07-18 08:20 - 2014-07-18 08:20 - 00401920 _____ (Farbar) C:\Users\Richard\Downloads\MiniToolBox (1).exe

2014-07-17 22:53 - 2014-07-17 22:56 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (4).exe

2014-07-17 22:48 - 2014-07-17 22:49 - 00044079 _____ () C:\Users\Richard\Downloads\Result.txt

2014-07-17 20:39 - 2014-07-17 20:39 - 00043700 _____ () C:\Users\Richard\Downloads\Addition.txt

2014-07-17 12:48 - 2014-07-17 12:48 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (3).exe

2014-07-17 12:02 - 2014-07-17 12:02 - 01348263 _____ () C:\Users\Richard\Downloads\AdwCleaner (2).exe

2014-07-17 11:40 - 2014-07-17 11:40 - 00000000 ____D () C:\Windows\ERUNT

2014-07-17 11:39 - 2014-07-17 11:39 - 01016261 _____ (Thisisu) C:\Users\Richard\Downloads\JRT.exe

2014-07-17 11:13 - 2014-07-18 09:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-17 11:12 - 2014-07-18 09:56 - 00000000 ____D () C:\Users\Richard\Desktop\mbar

2014-07-17 11:12 - 2014-07-18 08:57 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-17 11:11 - 2014-07-17 11:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Richard\Downloads\mbar-1.07.0.1012.exe

2014-07-17 09:11 - 2014-07-17 09:11 - 00042593 _____ () C:\Users\Richard\Desktop\CFIX71714.txt

2014-07-17 08:03 - 2014-07-17 08:03 - 04770904 _____ () C:\Users\Richard\Downloads\RogueKiller (3).exe

2014-07-17 08:03 - 2014-07-17 08:03 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys

2014-07-17 08:03 - 2014-07-17 08:03 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-17 01:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-07-17 01:00 - 2014-07-21 00:41 - 00000000 ____D () C:\AdwCleaner

2014-07-17 01:00 - 2014-07-17 01:00 - 01348263 _____ () C:\Users\Richard\Downloads\AdwCleaner (1).exe

2014-07-17 00:35 - 2014-07-17 00:35 - 00004154 _____ () C:\Windows\system32\.crusader

2014-07-17 00:28 - 2014-07-17 00:38 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys

2014-07-17 00:27 - 2014-07-17 00:35 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-07-17 00:20 - 2014-07-17 00:23 - 11188736 _____ (SurfRight B.V.) C:\Users\Richard\Downloads\HitmanPro_x64.exe

2014-07-17 00:17 - 2014-07-17 00:17 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller (4).exe

2014-07-17 00:15 - 2014-07-17 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller (3).exe

2014-07-16 12:43 - 2014-07-17 09:05 - 00000000 ____D () C:\Windows\erdnt

2014-07-16 12:38 - 2014-07-16 12:38 - 00003180 _____ () C:\Windows\System32\Tasks\{595C65CB-24B6-4CD7-8F03-3BD957E07EA8}

2014-07-16 12:33 - 2014-07-16 12:33 - 00003158 _____ () C:\Windows\System32\Tasks\{464B4D71-611A-44F4-B248-FBFB5CA7027E}

2014-07-16 09:08 - 2014-07-16 09:08 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Richard\AppData\Local\Packages

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Richard\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\ProgramData\8e1fa0f09b33642c

2014-07-16 09:00 - 2014-07-16 09:26 - 00002182 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk

2014-07-16 09:00 - 2014-07-16 09:00 - 00002194 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk

2014-07-16 09:00 - 2014-07-16 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

2014-07-15 07:53 - 2014-07-15 07:53 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-07-15 07:53 - 2014-07-15 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-15 07:52 - 2014-07-15 07:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-15 07:52 - 2014-07-15 07:53 - 00000000 ____D () C:\Program Files\iTunes

2014-07-15 07:52 - 2014-07-15 07:53 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-15 07:52 - 2014-07-15 07:52 - 00000000 ____D () C:\Program Files\iPod

2014-07-09 10:23 - 2014-07-09 10:23 - 00495360 _____ () C:\Users\Richard\Downloads\Think Like a Freak- The Authors of Freakonomics Offer to Retrain Your Brain.azw3

2014-07-08 21:54 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-08 21:54 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-08 21:54 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-08 21:54 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-08 21:54 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-08 21:54 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-08 21:54 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-08 21:54 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-08 21:54 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-08 21:54 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-08 21:54 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-08 21:54 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-08 21:54 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-08 21:54 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-08 21:54 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-08 21:54 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-08 21:54 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-08 21:54 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-08 21:54 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-08 21:54 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-08 21:54 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-08 21:54 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-08 21:54 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-08 21:54 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-08 21:54 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-08 21:54 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-08 21:54 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-08 21:54 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-08 21:54 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-08 21:54 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-08 21:54 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-08 21:54 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-08 21:54 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-08 21:54 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-08 21:54 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-08 21:54 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-08 21:54 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-08 21:54 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-08 21:54 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-08 21:54 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-08 21:54 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-08 21:54 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-08 21:54 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-08 21:54 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-08 21:54 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-08 21:54 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-08 21:54 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-08 21:54 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-08 21:54 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-08 21:54 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-08 21:54 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-08 21:54 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-08 21:54 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-08 21:54 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-08 21:54 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-08 21:54 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-08 21:54 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-08 21:54 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-08 21:54 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-08 21:54 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-08 21:54 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-08 21:54 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-08 21:54 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-08 21:54 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-08 21:54 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-08 21:54 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-08 21:54 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-08 21:54 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-08 21:54 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-03 10:38 - 2014-07-03 10:38 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink (2).acsm

2014-07-03 10:37 - 2014-07-03 10:37 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink.acsm

2014-07-03 10:37 - 2014-07-03 10:37 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink (1).acsm

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\EPUBDRMRemoval

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\calibre

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\EPUBDRMRemoval

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\.EPUBDRMRemoval

2014-07-02 01:11 - 2014-07-25 09:25 - 00000000 ____D () C:\Program Files (x86)\Epubor

2014-07-02 01:10 - 2014-07-02 01:11 - 17553083 _____ (Epubor Inc.) C:\Users\Richard\Downloads\epub_drm_removal.exe

2014-07-02 00:55 - 2014-07-02 00:56 - 00000000 ____D () C:\Users\Richard\AppData\Local\calibre-cache

2014-07-02 00:51 - 2014-07-16 09:37 - 00000000 ____D () C:\Users\Richard\Documents\Calibre Library

2014-07-02 00:51 - 2014-07-02 00:55 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\calibre

2014-07-02 00:50 - 2014-07-16 09:33 - 00000000 ____D () C:\Program Files (x86)\Calibre2

2014-07-02 00:35 - 2014-07-02 00:44 - 00000000 ____D () C:\Users\Richard\Downloads\tools_v6.0.8

2014-07-02 00:32 - 2014-07-02 00:32 - 01816433 _____ () C:\Users\Richard\Downloads\tools_v6.0.8.zip

2014-07-02 00:09 - 2014-07-02 00:20 - 56086016 _____ () C:\Users\Richard\Downloads\calibre-1.42.0.msi

2014-07-02 00:09 - 2014-07-02 00:09 - 05946344 _____ (Adobe Systems Incorporated) C:\Users\Richard\Downloads\ADE_2.0_Installer.exe

2014-06-30 10:16 - 2014-07-27 06:29 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRichard

2014-06-30 10:16 - 2014-07-27 06:29 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForRichard.job

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-07-28 06:55 - 2014-07-28 06:48 - 00024275 _____ () C:\Users\Richard\Downloads\FRST.txt

2014-07-28 06:55 - 2014-07-22 08:38 - 00000000 ____D () C:\FRST

2014-07-28 06:46 - 2014-07-28 06:46 - 02093568 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe

2014-07-28 06:38 - 2013-10-17 23:50 - 01100180 _____ () C:\Windows\WindowsUpdate.log

2014-07-28 06:26 - 2014-07-20 19:49 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Skype

2014-07-28 06:10 - 2013-10-18 11:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-28 02:22 - 2014-04-21 23:43 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D62187D2-3C99-4CB1-8C65-10E4AD7F8BAA}

2014-07-28 00:33 - 2014-01-15 00:10 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\vlc

2014-07-27 06:29 - 2014-06-30 10:16 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRichard

2014-07-27 06:29 - 2014-06-30 10:16 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForRichard.job

2014-07-25 13:04 - 2013-10-18 10:33 - 00000000 ____D () C:\Jts

2014-07-25 09:41 - 2014-03-26 11:24 - 00001129 _____ () C:\Users\Richard\Desktop\Document Manager.lnk

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\Ultimate

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Ultimate

2014-07-25 09:29 - 2014-07-25 09:29 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\.Ultimate

2014-07-25 09:29 - 2013-10-17 23:50 - 00000000 ____D () C:\Users\Richard

2014-07-25 09:27 - 2014-07-25 09:27 - 00000000 ____D () C:\Users\Richard\Downloads\ultimate.html

2014-07-25 09:26 - 2014-07-25 09:26 - 02058180 _____ () C:\Users\Richard\Downloads\ultimate.html.zip

2014-07-25 09:26 - 2014-07-25 09:26 - 00001133 _____ () C:\Users\Public\Desktop\Epubor Ultimate.lnk

2014-07-25 09:26 - 2014-07-25 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epubor

2014-07-25 09:25 - 2014-07-02 01:11 - 00000000 ____D () C:\Program Files (x86)\Epubor

2014-07-25 09:24 - 2014-07-25 09:24 - 00000000 ____D () C:\Users\Richard\Downloads\UltimateConverter304

2014-07-25 09:22 - 2014-07-25 09:18 - 65523491 _____ () C:\Users\Richard\Downloads\UltimateConverter304.zip

2014-07-25 03:01 - 2013-10-19 04:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-25 03:00 - 2013-10-19 04:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-25 03:00 - 2013-10-19 04:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-25 00:11 - 2014-07-25 00:11 - 00000000 ____D () C:\Users\Richard\AppData\Local\Adobe

2014-07-23 16:42 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-23 16:42 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-23 06:27 - 2014-04-07 09:20 - 00000000 ___RD () C:\Users\Richard\Dropbox

2014-07-23 06:27 - 2014-04-07 09:19 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\DropboxMaster

2014-07-23 06:27 - 2014-04-07 09:17 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Dropbox

2014-07-23 06:25 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-23 06:24 - 2009-07-14 00:51 - 00040058 _____ () C:\Windows\setupact.log

2014-07-23 06:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-07-23 06:15 - 2013-10-18 01:25 - 01532500 _____ () C:\Windows\PFRO.log

2014-07-22 09:00 - 2014-07-22 08:59 - 00050351 _____ () C:\Users\Richard\Desktop\Addition.txt

2014-07-22 09:00 - 2014-07-22 08:58 - 00064576 _____ () C:\Users\Richard\Desktop\FRST.txt

2014-07-22 08:55 - 2014-07-22 08:55 - 02090496 _____ (Farbar) C:\Users\Richard\Desktop\FRST64 (2).exe

2014-07-22 00:46 - 2014-04-06 19:41 - 00000000 ____D () C:\ProgramData\iolo

2014-07-22 00:45 - 2014-07-22 00:45 - 00001487 _____ () C:\Users\Richard\Desktop\LiveBoost.lnk

2014-07-22 00:45 - 2014-04-06 19:43 - 00001483 _____ () C:\Users\Richard\Desktop\System Mechanic Professional.lnk

2014-07-22 00:45 - 2014-04-06 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic Professional

2014-07-22 00:44 - 2014-04-06 19:41 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\iolo

2014-07-22 00:44 - 2013-12-07 10:07 - 00003144 _____ () C:\Windows\System32\Tasks\iolo Process Governor

2014-07-22 00:44 - 2013-12-07 10:07 - 00000000 ____D () C:\ProgramData\ioloGovernor

2014-07-21 10:04 - 2013-10-26 19:54 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-07-21 10:03 - 2013-11-04 11:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-07-21 00:50 - 2014-07-21 00:49 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (5).exe

2014-07-21 00:41 - 2014-07-17 01:00 - 00000000 ____D () C:\AdwCleaner

2014-07-21 00:27 - 2014-07-21 00:27 - 01354223 _____ () C:\Users\Richard\Downloads\AdwCleaner (3).exe

2014-07-21 00:25 - 2014-07-21 00:25 - 00000635 _____ () C:\Users\Richard\Desktop\JRT.txt

2014-07-21 00:13 - 2014-07-21 00:13 - 01016261 _____ (Thisisu) C:\Users\Richard\Downloads\JRT (1).exe

2014-07-21 00:11 - 2014-07-21 00:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller.exe

2014-07-20 22:42 - 2014-07-20 22:42 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\SUPERAntiSpyware.com

2014-07-20 22:42 - 2014-04-24 15:29 - 00000000 ____D () C:\Program Files\Fighters

2014-07-20 22:41 - 2014-07-20 22:41 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2014-07-20 22:41 - 2014-07-20 22:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-07-20 22:41 - 2014-07-20 22:40 - 20181352 _____ (SUPERAntiSpyware) C:\Users\Richard\Downloads\SUPERAntiSpyware (1).exe

2014-07-20 22:38 - 2012-09-25 21:53 - 00001876 _____ () C:\Users\Richard\Desktop\Rkill.txt

2014-07-20 22:36 - 2014-07-20 22:36 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Richard\Downloads\rkill.exe

2014-07-20 22:36 - 2014-07-20 22:36 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Richard\Downloads\rkill64.exe

2014-07-20 22:35 - 2014-07-20 22:34 - 00002776 _____ () C:\Users\Richard\Downloads\FSS.txt

2014-07-20 22:33 - 2014-07-20 22:33 - 00415232 _____ (Farbar) C:\Users\Richard\Downloads\FSS.exe

2014-07-20 19:49 - 2014-07-20 19:49 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\Users\Richard\AppData\Local\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\ProgramData\Skype

2014-07-20 19:49 - 2014-07-20 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-07-20 19:48 - 2014-07-20 19:48 - 01677928 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\SkypeSetup (1).exe

2014-07-18 15:04 - 2014-07-18 15:04 - 00000004 _____ () C:\Users\Richard\Downloads\ATT00001.txt

2014-07-18 11:15 - 2014-07-18 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-18 11:15 - 2014-07-18 11:15 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-18 11:15 - 2013-10-18 10:49 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-18 10:29 - 2013-10-18 13:08 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-18 10:28 - 2014-07-18 10:28 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-18 10:28 - 2014-07-18 10:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-18 10:28 - 2014-07-18 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-18 10:28 - 2014-07-18 10:28 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-18 10:27 - 2014-07-18 10:27 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (3).exe

2014-07-18 10:17 - 2014-07-18 10:17 - 00001270 _____ () C:\Users\Richard\Desktop\Revo Uninstaller.lnk

2014-07-18 10:16 - 2014-07-18 10:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Richard\Downloads\revosetup.exe

2014-07-18 10:16 - 2014-07-18 10:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-18 10:14 - 2014-07-18 10:14 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Oracle

2014-07-18 10:08 - 2014-07-18 10:08 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (2).exe

2014-07-18 10:06 - 2014-07-18 10:06 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65 (1).exe

2014-07-18 10:04 - 2014-07-18 10:04 - 00918952 _____ (Oracle Corporation) C:\Users\Richard\Downloads\chromeinstall-7u65.exe

2014-07-18 09:56 - 2014-07-17 11:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-18 09:56 - 2014-07-17 11:12 - 00000000 ____D () C:\Users\Richard\Desktop\mbar

2014-07-18 09:28 - 2014-07-18 08:41 - 00000000 ____D () C:\ComboFix

2014-07-18 08:59 - 2014-07-18 08:58 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Richard\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-18 08:57 - 2014-07-17 11:12 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-18 08:55 - 2014-07-18 08:55 - 00688992 _____ (Swearware) C:\Users\Richard\Downloads\dds.scr

2014-07-18 08:23 - 2014-07-18 08:23 - 01354223 _____ () C:\Users\Richard\Downloads\adwcleaner_3.216.exe

2014-07-18 08:20 - 2014-07-18 08:20 - 00401920 _____ (Farbar) C:\Users\Richard\Downloads\MiniToolBox (2).exe

2014-07-18 08:20 - 2014-07-18 08:20 - 00401920 _____ (Farbar) C:\Users\Richard\Downloads\MiniToolBox (1).exe

2014-07-17 22:56 - 2014-07-17 22:53 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (4).exe

2014-07-17 22:49 - 2014-07-17 22:48 - 00044079 _____ () C:\Users\Richard\Downloads\Result.txt

2014-07-17 20:39 - 2014-07-17 20:39 - 00043700 _____ () C:\Users\Richard\Downloads\Addition.txt

2014-07-17 12:48 - 2014-07-17 12:48 - 02347384 _____ (ESET) C:\Users\Richard\Downloads\esetsmartinstaller_enu (3).exe

2014-07-17 12:07 - 2013-10-19 18:19 - 00000518 _____ () C:\Windows\Brownie.ini

2014-07-17 12:02 - 2014-07-17 12:02 - 01348263 _____ () C:\Users\Richard\Downloads\AdwCleaner (2).exe

2014-07-17 11:40 - 2014-07-17 11:40 - 00000000 ____D () C:\Windows\ERUNT

2014-07-17 11:39 - 2014-07-17 11:39 - 01016261 _____ (Thisisu) C:\Users\Richard\Downloads\JRT.exe

2014-07-17 11:11 - 2014-07-17 11:11 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Richard\Downloads\mbar-1.07.0.1012.exe

2014-07-17 09:11 - 2014-07-17 09:11 - 00042593 _____ () C:\Users\Richard\Desktop\CFIX71714.txt

2014-07-17 09:08 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default

2014-07-17 09:05 - 2014-07-16 12:43 - 00000000 ____D () C:\Windows\erdnt

2014-07-17 09:04 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini

2014-07-17 08:03 - 2014-07-17 08:03 - 04770904 _____ () C:\Users\Richard\Downloads\RogueKiller (3).exe

2014-07-17 08:03 - 2014-07-17 08:03 - 00029160 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys

2014-07-17 08:03 - 2014-07-17 08:03 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-07-17 01:00 - 2014-07-17 01:00 - 01348263 _____ () C:\Users\Richard\Downloads\AdwCleaner (1).exe

2014-07-17 00:38 - 2014-07-17 00:28 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys

2014-07-17 00:35 - 2014-07-17 00:35 - 00004154 _____ () C:\Windows\system32\.crusader

2014-07-17 00:35 - 2014-07-17 00:27 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-07-17 00:23 - 2014-07-17 00:20 - 11188736 _____ (SurfRight B.V.) C:\Users\Richard\Downloads\HitmanPro_x64.exe

2014-07-17 00:17 - 2014-07-17 00:17 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller (4).exe

2014-07-17 00:15 - 2014-07-17 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Richard\Downloads\tdsskiller (3).exe

2014-07-16 14:02 - 2014-01-02 02:29 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-07-16 12:38 - 2014-07-16 12:38 - 00003180 _____ () C:\Windows\System32\Tasks\{595C65CB-24B6-4CD7-8F03-3BD957E07EA8}

2014-07-16 12:33 - 2014-07-16 12:33 - 00003158 _____ () C:\Windows\System32\Tasks\{464B4D71-611A-44F4-B248-FBFB5CA7027E}

2014-07-16 10:57 - 2013-10-18 00:46 - 00000000 ____D () C:\Program Files (x86)\Google

2014-07-16 09:37 - 2014-07-02 00:51 - 00000000 ____D () C:\Users\Richard\Documents\Calibre Library

2014-07-16 09:36 - 2014-05-27 13:14 - 00000000 ____D () C:\Users\Richard\AppData\Local\Deployment

2014-07-16 09:33 - 2014-07-02 00:50 - 00000000 ____D () C:\Program Files (x86)\Calibre2

2014-07-16 09:26 - 2014-07-16 09:00 - 00002182 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk

2014-07-16 09:08 - 2014-07-16 09:08 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Richard\AppData\Local\Packages

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Richard\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Guest

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\Users\Administrator

2014-07-16 09:08 - 2014-07-16 09:08 - 00000000 ____D () C:\ProgramData\8e1fa0f09b33642c

2014-07-16 09:08 - 2013-10-18 00:46 - 00000000 ____D () C:\Users\Richard\AppData\Local\Google

2014-07-16 09:08 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-07-16 09:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-07-16 09:00 - 2014-07-16 09:00 - 00002194 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk

2014-07-16 09:00 - 2014-07-16 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

2014-07-16 09:00 - 2014-05-27 22:36 - 00000000 ____D () C:\Users\Richard\AppData\Local\Adobe_Systems_Incorporate

2014-07-16 09:00 - 2013-10-18 10:49 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-16 08:51 - 2014-04-06 19:42 - 00057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe

2014-07-16 08:51 - 2014-04-06 19:42 - 00026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe

2014-07-16 08:33 - 2014-04-06 19:43 - 02155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll

2014-07-16 08:33 - 2014-04-06 19:43 - 02097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll

2014-07-16 08:30 - 2014-07-22 00:44 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys

2014-07-15 07:53 - 2014-07-15 07:53 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-07-15 07:53 - 2014-07-15 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-15 07:53 - 2014-07-15 07:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-15 07:53 - 2014-07-15 07:52 - 00000000 ____D () C:\Program Files\iTunes

2014-07-15 07:53 - 2014-07-15 07:52 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-15 07:52 - 2014-07-15 07:52 - 00000000 ____D () C:\Program Files\iPod

2014-07-09 10:23 - 2014-07-09 10:23 - 00495360 _____ () C:\Users\Richard\Downloads\Think Like a Freak- The Authors of Freakonomics Offer to Retrain Your Brain.azw3

2014-07-09 07:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-07-09 03:25 - 2009-07-14 00:45 - 00440160 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-09 03:23 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-09 03:23 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 03:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-09 03:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 03:07 - 2013-10-18 12:24 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-09 03:05 - 2013-10-21 10:19 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-09 03:03 - 2013-10-21 10:19 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-08 09:50 - 2013-10-18 11:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-08 09:50 - 2013-10-18 11:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-08 09:50 - 2013-10-18 11:04 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-03 11:58 - 2013-10-07 00:47 - 00000000 ____D () C:\Users\Richard\Documents\My Digital Editions

2014-07-03 10:38 - 2014-07-03 10:38 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink (2).acsm

2014-07-03 10:37 - 2014-07-03 10:37 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink.acsm

2014-07-03 10:37 - 2014-07-03 10:37 - 00001696 _____ () C:\Users\Richard\Downloads\URLLink (1).acsm

2014-07-02 08:24 - 2013-10-08 13:32 - 00000000 ____D () C:\Users\Richard\Documents\Outlook Files

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\EPUBDRMRemoval

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\calibre

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\EPUBDRMRemoval

2014-07-02 01:13 - 2014-07-02 01:13 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\.EPUBDRMRemoval

2014-07-02 01:11 - 2014-07-02 01:10 - 17553083 _____ (Epubor Inc.) C:\Users\Richard\Downloads\epub_drm_removal.exe

2014-07-02 00:56 - 2014-07-02 00:55 - 00000000 ____D () C:\Users\Richard\AppData\Local\calibre-cache

2014-07-02 00:55 - 2014-07-02 00:51 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\calibre

2014-07-02 00:44 - 2014-07-02 00:35 - 00000000 ____D () C:\Users\Richard\Downloads\tools_v6.0.8

2014-07-02 00:32 - 2014-07-02 00:32 - 01816433 _____ () C:\Users\Richard\Downloads\tools_v6.0.8.zip

2014-07-02 00:20 - 2014-07-02 00:09 - 56086016 _____ () C:\Users\Richard\Downloads\calibre-1.42.0.msi

2014-07-02 00:09 - 2014-07-02 00:09 - 05946344 _____ (Adobe Systems Incorporated) C:\Users\Richard\Downloads\ADE_2.0_Installer.exe

2014-07-01 10:28 - 2012-12-09 17:56 - 00000000 ____D () C:\Users\Richard\Documents\Laura stuff

2014-06-30 10:44 - 2013-10-18 00:15 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job

2014-06-29 22:09 - 2014-07-08 21:54 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-29 22:04 - 2014-07-08 21:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

 

Some content of TEMP:

====================

C:\Users\Richard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgnhv7q.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-28 00:57

 

==================== End Of Log ============================

 

Link to post
Share on other sites

Additional text (too long for my first reply):

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Richard at 2014-07-28 06:55:36
Running from C:\Users\Richard\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3MCloudLibrary PC (QML) 1.38 (HKLM-x32\...\3MCloudLibrary PC (QML)) (Version: 1.38 - 3M)
ABBYY FineReader for ScanSnap 4.1 (HKLM-x32\...\{FB410000-0002-0000-0000-074957833700}) (Version: 8.02.650.72520 - ABBYY)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Aiseesoft DVD Creator 5.1.58 (HKLM-x32\...\{094BCE17-69CE-45ce-A131-F674CE996B3F}_is1) (Version: 5.1.58 - Aiseesoft Studio)
Aiseesoft PDF to Word Converter 3.2.6 (HKLM-x32\...\{3CF515C0-55D9-4591-824F-1934352AC10E}_is1) (Version: 3.2.6 - Aiseesoft Studio)
AllMyNotes Organizer (HKLM-x32\...\AllMyNotes Organizer) (Version: 2.80 - Vladonai Software)
AOMEI Backupper Professional Edition 2.0 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF55E6C09D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-2170W (HKLM-x32\...\{A1F706BE-11CF-48A9-9A25-61E76921AACF}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-J430W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.10.0 - Brother Industries, Ltd.)
CardMinder (HKLM-x32\...\{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}) (Version: V4.1L40 - PFU)
CardMinder V4.1 (x32 Version: 4.1.40.1 - PFU) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2115 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Document Manager (HKCU\...\DocumentManager) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
DVDFab 9.1.2.8 (19/02/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EaseUS PhonTunes Trial (HKLM-x32\...\EaseUS PhonTunes Trial_is1) (Version:  - EaseUS)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.4.10 - Epubor Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 5.2.1 (HKLM-x32\...\{5E6D0ABA-ABDE-11E3-9AED-00163E98E7D6}) (Version: 5.2.1.3108 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.1.3317 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3422 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.11.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 14.0.0 - iolo technologies, LLC)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Live Search Toolbar (x32 Version: 3.0.566.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobiSecret 4.0 (HKLM-x32\...\MobiSecret 4.0_is1) (Version:  - MobiSecret)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Paragon Backup and Recovery™ 14 Compact (HKLM\...\{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}) (Version: 90.00.0003 - Paragon Software)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSnap (x32 Version: 5.1.41.1 - PFU Limited) Hidden
ScanSnap Manager (HKLM-x32\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V5.1L41 - PFU)
ScanSnap Organizer (HKLM-x32\...\{E58F3B88-3B3E-4F85-9323-04789D979C15}) (Version: V4.1L41 - PFU)
ScanSnap Organizer (x32 Version: 4.1.41.1 - PFU LIMITED) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Software Informer 1.2 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Syncios version 3.0.6 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.6 - Anvsoft, Inc.)
System Mechanic 12 Professional (x32 Version: 14.0.0 - ) Hidden
TP-LINK 300Mbps Wireless USB Adapter Driver (HKLM-x32\...\{67A2AE56-F0CA-48AB-B511-F142C612BDF6}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trader Workstation 4.0 (HKLM-x32\...\Trader Workstation 4.0) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
uRex DVD Ripper Platinum (HKCU\...\uRexDVDRipperPlatinum) (Version:  - uRexsoft, Inc. All Rights Reserved.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Watermark Software (HKCU\...\WatermarkSoftware) (Version:  - Watermark Software. All Rights Reserved.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
You Need A Budget 4 (YNAB) (HKLM-x32\...\Steam App 227320) (Version:  - YouNeedABudget.com)
ZoneAlarm Firewall (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 11.0.768.000 - Check Point)
ZoneAlarm Security (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (x32 Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3262438419-2781910495-2142345371-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
28-07-2014 04:03:19 Scheduled Checkpoint
28-07-2014 10:36:47 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-07-17 09:04 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1053AE79-DAF4-4DE1-A5FA-DC16696B4F43} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {20777C27-2679-4188-9B8C-C5BE227C7E45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4161FE82-6EAC-4095-84DD-CF4CC26BDE8E} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {4AE066EB-18B5-488D-ABEA-75B7A16285CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6BAD66AF-66C0-4735-8152-4C4FD0650367} - System32\Tasks\HPCeeScheduleForRichard => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6C12020D-70AD-40E9-8DE8-742D2DE24337} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {9FAF592A-37DF-40F2-9611-7F2B57083A42} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2014-07-16] (iolo technologies, LLC)
Task: {B2D23DE5-4064-4B87-A64F-A46A1143D150} - System32\Tasks\ExtendedServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {BD0C5737-10FA-4259-A869-6EE8ED2240E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BF7EA18E-8060-4785-8E72-BC74FE1B8FDE} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {D1F6667E-3007-41D2-BA64-42F282F3D9F1} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {EB2D23E2-7CD1-470B-84F9-EEAA45C37C61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F2241073-947F-47A4-9E51-BCB5FBB664CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-07-08] (Microsoft)
Task: {F7B2DFA5-3324-409C-B96E-84B2ACA59692} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F893916B-B034-4948-B8E5-287BFA5D056C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRichard.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2008-08-05 14:01 - 2008-08-05 14:01 - 00092160 _____ () C:\Program Files (x86)\Zoom Player\zpshlext64.dll
2013-10-19 17:54 - 2005-04-22 00:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2009-09-14 20:17 - 2009-09-14 20:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-03-29 18:12 - 2014-03-07 17:07 - 00720384 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-07-23 22:28 - 2014-07-23 22:28 - 06302427 _____ () C:\Program Files (x86)\Epubor\ultimate\converter.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00237272 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\UiLogic.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00224984 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\diskmgr.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00171736 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Comn.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Ldm.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Device.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00257752 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\BrFat.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00368344 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\BrNtfs.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\FuncLogic.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00224984 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Clone.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00335576 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ImgFile.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Encrypt.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00073432 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Compress.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00093912 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\BrVol.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00188120 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\GptBcd.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00138968 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\FlBackup.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00478936 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\EnumFolder.dll
2014-05-16 10:19 - 2014-04-08 18:51 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\Backup.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-09-29 19:25 - 2009-09-29 19:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-06-11 08:21 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 08:21 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2013-10-28 00:05 - 2008-11-12 15:32 - 00014848 _____ () C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardPath.dll
2013-10-27 23:18 - 2011-08-31 08:41 - 00376832 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
2013-10-27 23:18 - 2011-03-16 15:30 - 00233472 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
2013-10-27 23:18 - 2003-03-26 18:46 - 00135168 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll
2013-10-27 23:19 - 2010-08-24 16:56 - 00167936 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
2014-06-11 08:21 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 08:21 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 08:21 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2013-10-19 17:53 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-07-23 06:26 - 2014-07-23 06:26 - 00043008 _____ () c:\users\richard\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgnhv7q.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-29 18:12 - 2014-03-07 17:07 - 00377856 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-03-29 18:12 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-03-29 18:12 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-03-29 18:13 - 2014-01-06 11:24 - 00671744 _____ () C:\Program Files (x86)\Syncios\hashab.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00270016 _____ () C:\Program Files (x86)\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll
2013-11-27 21:49 - 2013-11-27 21:49 - 01698304 _____ () C:\Program Files (x86)\Epubor\ultimate\PyQt4.QtCore.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00075264 _____ () C:\Program Files (x86)\Epubor\ultimate\sip.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 05998080 _____ () C:\Program Files (x86)\Epubor\ultimate\PyQt4.QtGui.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00507392 _____ () C:\Program Files (x86)\Epubor\ultimate\PyQt4.QtNetwork.pyd
2012-09-27 16:28 - 2012-09-27 16:28 - 00054272 _____ () C:\Program Files (x86)\Epubor\ultimate\Crypto.Cipher._DES.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00358400 _____ () C:\Program Files (x86)\Epubor\ultimate\_hashlib.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00047616 _____ () C:\Program Files (x86)\Epubor\ultimate\_sqlite3.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00426496 _____ () C:\Program Files (x86)\Epubor\ultimate\sqlite3.dll
2013-11-27 21:49 - 2013-11-27 21:49 - 00087552 _____ () C:\Program Files (x86)\Epubor\ultimate\_ctypes.pyd
2012-10-27 10:20 - 2012-10-27 10:20 - 00018432 _____ () C:\Program Files (x86)\Epubor\ultimate\win32event.pyd
2013-07-25 12:07 - 2013-07-25 12:07 - 00110080 _____ () C:\Program Files (x86)\Epubor\ultimate\pywintypes27.dll
2013-07-25 12:07 - 2013-07-25 12:07 - 00098816 _____ () C:\Program Files (x86)\Epubor\ultimate\win32api.pyd
2013-07-25 12:07 - 2013-07-25 12:07 - 00119808 _____ () C:\Program Files (x86)\Epubor\ultimate\win32file.pyd
2014-05-20 04:28 - 2014-05-20 04:28 - 00018944 _____ () C:\Program Files (x86)\Epubor\ultimate\winutil.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00044544 _____ () C:\Program Files (x86)\Epubor\ultimate\_socket.pyd
2013-11-27 21:49 - 2013-11-27 21:49 - 00899584 _____ () C:\Program Files (x86)\Epubor\ultimate\_ssl.pyd
2013-11-23 05:10 - 2013-11-23 05:10 - 00057344 _____ () C:\Program Files (x86)\Epubor\ultimate\libauthdll.dll
2013-11-27 21:49 - 2013-11-27 21:49 - 00327168 _____ () C:\Program Files (x86)\Epubor\ultimate\PyQt4.QtWebKit.pyd
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Richard\Downloads\Tailors (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Richard\Downloads\Tailors.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/28/2014 04:00:03 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location J:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (07/28/2014 01:01:33 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (07/27/2014 00:21:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Richard-PC.local already in use; will try Richard-PC-2.local instead
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Richard-PC.local. AAAA FE80:0000:0000:0000:3896:6EBF:81B2:BE5A
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.14:5353   16 Richard-PC.local. AAAA FE80:0000:0000:0000:5CC7:6FC3:9F44:8763
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 Richard-PC.local. Addr 192.168.1.3
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Our Record 2 won:  848D3E4E   16 Richard-PC.local. AAAA FE80:0000:0000:0000:3896:6EBF:81B2:BE5A
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Pkt Record:        00303270    4 Richard-PC.local. Addr 192.168.1.14
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Our Record 3 lost: 00303218    4 Richard-PC.local. Addr 192.168.1.3
 
 
System errors:
=============
Error: (07/27/2014 07:53:33 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/26/2014 06:43:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/24/2014 00:29:52 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/23/2014 11:25:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/23/2014 06:42:00 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{51D9BE8F-AFBF-4500-A79F-5500003F5D09}.
The backup browser is stopping.
 
Error: (07/23/2014 06:27:21 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
 
Error: (07/22/2014 01:23:35 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{51D9BE8F-AFBF-4500-A79F-5500003F5D09}.
The backup browser is stopping.
 
Error: (07/22/2014 01:06:37 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (07/22/2014 00:49:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (07/22/2014 00:49:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218173.
 
 
Microsoft Office Sessions:
=========================
Error: (07/28/2014 04:00:03 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: J:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (07/28/2014 01:01:33 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (07/27/2014 00:21:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Richard-PC.local already in use; will try Richard-PC-2.local instead
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Richard-PC.local. AAAA FE80:0000:0000:0000:3896:6EBF:81B2:BE5A
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.14:5353   16 Richard-PC.local. AAAA FE80:0000:0000:0000:5CC7:6FC3:9F44:8763
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing:    4 Richard-PC.local. Addr 192.168.1.3
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Our Record 2 won:  848D3E4E   16 Richard-PC.local. AAAA FE80:0000:0000:0000:3896:6EBF:81B2:BE5A
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Pkt Record:        00303270    4 Richard-PC.local. Addr 192.168.1.14
 
Error: (07/27/2014 00:16:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 0000000001848D20 Our Record 3 lost: 00303218    4 Richard-PC.local. Addr 192.168.1.3
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-17 08:52:36.484
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-17 08:52:36.359
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 51%
Total physical RAM: 8157.18 MB
Available physical RAM: 3971.21 MB
Total Pagefile: 16312.54 MB
Available Pagefile: 11031.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:920.76 GB) (Free:823.44 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.64 GB) (Free:1.56 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B6454C06)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=921 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

Step 1

Download 51a612a8b27e2-Zoek.pngzoek.exe to your desktop

  • If Internet Explorer, any other browser, or a security program issues a warning indicating the file is unsafe, please ignore, since it is a false warning.
Using Zoek.exe
  • On the Desktop, double-click Zoek.exe to start the tool.

    Windows Vista, 7 and 8 users right-click the file and select: Run as Administrator.

    Give the program a few seconds to appear.

  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this system only, do not use it on any other computer even if the problems are similar.

    CHRdefaults;FFdefaults;resetIEproxy;iedefaults;emptyclsid;autoclean;systemspecs;
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive.
  • Please post the logfile for further review in your next comment.
Link to post
Share on other sites

Zoek.exe v5.0.0.0 Updated 26-07-2014

Tool run by Richard on Mon 07/28/2014 at  8:13:54.14.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Richard\Downloads\zoek (1).exe [scan all users] [script inserted] 

 

==== System Restore Info ======================

 

7/28/2014 8:15:45 AM Zoek.exe System Restore Point Created Succesfully.

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== Deleting Services ======================

 

 

==== Deleting Files \ Folders ======================

 

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted

C:\Users\Richard\AppData\LocalLow\{711AE6FB-4C1E-2FF4-2865-64D38A65158E} deleted

C:\Users\Richard\AppData\Local\Packages\windows_ie_ac_001\AC\{711AE6FB-4C1E-2FF4-2865-64D38A65158E} deleted

C:\Users\Richard\AppData\Local\Packages\windows_ie_ac_001\AC\{7A7D0C91-45F5-02CE-C8A7-2E01AC20280A} deleted

C:\PROGRA~3\DivX deleted

C:\PROGRA~3\Microsoft OneDrive deleted

C:\PROGRA~2\Check Point Software Technologies LTD deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Professional Edition 2.0 deleted

C:\Users\Richard\Searches deleted

C:\Users\Richard\Downloads\CouponPrinter (1).exe deleted

C:\Users\Richard\Downloads\CouponPrinter (2).exe deleted

C:\Users\Richard\Downloads\couponprinter (3).exe deleted

C:\Users\Richard\Downloads\couponprinter (4).exe deleted

C:\Users\Richard\Downloads\CouponPrinter.exe deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

"C:\Windows\Installer\4734f0.msi" deleted

"C:\PROGRA~3\8e1fa0f09b33642c\{B945F928-45A2-231E-495F-38C40CA198E9}.20140716090858" deleted

"C:\PROGRA~3\8e1fa0f09b33642c\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}.20140716090839" deleted

"C:\PROGRA~3\8e1fa0f09b33642c" deleted

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 8158 MB

CPU Info: Intel® Core2 Quad CPU    Q8300  @ 2.50GHz

CPU Speed: 2468.7 MHz

Sound Card: Speakers (Realtek High Definiti | 

Realtek Digital Output (Realtek | 

Display Adapters: Intel® G45/G43 Express Chipset | Intel® G45/G43 Express Chipset | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1440 X 900 - 32 bit

Network: Network Present

Network Adapters: 300Mbps Wireless USB Adapter | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7231S5

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C:  920.8GB | D:  10.6GB

Hard Disks - Free: C:  823.2GB | D:  1.6GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 01/28/10 | HPQOEM - 20100128

Time Zone: Eastern Standard Time

Motherboard *: PEGATRON CORPORATION Eureka3

Country: United States 

Language: ENU 

 

==== System Specs (Software) ======================

 

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Firewall: ZoneAlarm Free Firewall Firewall disabled

Internet Explorer Version: 11.0.9600.17207 

Google Chrome version: 35.0.1916.153

Adobe Reader version: 11.0.07.79

Sun Java version: 1.7.0_65 (32-bit) 

 

==== Chrome Look ======================

 

Google Voice Search Hotword (Beta) - Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

 

==== Chrome Fix ======================

 

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_deals.kinja.com_0.localstorage deleted successfully

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_deals.kinja.com_0.localstorage-journal deleted successfully

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{35136925-F7ED-443D-80DE-CCBE024F9313} Unknown  Url="Not_Found"

 

==== Reset Google Chrome ======================

 

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-3262438419-2781910495-2142345371-1000\Software\Microsoft\Internet Explorer\SearchScopes\{35136925-F7ED-443D-80DE-CCBE024F9313} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== Reset IE Proxy ======================

 

Value(s) before fix:

"ProxyOverride"="*.local"

"ProxyEnable"=dword:00000000

 

Value(s) after fix:

"ProxyEnable"=dword:00000000

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

 

==== Empty IE Cache ======================

 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2861G3RE will be deleted at reboot

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Z8CMBOK will be deleted at reboot

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MC4XYJK will be deleted at reboot

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D4T98Y0G will be deleted at reboot

 

==== Empty FireFox Cache ======================

 

No FireFox Profiles found

 

==== Empty Chrome Cache ======================

 

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=100 folders=33 11084399 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Administrator\AppData\Local\temp emptied successfully

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Guest\AppData\Local\temp emptied successfully

C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Users\Richard\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\Richard\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2861G3RE" not found

"C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Z8CMBOK" not found

"C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8MC4XYJK" not found

"C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D4T98Y0G" not found

 

==== EOF on Mon 07/28/2014 at  8:41:54.19 ======================
Link to post
Share on other sites

Sorry-I forgot Adware log:

# AdwCleaner v3.300 - Report created 28/07/2014 at 08:53:37
# Updated 27/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Richard - RICHARD-PC
# Running from : C:\Users\Richard\Downloads\AdwCleaner (4).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Tâches planifiées ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [5458 octets] - [17/07/2014 01:00:54]
AdwCleaner[R1].txt - [1763 octets] - [17/07/2014 12:02:36]
AdwCleaner[R2].txt - [1822 octets] - [18/07/2014 08:24:29]
AdwCleaner[R3].txt - [1671 octets] - [21/07/2014 00:27:22]
AdwCleaner[R4].txt - [1293 octets] - [28/07/2014 08:52:12]
AdwCleaner[s0].txt - [6399 octets] - [17/07/2014 01:02:07]
AdwCleaner[s1].txt - [2553 octets] - [17/07/2014 12:03:37]
AdwCleaner[s2].txt - [1780 octets] - [18/07/2014 08:25:52]
AdwCleaner[s3].txt - [2570 octets] - [21/07/2014 00:41:23]
AdwCleaner[s4].txt - [1367 octets] - [28/07/2014 08:53:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1427 octets] ##########
Link to post
Share on other sites

When I am using msn.com and  I type  yahoo.com in address, it pauses for a long time and then address changes back to msn.com. The same thing happens if I attempt to go to google.com. This happens whether I type the address or attempt to go to yahoo or google using my shortcuts. Other addresses work fine.  

post-169967-0-32418800-1406584075_thumb.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.