Constant "Bad Image" Errors After Running MalwareBytes

MisterButtons · July 28, 2014

Hey guys,

I'm currently experiencing what I've ascertained is a common experience after running malwarebytes:

I'm getting tons of "bad image" errors that look like this:

http://thewindowsclub.thewindowsclubco.netdna-cdn.com/wp-content/uploads/2013/08/chrome-exe-bad-image-400x200.jpg?c2fdaa

This happens when I open basically every program.

I'm following the advice on this page:

https://forums.malwarebytes.org/index.php?/topic/145506-bad-image-errors-after-running-malwarebytes-to-clean-up-infections/

So I've download and run farbar and everything, but apparently I still need a fixlist.txt file?

Below are my FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Andrew (administrator) on ANDREW-HP on 28-07-2014 07:49:37
Running from C:\Users\Andrew\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
() C:\Program Files (x86)\ERUNT\ERUNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Andrew\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() Q:\140066.enu\Office14\WINWORDC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() Q:\140066.enu\Office14\OffSpon.EXE
(inkscape.org) C:\Program Files (x86)\Inkscape\inkscape.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Final Fantasy III\FF3_Launcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Andrew\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [installerLauncher] => C:\Users\Andrew\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe [815600 2013-03-25] (BitDefender S.R.L.) <===== ATTENTION
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\MountPoints2: J - J:\Setup.exe
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\MountPoints2: {bd63e245-ef1f-11e2-95e7-e840f28cb911} - J:\Setup.exe
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\MountPoints2: {e9debfc1-c80f-11e3-9e89-e840f28cb911} - O:\mint4win.exe --force-wubi --cdmenu --skipmd5check
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\MountPoints2: {e9dec030-c80f-11e3-9e89-e840f28cb911} - P:\mint4win.exe --force-wubi --cdmenu --skipmd5check
HKU\S-1-5-21-2839907059-551704190-3888377068-1000\...\MountPoints2: {f66e1159-3f62-11e3-9b80-e840f28cb911} - K:\start.exe
AppInit_DLLs: C:\PROGRA~3\ACCELE~1\ACCELE~2.DLL => C:\ProgramData\Accelesys\Accelesys_x64.dll [4516864 2014-01-01] ()
AppInit_DLLs: C:\PROGRA~3\WINCLE~1\WINCLE~2.DLL => C:\PROGRA~3\WINCLE~1\WINCLE~2.DLL File Not Found
AppInit_DLLs: C:\PROGRA~3\INTELI~1\INTELI~2.DLL => C:\ProgramData\InteliWeb\InteliWeb_x64.dll [4207104 2014-01-01] ()
AppInit_DLLs: C:\PROGRA~3\INTELE~1\INTELE~2.DLL => C:\ProgramData\Intelewin filter\Intelewinfilter_x64.dll [4414464 2014-01-01] ()
AppInit_DLLs: C:\PROGRA~3\SMOOTH~1\SMOOTH~2.DLL => C:\PROGRA~3\SMOOTH~1\SMOOTH~2.DLL File Not Found
AppInit_DLLs: C:\PROGRA~3\SPEEDS~1\SPEEDS~2.DLL => C:\ProgramData\Speed Streamer\SpeedStreamer_x64.dll [4485632 2014-01-01] ()
AppInit_DLLs-x32: c:\progra~3\accele~1\accele~1.dll => c:\ProgramData\Accelesys\Accelesys.dll [4136448 2014-01-01] ()
AppInit_DLLs-x32: c:\progra~3\wincle~1\wincle~1.dll => "c:\progra~3\wincle~1\wincle~1.dll" File Not Found
AppInit_DLLs-x32: c:\progra~3\inteli~1\inteli~1.dll => c:\ProgramData\InteliWeb\InteliWeb.dll [4261376 2014-01-01] ()
AppInit_DLLs-x32: c:\progra~3\intele~1\intele~1.dll => c:\ProgramData\Intelewin filter\Intelewinfilter.dll [4335104 2014-01-01] ()
AppInit_DLLs-x32: c:\progra~3\smooth~1\smooth~1.dll => "c:\progra~3\smooth~1\smooth~1.dll" File Not Found
AppInit_DLLs-x32: c:\progra~3\speeds~1\speeds~1.dll => c:\ProgramData\Speed Streamer\SpeedStreamer.dll [4193792 2014-01-01] ()
Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://ca.yahoo.com/
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {50E87E1F-AD6E-4A80-9557-2C3A184EC89A} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {50E87E1F-AD6E-4A80-9557-2C3A184EC89A} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - DefaultScope {70214157-A8B0-4052-9443-48E7107A841D} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=frg_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzz0C0BzytCtCtA0C0D0BtN0D0Tzu0SzzyDzztN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyCzz0CzzyCtBtDyDtGyEyDyDtBtGtA0A0E0EtGtC0CyC0CtGtCtC0DtCyEyCtB0C0A0DyDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0D0FzyzytDyD0AtGtDyCyDyDtGtCyEtCyCtGyB0B0CtCtGyC0C0D0DyBtA0BtD0FtAtD0C2Q&cr=1555193341&ir=
SearchScopes: HKCU - {50E87E1F-AD6E-4A80-9557-2C3A184EC89A} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {70214157-A8B0-4052-9443-48E7107A841D} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=frg_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzz0C0BzytCtCtA0C0D0BtN0D0Tzu0SzzyDzztN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyCzz0CzzyCtBtDyDtGyEyDyDtBtGtA0A0E0EtGtC0CyC0CtGtCtC0DtCyEyCtB0C0A0DyDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0D0FzyzytDyD0AtGtDyCyDyDtGtCyEtCyCtGyB0B0CtCtGyC0C0D0DyBtA0BtD0FtAtD0C2Q&cr=1555193341&ir=
BHO: SaverEExteensionn -> {0288147F-EBFD-3AFB-974E-1BF19DAE4157} -> C:\ProgramData\SaverEExteensionn\_bYCL.x64.dll No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CE7A1FB8-F398-4EDE-B66B-B9BE4DD9BDE6}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\tvdpfsfb.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Andrew\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Andrew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Andrew\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Andrew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrew\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrew\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrew\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrew\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-01-25]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-21]
CHR Extension: (Google Drive) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-21]
CHR Extension: (Google Search) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-21]
CHR Extension: (BrowserPlus2) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl [2014-05-21]
CHR Extension: (Skype Click to Call) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-15]
CHR Extension: (Google Wallet) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-21]
CHR HKCU\...\Chrome\Extension: [iigplimlmgilpobjilfbfeilnpiigpgl] - C:\Users\Andrew\AppData\Local\CRE\iigplimlmgilpobjilfbfeilnpiigpgl.crx [2013-09-11]
CHR HKCU\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Andrew\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2013-09-11]
CHR HKLM-x32\...\Chrome\Extension: [iigplimlmgilpobjilfbfeilnpiigpgl] - C:\Users\Andrew\AppData\Local\CRE\iigplimlmgilpobjilfbfeilnpiigpgl.crx [2013-09-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Andrew\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-15] (Adobe Systems) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
S3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-06-25] (Disc Soft Ltd)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2011-12-05] (Symantec Corporation)
S3 wampapache; C:\Users\Andrew\Desktop\web design\wampserver\wamp\bin\apache\apache2.2.22\bin\httpd.exe [22016 2012-05-13] (Apache Software Foundation) [File not signed]
S3 wampmysqld; C:\Users\Andrew\Desktop\web design\wampserver\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] () [File not signed]
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-21] (AVG Technologies)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-07-23] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-31] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-01-25] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 V0720Vid; C:\Windows\System32\DRIVERS\V0720Vid.sys [334048 2011-05-30] (Creative Technology Ltd.)
R3 VirtCam; C:\Windows\System32\DRIVERS\VirtCam.sys [189984 2011-04-07] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 07:49 - 2014-07-28 07:50 - 00031000 _____ () C:\Users\Andrew\Downloads\FRST.txt
2014-07-28 07:49 - 2014-07-28 07:49 - 00000000 ____D () C:\FRST
2014-07-28 07:48 - 2014-07-28 07:49 - 02093568 _____ (Farbar) C:\Users\Andrew\Downloads\FRST64.exe
2014-07-28 01:51 - 2014-07-28 01:51 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{3FD3E0FB-77DA-4D1E-A142-BB15930272A8}
2014-07-27 13:50 - 2014-07-27 13:51 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{0EA76FB1-28BD-4291-B3C6-61A263A05751}
2014-07-27 01:50 - 2014-07-27 01:50 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{AA182769-D4FE-45CC-927C-950EF59C83F9}
2014-07-26 13:49 - 2014-07-26 13:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E76C3255-849E-45A5-896D-C5FF31E864D5}
2014-07-26 02:04 - 2014-07-26 02:04 - 00001241 _____ () C:\Users\Andrew\AppData\Local\recently-used.xbel
2014-07-26 01:48 - 2014-07-26 01:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E4A58F3A-62D7-4D53-8085-ED2F044C7DD7}
2014-07-22 20:19 - 2014-07-22 20:20 - 10698135 _____ () C:\Users\Andrew\Documents\Presentation6.wmv
2014-07-22 20:16 - 2014-07-22 20:16 - 01409938 _____ () C:\Users\Andrew\Documents\Presentation6.pptx
2014-07-22 19:11 - 2014-07-22 19:11 - 00002141 _____ () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00002102 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00002102 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ___RD () C:\Users\Andrew\OneDrive
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-07-22 18:56 - 2014-07-22 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-22 18:53 - 2014-07-22 18:54 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-22 18:53 - 2014-07-22 18:53 - 01030832 _____ (Microsoft Corporation) C:\Users\Andrew\Downloads\Setup.X86.en-US_O365HomePremRetail_c1b95810-fc78-4c1b-b6ea-d37f14f4a791_TX_PR_.exe
2014-07-21 15:49 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{C9DFFED9-9373-4E66-A2C5-8EAE46955718}
2014-07-21 03:49 - 2014-07-21 03:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{5FF73BC7-223B-4275-8D07-4356DF040522}
2014-07-20 15:49 - 2014-07-20 15:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{1C07786B-9D95-4527-A08C-BF17A62FBD6A}
2014-07-20 03:48 - 2014-07-20 03:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{1B4C44AA-879B-480C-A39E-4B00D6D11347}
2014-07-19 15:48 - 2014-07-19 15:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E4B31865-A608-401F-A23C-125F07BEBCD7}
2014-07-19 03:48 - 2014-07-19 03:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4B716D45-F187-4622-9E0E-B7B91ED2379C}
2014-07-18 15:47 - 2014-07-18 15:47 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{6E5CBEDF-2769-48CD-AC37-0EFA55414C4B}
2014-07-18 03:46 - 2014-07-18 03:47 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{DC5DA574-EEE3-4F86-B045-61C2AC314C0B}
2014-07-17 15:46 - 2014-07-17 15:46 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{95AC4A82-A449-41DC-A813-0FBB8E5BFF04}
2014-07-17 03:45 - 2014-07-17 03:45 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{22BEF2E1-441E-425E-95D4-1D48356DC6E4}
2014-07-16 20:08 - 2014-07-16 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-16 20:08 - 2014-07-16 20:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 15:44 - 2014-07-16 15:45 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4D8E25F4-1969-46A3-813E-20E9FB7129BA}
2014-07-15 16:33 - 2014-07-15 16:34 - 04812672 _____ (Piriform Ltd) C:\Users\Andrew\Downloads\ccsetup415.exe
2014-07-15 16:07 - 2014-05-12 23:27 - 00591040 _____ (Sysinternals - www.sysinternals.com) C:\Users\Andrew\Downloads\autoruns.exe
2014-07-15 16:07 - 2014-05-12 23:27 - 00504000 _____ (Sysinternals - www.sysinternals.com) C:\Users\Andrew\Downloads\autorunsc.exe
2014-07-15 16:07 - 2013-03-17 16:52 - 00049518 _____ () C:\Users\Andrew\Downloads\autoruns.chm
2014-07-15 16:07 - 2006-07-28 09:32 - 00007005 _____ () C:\Users\Andrew\Downloads\Eula.txt
2014-07-15 16:06 - 2014-07-15 16:06 - 00511782 _____ () C:\Users\Andrew\Documents\Autoruns.zip
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Windows\ERDNT
2014-07-15 16:00 - 2014-07-15 16:00 - 00000907 _____ () C:\Users\Andrew\Desktop\ERUNT.lnk
2014-07-15 16:00 - 2014-07-15 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-15 16:00 - 2014-07-15 16:00 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-15 15:59 - 2014-07-15 15:59 - 00791393 _____ (Lars Hederer ) C:\Users\Andrew\Documents\erunt-setup.exe
2014-07-15 12:27 - 2014-07-15 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 12:27 - 2014-07-15 12:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 12:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-15 12:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-15 12:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-15 12:20 - 2014-07-15 12:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrew\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 00:18 - 2014-07-04 00:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{256177E8-1D0E-4FF9-A6A6-85B51C8D7F37}
2014-07-03 12:18 - 2014-07-03 12:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4B1AF77B-85EB-4137-8536-051AF4042AED}
2014-07-03 00:18 - 2014-07-03 00:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{C272A726-56DB-45BD-B87A-94F267FF59C8}
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Windows Live Writer
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Local\Windows Live Writer
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{2E3D9E77-2856-403F-B7E0-130D7C172401}
2014-07-01 10:47 - 2014-07-01 10:48 - 14524926 _____ () C:\Users\Andrew\Downloads\30th of july Storyboard with images.zip
2014-07-01 01:52 - 2014-07-26 00:11 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Hubstaff
2014-07-01 01:52 - 2014-07-01 01:52 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\fltk.org
2014-07-01 01:52 - 2014-07-01 01:52 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-01 01:49 - 2014-07-01 01:49 - 00000000 ____D () C:\Program Files\Hubstaff
2014-06-29 04:42 - 2014-06-29 04:42 - 57439713 _____ () C:\Users\Andrew\New document 1.2014_06_29_04_42_06.0.svg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 07:50 - 2014-07-28 07:49 - 00031000 _____ () C:\Users\Andrew\Downloads\FRST.txt
2014-07-28 07:49 - 2014-07-28 07:49 - 00000000 ____D () C:\FRST
2014-07-28 07:49 - 2014-07-28 07:48 - 02093568 _____ (Farbar) C:\Users\Andrew\Downloads\FRST64.exe
2014-07-28 07:48 - 2009-07-14 02:15 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 07:48 - 2009-07-14 02:15 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 07:45 - 2012-06-05 01:48 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Skype
2014-07-28 07:45 - 2012-05-28 18:16 - 01340857 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 01:51 - 2014-07-28 01:51 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{3FD3E0FB-77DA-4D1E-A142-BB15930272A8}
2014-07-27 18:44 - 2014-05-18 18:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-27 13:51 - 2014-07-27 13:50 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{0EA76FB1-28BD-4291-B3C6-61A263A05751}
2014-07-27 09:21 - 2013-11-25 06:02 - 00000000 ____D () C:\Users\Andrew\Desktop\articles
2014-07-27 05:46 - 2012-06-05 01:40 - 00000000 ____D () C:\Users\Andrew\Desktop\copywriting
2014-07-27 01:50 - 2014-07-27 01:50 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{AA182769-D4FE-45CC-927C-950EF59C83F9}
2014-07-26 13:49 - 2014-07-26 13:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E76C3255-849E-45A5-896D-C5FF31E864D5}
2014-07-26 08:34 - 2012-01-25 21:13 - 00000000 ____D () C:\ProgramData\PDFC
2014-07-26 04:49 - 2014-06-20 21:25 - 00000000 ____D () C:\Users\Andrew\AppData\Local\FF3_Win32
2014-07-26 02:04 - 2014-07-26 02:04 - 00001241 _____ () C:\Users\Andrew\AppData\Local\recently-used.xbel
2014-07-26 01:49 - 2014-07-26 01:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E4A58F3A-62D7-4D53-8085-ED2F044C7DD7}
2014-07-26 00:11 - 2014-07-01 01:52 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Hubstaff
2014-07-25 16:45 - 2012-06-10 02:48 - 00000984 _____ () C:\Users\Andrew\Desktop\Dropbox.lnk
2014-07-25 16:45 - 2012-06-10 02:48 - 00000000 ___RD () C:\Users\Andrew\Dropbox
2014-07-25 16:45 - 2012-06-10 02:46 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 16:45 - 2012-06-10 02:45 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Dropbox
2014-07-25 07:38 - 2009-07-14 02:43 - 00794124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 07:33 - 2009-07-14 02:21 - 00050637 _____ () C:\Windows\setupact.log
2014-07-25 07:33 - 2009-07-14 02:15 - 05112752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 07:32 - 2010-11-21 01:17 - 00529678 _____ () C:\Windows\PFRO.log
2014-07-25 01:27 - 2012-06-27 00:06 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\vlc
2014-07-23 23:25 - 2014-03-03 00:32 - 00000000 ____D () C:\Users\Andrew\AppData\Local\Paint.NET
2014-07-23 23:25 - 2012-05-28 18:34 - 00129392 _____ () C:\Users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-22 20:20 - 2014-07-22 20:19 - 10698135 _____ () C:\Users\Andrew\Documents\Presentation6.wmv
2014-07-22 20:16 - 2014-07-22 20:16 - 01409938 _____ () C:\Users\Andrew\Documents\Presentation6.pptx
2014-07-22 19:11 - 2014-07-22 19:11 - 00002141 _____ () C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00002102 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00002102 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ___RD () C:\Users\Andrew\OneDrive
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-22 19:11 - 2014-07-22 19:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-07-22 19:11 - 2012-05-28 18:19 - 00000000 ____D () C:\Users\Andrew
2014-07-22 19:11 - 2012-01-25 21:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-22 19:01 - 2014-07-22 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-22 18:57 - 2012-06-15 00:08 - 00000000 ____D () C:\Users\Andrew\AppData\Local\CrashDumps
2014-07-22 18:54 - 2014-07-22 18:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-22 18:53 - 2014-07-22 18:53 - 01030832 _____ (Microsoft Corporation) C:\Users\Andrew\Downloads\Setup.X86.en-US_O365HomePremRetail_c1b95810-fc78-4c1b-b6ea-d37f14f4a791_TX_PR_.exe
2014-07-21 18:58 - 2013-01-07 11:10 - 00000000 ____D () C:\Users\Andrew\Desktop\Jobs And Employment
2014-07-21 15:50 - 2014-07-21 15:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{C9DFFED9-9373-4E66-A2C5-8EAE46955718}
2014-07-21 03:49 - 2014-07-21 03:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{5FF73BC7-223B-4275-8D07-4356DF040522}
2014-07-20 15:49 - 2014-07-20 15:49 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{1C07786B-9D95-4527-A08C-BF17A62FBD6A}
2014-07-20 03:48 - 2014-07-20 03:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{1B4C44AA-879B-480C-A39E-4B00D6D11347}
2014-07-19 15:48 - 2014-07-19 15:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{E4B31865-A608-401F-A23C-125F07BEBCD7}
2014-07-19 03:48 - 2014-07-19 03:48 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4B716D45-F187-4622-9E0E-B7B91ED2379C}
2014-07-18 15:47 - 2014-07-18 15:47 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{6E5CBEDF-2769-48CD-AC37-0EFA55414C4B}
2014-07-18 03:47 - 2014-07-18 03:46 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{DC5DA574-EEE3-4F86-B045-61C2AC314C0B}
2014-07-17 22:39 - 2009-07-14 03:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-17 15:46 - 2014-07-17 15:46 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{95AC4A82-A449-41DC-A813-0FBB8E5BFF04}
2014-07-17 03:45 - 2014-07-17 03:45 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{22BEF2E1-441E-425E-95D4-1D48356DC6E4}
2014-07-16 20:08 - 2014-07-16 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-16 20:08 - 2014-07-16 20:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 15:45 - 2014-07-16 15:44 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4D8E25F4-1969-46A3-813E-20E9FB7129BA}
2014-07-15 16:34 - 2014-07-15 16:33 - 04812672 _____ (Piriform Ltd) C:\Users\Andrew\Downloads\ccsetup415.exe
2014-07-15 16:06 - 2014-07-15 16:06 - 00511782 _____ () C:\Users\Andrew\Documents\Autoruns.zip
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Windows\ERDNT
2014-07-15 16:00 - 2014-07-15 16:00 - 00000907 _____ () C:\Users\Andrew\Desktop\ERUNT.lnk
2014-07-15 16:00 - 2014-07-15 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-15 16:00 - 2014-07-15 16:00 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-15 15:59 - 2014-07-15 15:59 - 00791393 _____ (Lars Hederer ) C:\Users\Andrew\Documents\erunt-setup.exe
2014-07-15 14:38 - 2012-06-04 23:02 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\SoftGrid Client
2014-07-15 13:26 - 2013-09-16 08:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-15 13:11 - 2014-05-17 02:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 12:27 - 2014-07-15 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 12:27 - 2014-07-15 12:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 12:22 - 2014-07-15 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrew\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-15 12:11 - 2013-08-12 06:36 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-10 12:13 - 2013-10-29 04:48 - 00000000 ____D () C:\Users\Andrew\Desktop\Copywriting Books
2014-07-08 09:03 - 2013-01-18 22:53 - 00000000 ____D () C:\Users\Andrew\Desktop\nostalgia
2014-07-04 00:18 - 2014-07-04 00:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{256177E8-1D0E-4FF9-A6A6-85B51C8D7F37}
2014-07-03 12:18 - 2014-07-03 12:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{4B1AF77B-85EB-4137-8536-051AF4042AED}
2014-07-03 00:18 - 2014-07-03 00:18 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{C272A726-56DB-45BD-B87A-94F267FF59C8}
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\Windows Live Writer
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Local\Windows Live Writer
2014-07-02 12:17 - 2014-07-02 12:17 - 00000000 ____D () C:\Users\Andrew\AppData\Local\{2E3D9E77-2856-403F-B7E0-130D7C172401}
2014-07-02 12:16 - 2012-05-28 22:51 - 00000000 ____D () C:\Users\Andrew\AppData\Local\Windows Live
2014-07-01 10:48 - 2014-07-01 10:47 - 14524926 _____ () C:\Users\Andrew\Downloads\30th of july Storyboard with images.zip
2014-07-01 01:52 - 2014-07-01 01:52 - 00000000 ____D () C:\Users\Andrew\AppData\Roaming\fltk.org
2014-07-01 01:52 - 2014-07-01 01:52 - 00000000 ____D () C:\ProgramData\fltk.org
2014-07-01 01:49 - 2014-07-01 01:49 - 00000000 ____D () C:\Program Files\Hubstaff
2014-07-01 01:49 - 2009-07-14 00:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-29 04:42 - 2014-06-29 04:42 - 57439713 _____ () C:\Users\Andrew\New document 1.2014_06_29_04_42_06.0.svg

Files to move or delete:
====================
C:\Users\Andrew\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe
C:\Users\Andrew\AdobeApplicationManager.exe
C:\Users\Andrew\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_en-US.exe
C:\Users\Andrew\torbrowser-install-3.5.2.1_en-US.exe

Some content of TEMP:
====================
C:\Users\Andrew\AppData\Local\Temp\AstroburnLite180-0182.exe
C:\Users\Andrew\AppData\Local\Temp\BackupSetup.exe
C:\Users\Andrew\AppData\Local\Temp\bitool.dll
C:\Users\Andrew\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Andrew\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Andrew\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Andrew\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Andrew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvusn3r.dll
C:\Users\Andrew\AppData\Local\Temp\hpmujauz.dll
C:\Users\Andrew\AppData\Local\Temp\oDeskUpdater.exe
C:\Users\Andrew\AppData\Local\Temp\oi_{E19AB270-2AFD-47AB-98A6-89E47F7D6BA3}.exe
C:\Users\Andrew\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrew\AppData\Local\Temp\SIInvoker.exe
C:\Users\Andrew\AppData\Local\Temp\SIntf16.dll
C:\Users\Andrew\AppData\Local\Temp\SIntf32.dll
C:\Users\Andrew\AppData\Local\Temp\SIntfNT.dll
C:\Users\Andrew\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Andrew\AppData\Local\Temp\sp58915.exe
C:\Users\Andrew\AppData\Local\Temp\tbBit0.dll
C:\Users\Andrew\AppData\Local\Temp\UninstallHPSA.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-09-11 01:48

==================== End Of Log ============================

TwinHeadedEagle · July 28, 2014

Hello,


They call me TwinHeadedEagle around here, and I'll be working with you.




Before we start please read and note the following:

Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.
Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run Malwarebytes' Anti-Malware.

First of all, select update.
Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
Click the Scan tab, choose Threat Scan is checked and click Scan Now.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the newest Scan Log.
At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.

MisterButtons · July 28, 2014

And this is my addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Andrew at 2014-07-28 07:50:30
Running from C:\Users\Andrew\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD APP SDK Runtime (Version: 2.5.732.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D2A53F8D-3924-E600-6023-883B255E3812}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
AoA Audio Extractor (HKLM-x32\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
BodogPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E7}}_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Creative HD CODEC (HKLM-x32\...\Creative HD CODEC) (Version: 1.1.0.0 - Creative Technology Ltd)
Creative HD CODEC (x32 Version: 1.1.0.0 - Creative Technology Ltd) Hidden
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.00.58 - Creative Technology Ltd)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 1.1.0.0103 - Disc Soft Ltd)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Enthought Canopy (64-bit) (HKLM\...\{93D7DF53-FDD4-4270-B83C-1EBC15FA1A87}) (Version: 1.1.0.46 - Enthought, Inc.)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
FileZilla Client 3.8.0 (HKCU\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.59.12.WIN.FullTilt.COM - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Drive (HKLM-x32\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GotoCamera Client (HKLM-x32\...\GotoCameraClient) (Version: - Pechora Technologies)
GoToMeeting 6.1.0.1312 (HKCU\...\GoToMeeting) (Version: 6.1.0.1312 - CitrixOnline)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
Hubstaff (HKLM-x32\...\Hubstaff) (Version: 0.9.3 - Netsoft Holdings, LLC.)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
Inkscape 0.48.4 (HKCU\...\Inkscape) (Version: 0.48.4 - )
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Live! Cam inPerson HD VF0720 (1.01.01.00) (HKLM\...\Creative VF0720) (Version: - Creative Technology Ltd.)
LiveUSB Creator (remove only) (HKLM-x32\...\LiveUSB Creator) (Version: - )
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAgniiPeic (HKLM-x32\...\{EB03EF39-C655-D560-FA95-79182B837D64}) (Version: 3.0.0.1391 - MuaagniPIac)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.2.0223.1 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.2.223.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
MobileCamStreamer (HKLM-x32\...\{2F0ED3F6-08DE-44A3-ACE3-88F7B76BCB7D}) (Version: 1.5.0 - Mobideos)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA PhysX v8.10.17 (HKLM-x32\...\{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}) (Version: 8.10.17 - NVIDIA Corporation)
oDesk Team (HKCU\...\oDVT) (Version: - oDesk Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
partypoker.net (HKLM-x32\...\PartyPokerNet) (Version: - PartyGaming.Net)
Pavtube Video Converter version 3.6.1.2350 (HKLM-x32\...\{B4EE51E6-2C80-4B04-BDE0-ED4E87BEFECD}_is1) (Version: - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
Powerbullet Presenter 1.44 (HKLM-x32\...\Powerbullet Presenter_is1) (Version: 1.44 - DDD Pty Ltd)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tracker (HKLM-x32\...\com.elance.tracker) (Version: 2.3.3 - Elance Inc)
Tracker (x32 Version: 2.3.3 - Elance Inc) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VF0720 ZiiMeet Control Library (HKLM-x32\...\VF0720 ZiiMeet Control Library) (Version: 1.00.04 - Creative Technology Limited)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.3.64 - VeriSign)
VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WampServer 2.2 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Webcam Virtual Driver (HKLM-x32\...\Webcam Virtual Driver) (Version: 1.00.07.1607 - Creative Technology Ltd)
Webcam Virtual Driver (x32 Version: 1.00.07.1607 - Creative Technology Ltd) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{05187161-5C36-4324-A734-22BF37509F2D}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfTheoraDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{05A1D945-A794-44EF-B41A-2F851A117155}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfVorbisDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{121EA765-6D3F-4519-9686-A0BA6E5281A2}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{1F3EFFE4-0E70-47C7-9C48-05EB99E20011}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfOggMux.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{3376086C-D6F9-4CE4-8B89-33CD570106B5}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfFLACDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{5C769985-C3E1-4F95-BEE7-1101C465F5FC}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{5C94FE86-B93B-467F-BFC3-BD6C91416F9B}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfNativeFLACSource.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{7036C2FE-A209-464C-97AB-95B9260EDBF7}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{7605E26C-DE38-4B82-ADD8-FE2568CC0B25}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfSpeexDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{77E3A6A3-2A24-43FA-B929-00747E4B560B}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{7CC95AE6-C1FA-40CC-AB17-3E91DA2F77CA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\AxPlayer.dll (Xiph.Org)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Citrix\GoToMeeting\1312\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{A538F05F-DC08-4BF9-994F-18A86CCA6CC4}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{C9361F5A-3282-4944-9899-6D99CDC5370B}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfOggDemux2.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED3110F0-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\webmmux.dll (Google)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED3110F3-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\vp8decoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED3110F5-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED3110F8-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\webmsplit.dll (Google)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED311102-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{ED79AEC0-68AD-4BE6-B06E-B4D3C8101624}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{EE66A998-4E5C-4E23-A0F3-97C40D87EC48}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Enthought\opencodecs\x64\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2839907059-551704190-3888377068-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

09-07-2014 17:09:07 Windows Update
13-07-2014 04:10:54 Windows Update
15-07-2014 14:42:46 Removed Bonjour
16-07-2014 17:20:26 Windows Update
20-07-2014 04:15:53 Windows Update
23-07-2014 17:20:07 Windows Update
27-07-2014 04:32:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:04 - 2012-11-29 15:52 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10C52E64-E468-4B6A-97B8-4F0FA999A4B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {46D54A4F-A4B0-47F3-B2CC-0AF58A95C984} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839907059-551704190-3888377068-1000UA => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10] (Google Inc.)
Task: {6BFE1A5B-F9D1-431E-A19E-B796C51B7527} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {7AC5BBD8-D98C-46F6-8BD5-AAAB22ADCC9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9D0AFD98-96DB-4E68-802F-E3DE0B5DFC65} - \TopArcadeHits No Task File <==== ATTENTION
Task: {9E426958-BCEF-4BA7-8B32-2CF28C855A66} - System32\Tasks\HPCeeScheduleForANDREW-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A4B0C042-F493-4AAE-BBAC-CE95EE901767} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)
Task: {A697C885-2BDF-4DCF-B191-F9AD1FD3D9DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A842D43F-118D-439A-B4CF-463697FE9A51} - System32\Tasks\AdobeAAMUpdater-1.0-Andrew-HP-Andrew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {B51A697D-1C79-4575-9614-5601CDB5382F} - System32\Tasks\HPCeeScheduleForAndrew => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {BB289CDC-D0D1-4826-A1DE-5D5C1C375D81} - System32\Tasks\Updater36928.exe => C:\Users\Andrew\AppData\Local\Updater36928\Updater36928.exe <==== ATTENTION
Task: {BC9E619D-D22B-4B28-A928-C7A3D4EFA72D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {CDFE54EA-1E3D-471C-B70E-0392AF638E76} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839907059-551704190-3888377068-1000Core => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10] (Google Inc.)
Task: {E3682CBA-3E17-40BE-A036-CC4D57AF6049} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2839907059-551704190-3888377068-1000.job => C:\Users\Andrew\AppData\Local\Citrix\GoToMeeting\1312\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf3e454120f01c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839907059-551704190-3888377068-1000Core1ceee3fc3cb7ef.job => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839907059-551704190-3888377068-1000UA.job => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForANDREW-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndrew.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-07-22 18:53 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-22 19:01 - 2014-07-22 19:01 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 12:12 - 2010-01-02 12:12 - 00098304 _____ () C:\Users\Andrew\Desktop\web design\FileZilla FTP Client\fzshellext_64.dll
2005-10-20 12:04 - 2005-10-20 12:04 - 00038912 _____ () C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
2005-10-20 12:00 - 2005-10-20 12:00 - 00157696 _____ () C:\Program Files (x86)\ERUNT\ERUNT.EXE
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-06-20 19:09 - 2014-06-20 19:33 - 06660096 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-28 07:05 - 2014-03-28 07:05 - 00093696 _____ () C:\Users\Andrew\Desktop\web design\FileZilla FTP Client\fzshellext.dll
2014-05-21 09:37 - 2014-05-13 21:10 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 09:37 - 2014-05-13 21:10 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-07-25 16:45 - 2014-07-25 16:45 - 00043008 _____ () c:\users\andrew\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvusn3r.dll
2013-10-18 21:25 - 2013-10-18 21:25 - 25100288 _____ () C:\Users\Andrew\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-21 09:37 - 2014-05-13 21:10 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 09:37 - 2014-05-13 21:10 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 09:37 - 2014-05-13 21:10 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-07-13 15:26 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
2014-07-22 18:54 - 2014-07-22 18:54 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-07-22 18:54 - 2014-07-22 19:00 - 01286256 _____ () C:\Program Files\Microsoft Office 15\root\office15\PPRESOURCES.DLL
2010-03-06 05:54 - 2010-03-06 05:54 - 00705752 _____ () C:\Program Files (x86)\Inkscape\libMagick++-3.dll
2010-03-07 00:01 - 2010-03-07 00:01 - 00024110 _____ () C:\Program Files (x86)\Inkscape\mingwm10.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 05390569 _____ () C:\Program Files (x86)\Inkscape\libMagickCore-3.dll
2012-12-06 18:40 - 2012-12-06 18:40 - 00553382 _____ () C:\Program Files (x86)\Inkscape\freetype6.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00233192 _____ () C:\Program Files (x86)\Inkscape\libjpeg-7.dll
2012-10-21 18:38 - 2012-10-21 18:38 - 00752973 _____ () C:\Program Files (x86)\Inkscape\liblcms-1.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00223915 _____ () C:\Program Files (x86)\Inkscape\libpng12-0.dll
2011-05-21 04:51 - 2011-05-21 04:51 - 00100352 _____ () C:\Program Files (x86)\Inkscape\zlib1.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00396766 _____ () C:\Program Files (x86)\Inkscape\libtiff-3.dll
2010-12-28 21:51 - 2010-12-28 21:51 - 00047104 _____ () C:\Program Files (x86)\Inkscape\libgomp-1.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 01057933 _____ () C:\Program Files (x86)\Inkscape\libMagickWand-3.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 00233984 _____ () C:\Program Files (x86)\Inkscape\libatkmm-1.6-1.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 00819712 _____ () C:\Program Files (x86)\Inkscape\libglibmm-2.4-1.dll
2012-12-06 18:40 - 2012-12-06 18:40 - 00937996 _____ () C:\Program Files (x86)\Inkscape\libsigc-2.0-0.dll
2011-06-23 18:14 - 2011-06-23 18:14 - 00925304 _____ () C:\Program Files (x86)\Inkscape\libcairo-2.dll
2011-06-23 18:14 - 2011-06-23 18:14 - 00563458 _____ () C:\Program Files (x86)\Inkscape\libpixman-1-0.dll
2012-10-21 18:38 - 2012-10-21 18:38 - 00279059 _____ () C:\Program Files (x86)\Inkscape\libfontconfig-1.dll
2012-12-06 18:40 - 2012-12-06 18:40 - 00177586 _____ () C:\Program Files (x86)\Inkscape\libexpat-1.dll
2012-06-20 15:51 - 2012-06-20 15:51 - 01317226 _____ () C:\Program Files (x86)\Inkscape\libcairomm-1.0-1.dll
2011-01-16 14:12 - 2011-01-16 14:12 - 00230529 _____ () C:\Program Files (x86)\Inkscape\libpng14-14.dll
2011-05-21 04:51 - 2011-05-21 04:51 - 00103139 _____ () C:\Program Files (x86)\Inkscape\libpangocairo-1.0-0.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 00266752 _____ () C:\Program Files (x86)\Inkscape\libgdkmm-2.4-1.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 00156672 _____ () C:\Program Files (x86)\Inkscape\libpangomm-1.4-1.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 02534912 _____ () C:\Program Files (x86)\Inkscape\libgtkmm-2.4-1.dll
2012-11-08 15:35 - 2012-11-08 15:35 - 00787968 _____ () C:\Program Files (x86)\Inkscape\libgiomm-2.4-1.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00326673 _____ () C:\Program Files (x86)\Inkscape\libpoppler-glib-4.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 02046670 _____ () C:\Program Files (x86)\Inkscape\libpoppler-5.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00164978 _____ () C:\Program Files (x86)\Inkscape\libopenjpeg-2.dll
2012-09-07 16:48 - 2012-09-07 16:48 - 00987136 _____ () C:\Program Files (x86)\Inkscape\libxml2.dll
2010-03-06 05:54 - 2010-03-06 05:54 - 00051533 _____ () C:\Program Files (x86)\Inkscape\libpopt-0.dll
2012-09-07 16:48 - 2012-09-07 16:48 - 00166912 _____ () C:\Program Files (x86)\Inkscape\libxslt.dll
2012-10-21 18:38 - 2012-10-21 18:38 - 00100255 _____ () C:\Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-05-21 21:14 - 2014-07-11 22:23 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-18 19:08 - 2014-07-11 22:23 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 21:14 - 2014-07-11 22:23 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-05-18 19:08 - 2014-07-11 22:23 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-05-18 19:08 - 2014-06-26 20:10 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 21:14 - 2014-07-15 23:58 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 21:14 - 2014-04-28 22:07 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-05-18 19:08 - 2014-07-15 23:58 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-18 19:08 - 2014-05-01 21:05 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-18 05:41 - 2014-06-18 05:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-22 18:54 - 2014-07-22 18:56 - 00196264 _____ () C:\Program Files\Microsoft Office 15\root\office15\IEAWSDC.DLL
2014-06-20 19:09 - 2014-06-20 19:37 - 00880640 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\SDL2.dll
2014-06-20 19:09 - 2014-06-20 19:35 - 00705024 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\libGLESv2.dll
2014-06-20 19:35 - 2014-06-20 19:35 - 00043008 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\libEGL.dll
2014-06-20 19:09 - 2014-06-20 19:39 - 00864768 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\platforms\qwindows.dll
2014-05-18 19:08 - 2014-07-15 23:58 - 00359104 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-06-20 19:38 - 2014-06-20 19:38 - 00024576 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qgif.dll
2014-06-20 19:39 - 2014-06-20 19:39 - 00025088 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qico.dll
2014-06-20 19:41 - 2014-06-20 19:41 - 00242688 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qjpeg.dll
2014-06-20 19:35 - 2014-06-20 19:35 - 00221184 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qmng.dll
2014-06-20 19:37 - 2014-06-20 19:37 - 00018432 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qtga.dll
2014-06-20 19:09 - 2014-06-20 19:41 - 00312320 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qtiff.dll
2014-06-20 19:37 - 2014-06-20 19:37 - 00018432 _____ () C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\plugins\imageformats\qwbmp.dll
2014-07-22 18:54 - 2014-07-22 18:54 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Andrew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Andrew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Andrew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: fastclean => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Live! Central 3 => "C:\Users\Andrew\Desktop\Live! Central 3\CTLVCentral3.exe" /mode2
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: V0720Mon.exe => C:\Windows\V0720Mon.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2013 08:28:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Faulting module name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Exception code: 0xc0000005
Fault offset: 0x001a9346
Faulting process id: 0x1838
Faulting application start time: 0xGTAIV.exe0
Faulting application path: GTAIV.exe1
Faulting module path: GTAIV.exe2
Report Id: GTAIV.exe3

Error: (09/14/2013 00:30:10 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (09/12/2013 02:48:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gta-vc.exe, version: 0.0.0.0, time stamp: 0x48982736
Faulting module name: gta-vc.exe, version: 0.0.0.0, time stamp: 0x48982736
Exception code: 0xc0000005
Fault offset: 0x00260667
Faulting process id: 0x1888
Faulting application start time: 0xgta-vc.exe0
Faulting application path: gta-vc.exe1
Faulting module path: gta-vc.exe2
Report Id: gta-vc.exe3

Error: (09/12/2013 10:50:01 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (09/11/2013 01:48:01 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (09/09/2013 09:34:48 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (09/09/2013 06:37:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program gta_sa.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fc8

Start Time: 01cead3bf4acd253

Termination Time: 46

Application Path: C:\Users\Andrew\Desktop\games\GTA San Andreas\gta_sa.exe

Report Id:

Error: (09/08/2013 11:40:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b2c

Start Time: 01cead0188307743

Termination Time: 5

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/08/2013 11:37:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 9.0.8112.16476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2058

Start Time: 01cead0156dc552b

Termination Time: 3

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 9cda4503-18f4-11e3-9e25-e840f28cb911

Error: (09/08/2013 08:51:18 PM) (Source: MsiInstaller) (EventID: 10005) (User: Andrew-HP)
Description: Product: iTunes -- This iTunes installer is intended for 32-bit versions of Windows. Please download and install the 64-bit iTunes installer instead.

System errors:
=============
Error: (07/25/2014 11:00:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (07/25/2014 11:00:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (07/25/2014 07:34:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Win sys filter service to connect.

Error: (07/25/2014 07:33:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (09/12/2013 05:27:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (09/12/2013 05:27:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/29/2013 01:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/29/2013 01:17:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/26/2013 05:52:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/26/2013 05:52:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Microsoft Office Sessions:
=========================
Error: (09/14/2013 08:28:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GTAIV.exe1.0.7.04bd9efbeGTAIV.exe1.0.7.04bd9efbec0000005001a9346183801ceb1394995c767C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exeC:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe8bcd12cc-1d2c-11e3-9ede-e840f28cb911

Error: (09/14/2013 00:30:10 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (09/12/2013 02:48:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta-vc.exe0.0.0.048982736gta-vc.exe0.0.0.048982736c000000500260667188801ceafd9b21c8ca0C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exeC:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe68bd8d12-1bcf-11e3-9e25-e840f28cb911

Error: (09/12/2013 10:50:01 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (09/11/2013 01:48:01 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (09/09/2013 09:34:48 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (09/09/2013 06:37:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gta_sa.exe0.0.0.0fc801cead3bf4acd25346C:\Users\Andrew\Desktop\games\GTA San Andreas\gta_sa.exe

Error: (09/08/2013 11:40:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.164761b2c01cead01883077435C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/08/2013 11:37:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.16476205801cead0156dc552b3C:\Program Files (x86)\Internet Explorer\iexplore.exe9cda4503-18f4-11e3-9e25-e840f28cb911

Error: (09/08/2013 08:51:18 PM) (Source: MsiInstaller) (EventID: 10005) (User: Andrew-HP)
Description: Product: iTunes -- This iTunes installer is intended for 32-bit versions of Windows. Please download and install the 64-bit iTunes installer instead.(NULL)(NULL)(NULL)(NULL)(NULL)

==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 10220.31 MB
Available physical RAM: 4638.58 MB
Total Pagefile: 20438.81 MB
Available Pagefile: 13449.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1845.07 GB) (Free:1540.03 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:17.85 GB) (Free:2.14 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3831A28E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-217895141376) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)

==================== End Of Log ============================

TwinHeadedEagle · July 28, 2014

Okay, please proceed with my MalwareBytes instructions.

MisterButtons · July 28, 2014

OK, I'm running it now.

MisterButtons · July 28, 2014

Hey. Couldn't find any way to attach the text file so I'm just pasting here:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28/07/2014
Scan Time: 8:46:02 AM
Logfile: SCAN LOG.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.28.01
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Andrew

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332756
Time Elapsed: 31 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Softonic.A, C:\Users\Andrew\Desktop\web design\SoftonicDownloader_for_colorpad.exe, Quarantined, [0c956b35afcced49ab4f52d6e51ce818],
PUP.Optional.Topmedia, C:\Users\Andrew\Desktop\web design\photoshop\Adobe_Photoshop_CS5_Extended_[Portable][Multi][Plugins][Reupload_secure.exe, Quarantined, [2a777927e09bde586e982d457f85946c],

Physical Sectors: 0
(No malicious items detected)

(end)

TwinHeadedEagle · July 28, 2014

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

Right-click on

icon and select

Run as Administrator to start the tool.

(XP users click run after receipt of Windows Security Warning - Open File).

Press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

Right-click on icon and select Run as Administrator to start the tool.

Follow the prompts and click Scan.

When finished, please click Clean.

Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.

fixlist.txt

MisterButtons · July 28, 2014

Thanks dude!

Worked like a charm!

TwinHeadedEagle · July 28, 2014

Can I see Fixlog.txt and Adwcleaner report?

AdvancedSetup · July 29, 2014

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Constant "Bad Image" Errors After Running MalwareBytes

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information