Jump to content

Possible Infection/s


Recommended Posts

Dear sir/madam,

 

I followed the instructions and am concerned that because the malwarebytes pop window keeps coming up that I have a virus.  I followed a number of you tube clips and now rich in anti virus software: superantispyware, spybot, avg and spyhunter; the last one I have a license for.  However, being a teacher and having lost my harddisk, I really don't want to do a full system restore.  I'm fairly sure there's a trojan lurking on my system.  Please see the text generated from the farbar recovery scan tool:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2014
Ran by Simon&Lois at 2014-08-30 19:10:45
Running from C:\Users\Simon&Lois\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2322.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.3.2322.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother Product Research and Support Program (HKLM-x32\...\{8040527F-DD74-4B45-8A06-C4BF145B6C76}) (Version: 2.1.0.0000 - Brother Industries, Ltd.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217015FF}) (Version: 7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31117 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31121 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{A17560B2-B39C-48EC-BB5D-5D660E167617}) (Version: 14.1.6.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{FC69B741-DC56-4591-97A2-A6BA211B7E76}) (Version: 2.2.590.1 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{84579080-E961-4DE7-93AB-5E2B81A96387}) (Version: 14.1.852.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{890680EC-2F88-47F0-970C-593081E62593}) (Version: 11.6.450.0 - SMART Technologies ULC)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Drive Utilities (HKLM-x32\...\{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-08-2014 23:09:34 Windows Update
19-08-2014 07:18:39 Windows Update
22-08-2014 08:22:10 Windows Update
22-08-2014 08:30:15 Windows Update
30-08-2014 10:09:53 Installed AVG 2014
30-08-2014 10:11:04 Installed AVG 2014
30-08-2014 13:55:29 Installed SpyHunter
30-08-2014 17:10:32 Installed RegHunter
30-08-2014 17:41:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F72E383-C153-421D-A588-2220A7BF6814} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {1D6A96B0-1454-4A29-BF05-D30289F70267} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FEB65C0-455B-4BE6-BB8F-72F3292816C7} - System32\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {29E07EBC-62FA-4233-B9AF-8A577F4E12FD} - \Microsoft\Windows\TabletPC\InputPersonalization No Task File <==== ATTENTION
Task: {4DBD3D26-A009-4C39-A919-E16D7DF762AB} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [2013-08-13] (Enigma Software Group USA, LLC.)
Task: {56011CB5-A220-4D90-AACF-DEF1606B3D69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {64CE66B9-F6BD-4731-8EB5-789183A429CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)
Task: {82E2B062-BE94-4F1A-8668-CF1CBA5C73E9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8EFEF104-678D-4C71-B630-005A767B8E17} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {912F51A8-E421-4E4F-9903-8EB2C2A7236F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {921E5C3B-A309-4615-8988-01419D15FA94} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {ABF0FBB0-BC3A-41FC-B34C-C2801CDE24D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: {F2FD5416-CD26-4CF3-A8A9-63AB98D95792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2008-07-04 11:38 - 2008-07-04 11:38 - 00065536 _____ () C:\Brother\BPRSP\resources\BrSupSsp.exe
2014-08-30 14:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-30 14:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-30 14:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-30 14:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-30 14:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-07 23:32 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00524712 _____ () C:\Windows\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00054184 _____ () C:\Windows\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00145328 _____ () C:\Windows\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00022440 _____ () C:\Windows\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00051120 _____ () C:\Windows\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll
2014-06-26 11:42 - 2014-06-26 11:42 - 00277296 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00135984 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node
2014-07-30 04:02 - 2014-07-30 04:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-12 19:28 - 2014-07-12 19:28 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2014 06:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000008
Fault offset: 0x00000000000cd7e8
Faulting process id: 0x828
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/30/2014 04:07:29 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Description = Cleaner (Spybot - Search & Destroy 2.4, administrator privileges; Error = 0x8007043c).

Error: (08/30/2014 04:07:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Description = Cleaner (Spybot - Search & Destroy 2.4, administrator privileges; Error = 0x8007043c).

Error: (08/30/2014 03:08:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91
Faulting module name: NPSWF32_14_0_0_145.dll, version: 14.0.0.145, time stamp: 0x53aa1b9a
Exception code: 0x80000003
Fault offset: 0x0035128d
Faulting process id: 0xe50
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (08/30/2014 03:00:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.17.6.4336 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 76c

Start Time: 01cfc45a92618e78

Termination Time: 11

Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Report Id: 013bb386-304e-11e4-9770-90fba6f0004a

Error: (08/30/2014 11:39:44 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3052) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:39:43 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2968) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:36:45 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (5196) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:36:11 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 1.  The machine must now be restarted.

Error: (08/30/2014 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: msi.dll, version: 5.0.7601.18493, time stamp: 0x538d9cae
Exception code: 0xc0000005
Fault offset: 0x00000000001f101a
Faulting process id: 0x788
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3


System errors:
=============
Error: (08/30/2014 05:40:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/30/2014 05:35:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:33:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/30/2014 06:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000000800000000000cd7e882801cfc470b0cce491C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7a7a2550-3068-11e4-8d50-90fba6f0004a

Error: (08/30/2014 04:07:29 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" Cleaner (Spybot - Search & Destroy 2.4, administrator privileges0x8007043c

Error: (08/30/2014 04:07:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" Cleaner (Spybot - Search & Destroy 2.4, administrator privileges0x8007043c

Error: (08/30/2014 03:08:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91NPSWF32_14_0_0_145.dll14.0.0.14553aa1b9a800000030035128de5001cfc45941dd2d1eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll2eb6d9e1-304f-11e4-9770-90fba6f0004a

Error: (08/30/2014 03:00:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpyHunter4.exe4.17.6.433676c01cfc45a92618e7811C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe013bb386-304e-11e4-9770-90fba6f0004a

Error: (08/30/2014 11:39:44 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3052WindowsMail0:

Error: (08/30/2014 11:39:43 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2968WindowsMail0:

Error: (08/30/2014 11:36:45 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail5196WindowsMail0:

Error: (08/30/2014 11:36:11 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsass.exe1

Error: (08/30/2014 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msi.dll5.0.7601.18493538d9caec000000500000000001f101a78801cfc43c9578d9b8C:\Windows\Explorer.EXEC:\Windows\system32\msi.dlle135841a-3030-11e4-aec0-90fba6f0004a


==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 61%
Total physical RAM: 4084.18 MB
Available physical RAM: 1574.39 MB
Total Pagefile: 8168.36 MB
Available Pagefile: 5122.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:923.29 GB) (Free:709.24 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

 

Having finished the scan (malwarebytes), it says, it can't detect anything.  However, iexplore.exe is constantly open, with upto 4-5 versions, all laying claims to my precious little memory.  The addition.txt is here,

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2014
Ran by Simon&Lois at 2014-08-30 19:10:45
Running from C:\Users\Simon&Lois\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2322.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.3.2322.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother Product Research and Support Program (HKLM-x32\...\{8040527F-DD74-4B45-8A06-C4BF145B6C76}) (Version: 2.1.0.0000 - Brother Industries, Ltd.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217015FF}) (Version: 7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31117 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31121 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{A17560B2-B39C-48EC-BB5D-5D660E167617}) (Version: 14.1.6.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{FC69B741-DC56-4591-97A2-A6BA211B7E76}) (Version: 2.2.590.1 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{84579080-E961-4DE7-93AB-5E2B81A96387}) (Version: 14.1.852.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{890680EC-2F88-47F0-970C-593081E62593}) (Version: 11.6.450.0 - SMART Technologies ULC)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Drive Utilities (HKLM-x32\...\{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-08-2014 23:09:34 Windows Update
19-08-2014 07:18:39 Windows Update
22-08-2014 08:22:10 Windows Update
22-08-2014 08:30:15 Windows Update
30-08-2014 10:09:53 Installed AVG 2014
30-08-2014 10:11:04 Installed AVG 2014
30-08-2014 13:55:29 Installed SpyHunter
30-08-2014 17:10:32 Installed RegHunter
30-08-2014 17:41:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F72E383-C153-421D-A588-2220A7BF6814} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-01-09] (Enigma Software Group USA, LLC.)
Task: {1D6A96B0-1454-4A29-BF05-D30289F70267} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FEB65C0-455B-4BE6-BB8F-72F3292816C7} - System32\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {29E07EBC-62FA-4233-B9AF-8A577F4E12FD} - \Microsoft\Windows\TabletPC\InputPersonalization No Task File <==== ATTENTION
Task: {4DBD3D26-A009-4C39-A919-E16D7DF762AB} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [2013-08-13] (Enigma Software Group USA, LLC.)
Task: {56011CB5-A220-4D90-AACF-DEF1606B3D69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {64CE66B9-F6BD-4731-8EB5-789183A429CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)
Task: {82E2B062-BE94-4F1A-8668-CF1CBA5C73E9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8EFEF104-678D-4C71-B630-005A767B8E17} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {912F51A8-E421-4E4F-9903-8EB2C2A7236F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {921E5C3B-A309-4615-8988-01419D15FA94} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {ABF0FBB0-BC3A-41FC-B34C-C2801CDE24D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: {F2FD5416-CD26-4CF3-A8A9-63AB98D95792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2008-07-04 11:38 - 2008-07-04 11:38 - 00065536 _____ () C:\Brother\BPRSP\resources\BrSupSsp.exe
2014-08-30 14:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-30 14:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-30 14:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-30 14:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-30 14:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-07 23:32 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00524712 _____ () C:\Windows\WinSxS\x86_smarttech.boost_regex.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_cae4ebd2526cf46f\boost_regex-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00054184 _____ () C:\Windows\WinSxS\x86_smarttech.boost_thread.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_472b4edec4bf8550\boost_thread-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00145328 _____ () C:\Windows\WinSxS\x86_smarttech.boost_filesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_73736a4543634e09\boost_filesystem-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00022440 _____ () C:\Windows\WinSxS\x86_smarttech.boost_system.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_3b5a2197c9e04a1f\boost_system-vc100-mt-1_44.dll
2014-08-14 19:37 - 2014-08-14 19:37 - 00051120 _____ () C:\Windows\WinSxS\x86_smarttech.boost_date_time.vc100.1.44_9ca15c999435ee05_1.0.1.0_none_50d6b3902c95d15a\boost_date_time-vc100-mt-1_44.dll
2014-06-26 11:42 - 2014-06-26 11:42 - 00277296 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00135984 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node
2014-06-26 11:43 - 2014-06-26 11:43 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node
2014-07-30 04:02 - 2014-07-30 04:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-12 19:28 - 2014-07-12 19:28 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2014 06:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000008
Fault offset: 0x00000000000cd7e8
Faulting process id: 0x828
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/30/2014 04:07:29 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Description = Cleaner (Spybot - Search & Destroy 2.4, administrator privileges; Error = 0x8007043c).

Error: (08/30/2014 04:07:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" ; Description = Cleaner (Spybot - Search & Destroy 2.4, administrator privileges; Error = 0x8007043c).

Error: (08/30/2014 03:08:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91
Faulting module name: NPSWF32_14_0_0_145.dll, version: 14.0.0.145, time stamp: 0x53aa1b9a
Exception code: 0x80000003
Fault offset: 0x0035128d
Faulting process id: 0xe50
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (08/30/2014 03:00:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.17.6.4336 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 76c

Start Time: 01cfc45a92618e78

Termination Time: 11

Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Report Id: 013bb386-304e-11e4-9770-90fba6f0004a

Error: (08/30/2014 11:39:44 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3052) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:39:43 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2968) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:36:45 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (5196) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/30/2014 11:36:11 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 1.  The machine must now be restarted.

Error: (08/30/2014 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: msi.dll, version: 5.0.7601.18493, time stamp: 0x538d9cae
Exception code: 0xc0000005
Fault offset: 0x00000000001f101a
Faulting process id: 0x788
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3


System errors:
=============
Error: (08/30/2014 05:40:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/30/2014 05:35:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:35:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:34:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/30/2014 05:33:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/30/2014 06:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000000800000000000cd7e882801cfc470b0cce491C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7a7a2550-3068-11e4-8d50-90fba6f0004a

Error: (08/30/2014 04:07:29 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" Cleaner (Spybot - Search & Destroy 2.4, administrator privileges0x8007043c

Error: (08/30/2014 04:07:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" Cleaner (Spybot - Search & Destroy 2.4, administrator privileges0x8007043c

Error: (08/30/2014 03:08:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91NPSWF32_14_0_0_145.dll14.0.0.14553aa1b9a800000030035128de5001cfc45941dd2d1eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll2eb6d9e1-304f-11e4-9770-90fba6f0004a

Error: (08/30/2014 03:00:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpyHunter4.exe4.17.6.433676c01cfc45a92618e7811C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe013bb386-304e-11e4-9770-90fba6f0004a

Error: (08/30/2014 11:39:44 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3052WindowsMail0:

Error: (08/30/2014 11:39:43 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2968WindowsMail0:

Error: (08/30/2014 11:36:45 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail5196WindowsMail0:

Error: (08/30/2014 11:36:11 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsass.exe1

Error: (08/30/2014 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msi.dll5.0.7601.18493538d9caec000000500000000001f101a78801cfc43c9578d9b8C:\Windows\Explorer.EXEC:\Windows\system32\msi.dlle135841a-3030-11e4-aec0-90fba6f0004a


==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 61%
Total physical RAM: 4084.18 MB
Available physical RAM: 1574.39 MB
Total Pagefile: 8168.36 MB
Available Pagefile: 5122.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:923.29 GB) (Free:709.24 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

 

I have absolutely no idea what all of this stuff means, but I know that Error is never good, no matter the language...

 

Please help me, as I am back to school on Monday.  I need a fully functioning computer.

 

Kind Regards,

 

Simon.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

You have posted the secondary log twice (addition.txt) We also need to see the primary log (FRST.txt) can you post that please. It can be found in the following folder C:\FRST\logs

 

Thank you,

 

Kevin

Link to post
Share on other sites

Apologies.... Here is is:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Simon&Lois (administrator) on SIMONLOIS-PC on 30-08-2014 19:07:27
Running from C:\Users\Simon&Lois\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
() C:\Brother\BPRSP\resources\BrSupSsp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSystemMenu.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2010-08-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [sMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [8991024 2014-05-29] (SMART Technologies ULC)
HKLM-x32\...\Run: [sMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [190256 2014-06-30] (SMART Technologies)
HKLM-x32\...\Run: [sMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSystemMenu.exe [728368 2014-06-30] (SMART Technologies)
HKLM-x32\...\Run: [sMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1945392 2014-06-30] (SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2014-06-26] (SMART Technologies)
HKLM-x32\...\Run: [sMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [565552 2014-06-18] (SMART Technologies)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3910218803-658484779-3908672438-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-01] (Google Inc.)
HKU\S-1-5-21-3910218803-658484779-3908672438-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-14] (SUPERAntiSpyware)
HKU\S-1-5-21-3910218803-658484779-3908672438-1001\...\Run: [spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3910218803-658484779-3908672438-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-01] (Google Inc.)
HKU\S-1-5-21-3910218803-658484779-3908672438-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-14] (SUPERAntiSpyware)
HKU\S-1-5-21-3910218803-658484779-3908672438-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother BPRSP.lnk
ShortcutTarget: Brother BPRSP.lnk -> C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Simon&Lois\AppData\Roaming\Mozilla\Firefox\Profiles\fhsqsg6v.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FlashStopper - C:\Users\Simon&Lois\AppData\Roaming\Mozilla\Firefox\Profiles\fhsqsg6v.default\Extensions\flashstopper@byo.co.il.xpi [2014-07-12]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=DSGL&bmod=DSGL
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=DSGL&bmod=DSGL"
CHR DefaultSearchKeyword: Default -> google.co.uk
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Simon&Lois\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simon&Lois\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-09]
CHR Extension: (Google Wallet) - C:\Users\Simon&Lois\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538928 2014-06-30] (SMART Technologies)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-07-10] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2014-06-30] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2014-06-30] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2014-06-30] (SMART Technologies ULC)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:07 - 2014-08-30 19:09 - 00020436 _____ () C:\Users\Simon&Lois\Downloads\FRST.txt
2014-08-30 19:07 - 2014-08-30 19:07 - 00000000 ____D () C:\FRST
2014-08-30 19:06 - 2014-08-30 19:06 - 02103808 _____ (Farbar) C:\Users\Simon&Lois\Downloads\FRST64.exe
2014-08-30 19:04 - 2014-08-30 19:04 - 01095680 _____ (Farbar) C:\Users\Simon&Lois\Downloads\FRST.exe
2014-08-30 18:11 - 2014-08-30 18:11 - 00003384 _____ () C:\Windows\System32\Tasks\RegHunterStartup
2014-08-30 18:11 - 2014-08-30 18:11 - 00001170 _____ () C:\Users\Public\Desktop\RegHunter.lnk
2014-08-30 18:11 - 2014-08-30 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
2014-08-30 16:06 - 2014-08-30 16:06 - 00004762 _____ () C:\Windows\wininit.ini
2014-08-30 14:59 - 2014-08-30 14:59 - 00000000 _____ () C:\autoexec.bat
2014-08-30 14:58 - 2014-08-30 18:11 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-30 14:58 - 2014-08-30 18:07 - 00003304 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-08-30 14:58 - 2014-08-30 14:58 - 00002271 _____ () C:\Users\Simon&Lois\Desktop\SpyHunter.lnk
2014-08-30 14:58 - 2014-08-30 14:58 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-08-30 14:58 - 2014-08-30 14:58 - 00000000 ____D () C:\sh4ldr
2014-08-30 14:58 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-08-30 14:52 - 2014-08-30 14:52 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-30 14:51 - 2014-08-30 16:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-30 14:51 - 2014-08-30 14:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Simon&Lois\Downloads\SpyHunter-Installer.exe
2014-08-30 14:51 - 2014-08-30 14:51 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-30 14:51 - 2014-08-30 14:51 - 00001386 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-30 14:51 - 2014-08-30 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-30 14:51 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-30 14:50 - 2014-08-30 15:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-30 14:49 - 2014-08-30 14:50 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Simon&Lois\Downloads\spybot-2.4.exe
2014-08-30 14:48 - 2014-08-30 17:37 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd.job
2014-08-30 14:48 - 2014-08-30 17:37 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433.job
2014-08-30 14:48 - 2014-08-30 14:48 - 00003632 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433
2014-08-30 14:48 - 2014-08-30 14:48 - 00003558 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd
2014-08-30 14:47 - 2014-08-30 17:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-30 14:47 - 2014-08-30 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-30 14:47 - 2014-08-30 14:47 - 00001815 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-30 14:47 - 2014-08-30 14:47 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SUPERAntiSpyware.com
2014-08-30 14:47 - 2014-08-30 14:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-30 14:45 - 2014-08-30 14:46 - 19067112 _____ (SUPERAntiSpyware) C:\Users\Simon&Lois\Downloads\SUPERAntiSpyware.exe
2014-08-30 13:38 - 2014-08-30 18:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-30 13:37 - 2014-08-30 13:37 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-30 13:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-30 13:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-30 13:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-30 13:36 - 2014-08-30 13:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simon&Lois\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-30 11:48 - 2014-08-30 13:25 - 00013619 _____ () C:\Users\Simon&Lois\Desktop\avgrep.txt
2014-08-30 11:15 - 2014-08-30 11:15 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\AVG2014
2014-08-30 11:13 - 2014-08-30 11:13 - 00000972 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-30 11:13 - 2014-08-30 11:13 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\TuneUp Software
2014-08-30 11:13 - 2014-08-30 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-30 11:12 - 2014-08-30 11:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-30 11:12 - 2014-08-30 11:12 - 00000000 ___HD () C:\$AVG
2014-08-30 11:10 - 2014-08-30 11:10 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-30 11:02 - 2014-08-30 18:55 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-30 11:02 - 2014-08-30 11:30 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Avg2014
2014-08-30 11:02 - 2014-08-30 11:02 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\MFAData
2014-08-30 11:00 - 2014-08-30 11:01 - 04755928 _____ (AVG Technologies) C:\Users\Simon&Lois\Downloads\avg_avct_stb_all_2014_4744_comppg_23.exe
2014-08-30 09:51 - 2014-08-30 09:51 - 148737520 _____ () C:\Windows\MEMORY.DMP
2014-08-30 09:51 - 2014-08-30 09:51 - 00269800 _____ () C:\Windows\Minidump\083014-21091-01.dmp
2014-08-30 09:51 - 2014-08-30 09:51 - 00000000 ____D () C:\Windows\Minidump
2014-08-22 19:59 - 2014-08-22 19:59 - 00513315 _____ () C:\Users\Simon&Lois\AppData\Local\vkqbckdi.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00002682 _____ () C:\Users\Simon&Lois\AppData\Local\toaeplyf.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00000217 _____ () C:\Users\Simon&Lois\AppData\Local\avjqetdg.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000016 _____ () C:\Users\Simon&Lois\AppData\Local\yfvmewuk.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\phyvxeiy.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\ilksiser.log
2014-08-22 19:55 - 2014-08-30 10:26 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\kfkbloif
2014-08-22 19:55 - 2014-08-22 19:55 - 00000064 _____ () C:\ProgramData\amporhcv.log
2014-08-22 19:55 - 2014-08-22 19:55 - 00000054 _____ () C:\Users\Simon&Lois\AppData\Local\mitxxohj.log
2014-08-22 19:54 - 2014-08-22 19:54 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-22 12:59 - 2014-08-22 12:59 - 00105984 _____ () C:\Users\Simon&Lois\Desktop\KS4 Results Science.xls
2014-08-22 09:24 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 09:24 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 09:24 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 09:24 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 09:23 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 09:23 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 09:23 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 09:23 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 09:23 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 09:23 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 09:22 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 09:22 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 09:22 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 09:22 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 15:38 - 2014-08-20 15:38 - 00002075 _____ () C:\Users\Public\Desktop\AS Chemistry Teacher Support.lnk
2014-08-20 15:38 - 2014-08-20 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heinemann
2014-08-20 15:37 - 2014-08-20 15:37 - 00000000 ____D () C:\Program Files (x86)\Heinemann
2014-08-20 10:37 - 2014-08-20 10:37 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART_Technologies
2014-08-19 21:49 - 2014-08-19 21:49 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-19 21:49 - 2014-08-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-19 21:48 - 2014-08-19 21:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-19 21:47 - 2014-08-19 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-19 21:35 - 2014-08-19 21:35 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files\iTunes
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files\iPod
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-19 21:28 - 2014-08-19 21:34 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\Chemistry
2014-08-19 00:03 - 2014-08-22 17:51 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\A2 Chemistry
2014-08-19 00:02 - 2014-08-22 13:15 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\AS Chemistry
2014-08-14 20:11 - 2014-08-14 20:11 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART Technologies
2014-08-14 20:00 - 2014-08-30 10:09 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Deployment
2014-08-14 20:00 - 2014-08-14 20:00 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Apps\2.0
2014-08-14 19:51 - 2014-08-14 20:14 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SMART Technologies
2014-08-14 19:49 - 2014-08-14 19:49 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SMART Technologies Inc
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART Technologies Inc
2014-08-14 19:41 - 2014-08-14 19:41 - 00002147 _____ () C:\Users\Public\Desktop\SMART Notebook 14.lnk
2014-08-14 19:41 - 2010-07-12 16:40 - 00037776 _____ (SMART Technologies ULC) C:\Windows\system32\smrtlocalmon.dll
2014-08-14 19:41 - 2010-07-12 16:40 - 00022312 _____ (SMART Technologies Inc.) C:\Windows\system32\smrtlocalui.dll
2014-08-14 19:40 - 2014-08-14 19:40 - 00000000 ____D () C:\Program Files (x86)\National Instruments
2014-08-14 19:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-08-14 19:38 - 2014-08-14 19:38 - 00001161 _____ () C:\Users\Public\Desktop\SMART Ink Document Viewer.lnk
2014-08-14 19:35 - 2014-08-14 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies
2014-08-14 19:35 - 2003-02-14 19:14 - 00110592 _____ (TechSmith Corporation) C:\Windows\SysWOW64\tsccvid.dll
2014-08-14 19:34 - 2014-08-14 19:48 - 00000000 ____D () C:\ProgramData\SMART Technologies
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\SMART Technologies
2014-08-14 19:33 - 2014-08-14 19:49 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-08-14 16:20 - 2014-08-19 11:44 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\KS4
2014-08-14 01:00 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 01:00 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 01:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 01:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 01:00 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 01:00 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 01:00 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 01:00 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 23:25 - 2014-08-13 23:25 - 00000000 ____D () C:\Users\Simon&Lois\.phet
2014-08-13 22:59 - 2014-08-13 23:53 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\P1
2014-08-13 19:15 - 2014-08-15 19:07 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\C1
2014-08-13 10:35 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 10:35 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 10:35 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 10:35 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 10:35 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 10:35 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 10:35 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 10:35 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 10:35 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 10:35 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 10:35 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 10:35 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 10:35 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 10:35 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 10:35 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 10:35 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 10:35 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 10:35 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 10:35 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 10:35 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 10:35 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 10:35 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 10:35 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 10:35 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 10:35 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 10:35 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 10:35 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 10:35 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 10:35 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 10:35 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 10:35 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 10:35 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 10:35 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 10:35 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 10:35 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 10:35 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 10:35 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 10:35 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 10:35 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 10:35 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 10:35 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 10:35 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 10:35 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 10:35 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 10:35 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 10:35 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 10:35 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 10:35 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 10:35 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 10:35 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 10:35 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 10:35 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 10:35 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 10:35 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 10:35 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 10:35 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 10:35 - 2014-07-16 04:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 10:35 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 10:35 - 2014-07-16 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 10:35 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 10:35 - 2014-07-16 03:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 10:35 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 10:35 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 10:35 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 10:35 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 10:35 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 10:35 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 10:35 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 10:35 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 10:35 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 10:35 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 10:35 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 10:35 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 10:35 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 10:35 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 10:35 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 10:35 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 10:35 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 10:35 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 10:35 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 10:35 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 10:35 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 10:35 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 10:33 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 10:33 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 10:33 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 10:33 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 00:10 - 2014-08-12 00:10 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Investintech.com Inc
2014-08-11 16:33 - 2014-08-11 16:33 - 00002628 _____ () C:\Users\Simon&Lois\Desktop\11y1.csv
2014-08-11 16:25 - 2014-08-11 16:25 - 00014189 _____ () C:\Users\Simon&Lois\Desktop\11y1.xlsx
2014-08-11 16:20 - 2014-08-11 16:20 - 00001061 _____ () C:\Users\Simon&Lois\Desktop\11ScTwilight.csv
2014-08-11 16:13 - 2014-08-11 16:13 - 00011729 _____ () C:\Users\Simon&Lois\Desktop\11ScTwilight.xlsx
2014-08-11 16:12 - 2014-08-11 16:12 - 00014058 _____ () C:\Users\Simon&Lois\Desktop\11x1.xlsx
2014-08-11 16:08 - 2014-08-11 16:08 - 00001311 _____ () C:\Users\Public\Desktop\Able2Extract 8.0.lnk
2014-08-11 16:08 - 2014-08-11 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Able2Extract
2014-08-11 16:07 - 2014-08-11 16:07 - 00000000 ____D () C:\Program Files (x86)\Investintech.com Inc
2014-08-11 09:48 - 2014-08-11 09:48 - 00590132 _____ () C:\Users\Simon&Lois\Desktop\FcertA4.tmpl-12497-1EAR.jpeg
2014-08-11 09:47 - 2014-08-11 09:47 - 00738575 _____ () C:\Users\Simon&Lois\Desktop\Bellringer.tmpl-12497-NJ4W.jpeg
2014-08-11 09:44 - 2014-08-11 09:45 - 00597839 _____ () C:\Users\Simon&Lois\Desktop\FcertA4.tmpl-2380-339O.jpeg
2014-08-11 09:43 - 2014-08-11 09:43 - 00746229 _____ () C:\Users\Simon&Lois\Desktop\Bellringer.tmpl-2380-NCX0.jpeg
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:09 - 2014-08-30 19:07 - 00020436 _____ () C:\Users\Simon&Lois\Downloads\FRST.txt
2014-08-30 19:07 - 2014-08-30 19:07 - 00000000 ____D () C:\FRST
2014-08-30 19:06 - 2014-08-30 19:06 - 02103808 _____ (Farbar) C:\Users\Simon&Lois\Downloads\FRST64.exe
2014-08-30 19:04 - 2014-08-30 19:04 - 01095680 _____ (Farbar) C:\Users\Simon&Lois\Downloads\FRST.exe
2014-08-30 18:58 - 2014-07-12 19:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-30 18:57 - 2014-08-30 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-30 18:55 - 2014-08-30 11:02 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-30 18:42 - 2014-07-07 23:20 - 01492696 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 18:26 - 2010-09-01 16:15 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 18:11 - 2014-08-30 18:11 - 00003384 _____ () C:\Windows\System32\Tasks\RegHunterStartup
2014-08-30 18:11 - 2014-08-30 18:11 - 00001170 _____ () C:\Users\Public\Desktop\RegHunter.lnk
2014-08-30 18:11 - 2014-08-30 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
2014-08-30 18:11 - 2014-08-30 14:58 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-30 18:07 - 2014-08-30 14:58 - 00003304 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-08-30 17:45 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-30 17:45 - 2009-07-14 05:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-30 17:39 - 2014-08-30 14:47 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-30 17:39 - 2009-07-14 05:45 - 00422672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-30 17:37 - 2014-08-30 14:48 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd.job
2014-08-30 17:37 - 2014-08-30 14:48 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433.job
2014-08-30 17:37 - 2010-09-01 16:28 - 00227908 _____ () C:\Windows\PFRO.log
2014-08-30 17:37 - 2010-09-01 16:15 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 17:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-30 17:37 - 2009-07-14 05:51 - 00051967 _____ () C:\Windows\setupact.log
2014-08-30 17:20 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-08-30 16:06 - 2014-08-30 16:06 - 00004762 _____ () C:\Windows\wininit.ini
2014-08-30 16:05 - 2014-08-30 14:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-30 15:08 - 2014-08-30 14:50 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-30 14:59 - 2014-08-30 14:59 - 00000000 _____ () C:\autoexec.bat
2014-08-30 14:58 - 2014-08-30 14:58 - 00002271 _____ () C:\Users\Simon&Lois\Desktop\SpyHunter.lnk
2014-08-30 14:58 - 2014-08-30 14:58 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-08-30 14:58 - 2014-08-30 14:58 - 00000000 ____D () C:\sh4ldr
2014-08-30 14:52 - 2014-08-30 14:52 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-30 14:51 - 2014-08-30 14:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Simon&Lois\Downloads\SpyHunter-Installer.exe
2014-08-30 14:51 - 2014-08-30 14:51 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-30 14:51 - 2014-08-30 14:51 - 00001386 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-08-30 14:51 - 2014-08-30 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-30 14:50 - 2014-08-30 14:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Simon&Lois\Downloads\spybot-2.4.exe
2014-08-30 14:48 - 2014-08-30 14:48 - 00003632 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 627a4048-8450-47f9-a4fc-97fb66485433
2014-08-30 14:48 - 2014-08-30 14:48 - 00003558 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d3eb919c-6e74-43a8-9705-535569d783fd
2014-08-30 14:48 - 2014-08-30 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-30 14:47 - 2014-08-30 14:47 - 00001815 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-30 14:47 - 2014-08-30 14:47 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SUPERAntiSpyware.com
2014-08-30 14:47 - 2014-08-30 14:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-30 14:46 - 2014-08-30 14:45 - 19067112 _____ (SUPERAntiSpyware) C:\Users\Simon&Lois\Downloads\SUPERAntiSpyware.exe
2014-08-30 14:03 - 2009-08-03 09:08 - 00000000 ___HD () C:\Applications
2014-08-30 13:37 - 2014-08-30 13:37 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-30 13:37 - 2014-08-30 13:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-30 13:37 - 2014-08-30 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simon&Lois\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-30 13:25 - 2014-08-30 11:48 - 00013619 _____ () C:\Users\Simon&Lois\Desktop\avgrep.txt
2014-08-30 11:39 - 2014-07-07 23:37 - 00005504 _____ () C:\Windows\system32\config\afw_hm.conf
2014-08-30 11:39 - 2014-07-07 23:37 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-08-30 11:30 - 2014-08-30 11:02 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Avg2014
2014-08-30 11:15 - 2014-08-30 11:15 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\AVG2014
2014-08-30 11:14 - 2014-08-30 11:12 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-30 11:13 - 2014-08-30 11:13 - 00000972 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-30 11:13 - 2014-08-30 11:13 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\TuneUp Software
2014-08-30 11:13 - 2014-08-30 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-30 11:13 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-30 11:12 - 2014-08-30 11:12 - 00000000 ___HD () C:\$AVG
2014-08-30 11:10 - 2014-08-30 11:10 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-30 11:02 - 2014-08-30 11:02 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\MFAData
2014-08-30 11:01 - 2014-08-30 11:00 - 04755928 _____ (AVG Technologies) C:\Users\Simon&Lois\Downloads\avg_avct_stb_all_2014_4744_comppg_23.exe
2014-08-30 10:41 - 2009-07-14 06:08 - 00019268 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-30 10:26 - 2014-08-22 19:55 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\kfkbloif
2014-08-30 10:09 - 2014-08-14 20:00 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Deployment
2014-08-30 09:51 - 2014-08-30 09:51 - 148737520 _____ () C:\Windows\MEMORY.DMP
2014-08-30 09:51 - 2014-08-30 09:51 - 00269800 _____ () C:\Windows\Minidump\083014-21091-01.dmp
2014-08-30 09:51 - 2014-08-30 09:51 - 00000000 ____D () C:\Windows\Minidump
2014-08-22 19:59 - 2014-08-22 19:59 - 00513315 _____ () C:\Users\Simon&Lois\AppData\Local\vkqbckdi.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00002682 _____ () C:\Users\Simon&Lois\AppData\Local\toaeplyf.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00000217 _____ () C:\Users\Simon&Lois\AppData\Local\avjqetdg.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000016 _____ () C:\Users\Simon&Lois\AppData\Local\yfvmewuk.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\phyvxeiy.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\ilksiser.log
2014-08-22 19:55 - 2014-08-22 19:55 - 00000064 _____ () C:\ProgramData\amporhcv.log
2014-08-22 19:55 - 2014-08-22 19:55 - 00000054 _____ () C:\Users\Simon&Lois\AppData\Local\mitxxohj.log
2014-08-22 19:54 - 2014-08-22 19:54 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-22 17:51 - 2014-08-19 00:03 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\A2 Chemistry
2014-08-22 13:15 - 2014-08-19 00:02 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\AS Chemistry
2014-08-22 12:59 - 2014-08-22 12:59 - 00105984 _____ () C:\Users\Simon&Lois\Desktop\KS4 Results Science.xls
2014-08-22 10:11 - 2014-07-08 07:35 - 00000000 ____D () C:\Users\Simon&Lois\Documents\Quant Task 3 Mock
2014-08-20 15:38 - 2014-08-20 15:38 - 00002075 _____ () C:\Users\Public\Desktop\AS Chemistry Teacher Support.lnk
2014-08-20 15:38 - 2014-08-20 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heinemann
2014-08-20 15:37 - 2014-08-20 15:37 - 00000000 ____D () C:\Program Files (x86)\Heinemann
2014-08-20 10:37 - 2014-08-20 10:37 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART_Technologies
2014-08-20 07:19 - 2014-07-30 12:20 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\Apple Computer
2014-08-19 21:49 - 2014-08-19 21:49 - 00001852 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-19 21:49 - 2014-08-19 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-19 21:49 - 2014-08-19 21:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-19 21:47 - 2014-08-19 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-19 21:47 - 2014-07-30 12:18 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-19 21:35 - 2014-08-19 21:35 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files\iTunes
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files\iPod
2014-08-19 21:35 - 2014-08-19 21:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-19 21:34 - 2014-08-19 21:28 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\Chemistry
2014-08-19 11:44 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\KS4
2014-08-19 08:54 - 2014-07-08 09:22 - 00000000 ____D () C:\Users\Simon&Lois\Documents\SMART Notebook
2014-08-16 18:05 - 2014-07-07 23:29 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Microsoft Help
2014-08-15 19:07 - 2014-08-13 19:15 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\C1
2014-08-15 15:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 20:14 - 2014-08-14 19:51 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SMART Technologies
2014-08-14 20:14 - 2014-07-08 07:31 - 00000000 ____D () C:\Users\Simon&Lois\Documents\My Notebook Content
2014-08-14 20:11 - 2014-08-14 20:11 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART Technologies
2014-08-14 20:00 - 2014-08-14 20:00 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Apps\2.0
2014-08-14 19:59 - 2014-07-07 23:25 - 00112544 _____ () C:\Users\Simon&Lois\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-14 19:49 - 2014-08-14 19:49 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-08-14 19:49 - 2014-08-14 19:33 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-08-14 19:48 - 2014-08-14 19:34 - 00000000 ____D () C:\ProgramData\SMART Technologies
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Roaming\SMART Technologies Inc
2014-08-14 19:43 - 2014-08-14 19:43 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\SMART Technologies Inc
2014-08-14 19:41 - 2014-08-14 19:41 - 00002147 _____ () C:\Users\Public\Desktop\SMART Notebook 14.lnk
2014-08-14 19:41 - 2014-08-14 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies
2014-08-14 19:41 - 2014-07-07 23:50 - 00057012 _____ () C:\Windows\DPINST.LOG
2014-08-14 19:40 - 2014-08-14 19:40 - 00000000 ____D () C:\Program Files (x86)\National Instruments
2014-08-14 19:38 - 2014-08-14 19:38 - 00001161 _____ () C:\Users\Public\Desktop\SMART Ink Document Viewer.lnk
2014-08-14 19:34 - 2014-08-14 19:34 - 00000000 ____D () C:\Program Files (x86)\SMART Technologies
2014-08-14 16:54 - 2010-09-01 16:15 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 16:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 01:16 - 2014-07-07 23:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 01:08 - 2014-07-12 18:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 01:06 - 2014-07-12 18:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 01:00 - 2014-07-10 03:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 23:53 - 2014-08-13 22:59 - 00000000 ____D () C:\Users\Simon&Lois\Desktop\P1
2014-08-13 23:25 - 2014-08-13 23:25 - 00000000 ____D () C:\Users\Simon&Lois\.phet
2014-08-13 23:25 - 2014-07-07 23:25 - 00000000 ____D () C:\Users\Simon&Lois
2014-08-13 23:21 - 2014-07-07 23:25 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\VirtualStore
2014-08-12 00:10 - 2014-08-12 00:10 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\Investintech.com Inc
2014-08-11 16:33 - 2014-08-11 16:33 - 00002628 _____ () C:\Users\Simon&Lois\Desktop\11y1.csv
2014-08-11 16:25 - 2014-08-11 16:25 - 00014189 _____ () C:\Users\Simon&Lois\Desktop\11y1.xlsx
2014-08-11 16:20 - 2014-08-11 16:20 - 00001061 _____ () C:\Users\Simon&Lois\Desktop\11ScTwilight.csv
2014-08-11 16:13 - 2014-08-11 16:13 - 00011729 _____ () C:\Users\Simon&Lois\Desktop\11ScTwilight.xlsx
2014-08-11 16:12 - 2014-08-11 16:12 - 00014058 _____ () C:\Users\Simon&Lois\Desktop\11x1.xlsx
2014-08-11 16:08 - 2014-08-11 16:08 - 00001311 _____ () C:\Users\Public\Desktop\Able2Extract 8.0.lnk
2014-08-11 16:08 - 2014-08-11 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Able2Extract
2014-08-11 16:07 - 2014-08-11 16:07 - 00000000 ____D () C:\Program Files (x86)\Investintech.com Inc
2014-08-11 09:48 - 2014-08-11 09:48 - 00590132 _____ () C:\Users\Simon&Lois\Desktop\FcertA4.tmpl-12497-1EAR.jpeg
2014-08-11 09:47 - 2014-08-11 09:47 - 00738575 _____ () C:\Users\Simon&Lois\Desktop\Bellringer.tmpl-12497-NJ4W.jpeg
2014-08-11 09:45 - 2014-08-11 09:44 - 00597839 _____ () C:\Users\Simon&Lois\Desktop\FcertA4.tmpl-2380-339O.jpeg
2014-08-11 09:43 - 2014-08-11 09:43 - 00746229 _____ () C:\Users\Simon&Lois\Desktop\Bellringer.tmpl-2380-NCX0.jpeg
2014-08-07 03:06 - 2014-08-13 10:33 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:01 - 2014-08-13 10:33 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 09:20 - 2014-07-07 23:56 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-01 14:18 - 2014-07-09 23:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 00:41 - 2014-08-13 10:35 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 00:16 - 2014-08-13 10:35 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Simon&Lois\AppData\Local\Temp\RHSetup.exe
C:\Users\Simon&Lois\AppData\Local\Temp\_isA208.exe
C:\Users\Simon&Lois\AppData\Local\Temp\_isD1FE.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-30 18:50

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter

notepad c:\windows\debug\mrt.log

 

Let me see those logs...

 

Kevin

 

 

 

 

fixlist.txt

Link to post
Share on other sites

This is the log from the FRST fix applied:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-08-2014
Ran by Simon&Lois at 2014-08-31 11:25:37 Run:1
Running from C:\Users\Simon&Lois\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
2014-08-22 19:59 - 2014-08-22 19:59 - 00513315 _____ () C:\Users\Simon&Lois\AppData\Local\vkqbckdi.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00002682 _____ () C:\Users\Simon&Lois\AppData\Local\toaeplyf.log
2014-08-22 19:59 - 2014-08-22 19:59 - 00000217 _____ () C:\Users\Simon&Lois\AppData\Local\avjqetdg.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000016 _____ () C:\Users\Simon&Lois\AppData\Local\yfvmewuk.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\phyvxeiy.log
2014-08-22 19:58 - 2014-08-22 19:58 - 00000000 _____ () C:\Users\Simon&Lois\AppData\Local\ilksiser.log
2014-08-22 19:55 - 2014-08-30 10:26 - 00000000 ____D () C:\Users\Simon&Lois\AppData\Local\kfkbloif
2014-08-22 19:55 - 2014-08-22 19:55 - 00000064 _____ () C:\ProgramData\amporhcv.log
2014-08-22 19:55 - 2014-08-22 19:55 - 00000054 _____ () C:\Users\Simon&Lois\AppData\Local\mitxxohj.log
C:\Users\Simon&Lois\AppData\Local\Temp\RHSetup.exe
C:\Users\Simon&Lois\AppData\Local\Temp\_isA208.exe
C:\Users\Simon&Lois\AppData\Local\Temp\_isD1FE.exe
Task: {29E07EBC-62FA-4233-B9AF-8A577F4E12FD} - \Microsoft\Windows\TabletPC\InputPersonalization No Task File <==== ATTENTION
End
*****************

C:\Users\Simon&Lois\AppData\Local\vkqbckdi.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\toaeplyf.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\avjqetdg.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\yfvmewuk.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\phyvxeiy.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\ilksiser.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\kfkbloif => Moved successfully.
C:\ProgramData\amporhcv.log => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\mitxxohj.log => Moved successfully.
"C:\Users\Simon&Lois\AppData\Local\Temp\RHSetup.exe" => File/Directory not found.
C:\Users\Simon&Lois\AppData\Local\Temp\_isA208.exe => Moved successfully.
C:\Users\Simon&Lois\AppData\Local\Temp\_isD1FE.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29E07EBC-62FA-4233-B9AF-8A577F4E12FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29E07EBC-62FA-4233-B9AF-8A577F4E12FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TabletPC\InputPersonalization" => Key deleted successfully.

==== End of Fixlog ====

Link to post
Share on other sites

This is the log from the AdWcleaner

# AdwCleaner v3.308 - Report created 31/08/2014 at 11:29:42
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Simon&Lois - SIMONLOIS-PC
# Running from : C:\Users\Simon&Lois\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Partner Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Simon&Lois\AppData\Roaming\Mozilla\Firefox\Profiles\fhsqsg6v.default\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Simon&Lois\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [2463 octets] - [31/08/2014 11:27:52]
AdwCleaner[s0].txt - [2412 octets] - [31/08/2014 11:29:42]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2472 octets] ##########
 

Link to post
Share on other sites

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.14, July 2014 (build 5.14.10402.0)
Started On Sat Jul 12 18:07:56 2014

Engine: 1.1.10701.0
Signatures: 1.177.949.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sat Jul 12 18:09:12 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)
Started On Thu Aug 14 01:06:16 2014

Engine: 1.1.10802.0
Signatures: 1.179.1796.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 14 01:08:23 2014


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)
Started On Sun Aug 31 11:37:40 2014

Engine: 1.1.10802.0
Signatures: 1.179.1796.0

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)
Started On Sun Aug 31 16:51:02 2014

Engine: 1.1.10802.0
Signatures: 1.179.1796.0

 

 

It would appear there was a log... I've run it again.  If it says anything different, I'll post it up.  Failing that, I'll say that it's dont the same thing.

Link to post
Share on other sites

Run the following:

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes select "Report" save to desktop. Close the program > Don't Fix anything!
Post back the report which should be located on your desktop.

 

Kevin....

Link to post
Share on other sites

This is the report that was generated:

 

RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Simon&Lois [Admin rights]
Mode : Scan -- Date : 08/31/2014  22:25:36

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3910218803-658484779-3908672438-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:blank  -> FOUND
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3910218803-658484779-3908672438-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:blank  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 3495f16b4674d45e21f919e89c6b69ea
[bSP] ed527e7d3f4be75b3091d1a45a21a583 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 8417 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 17240064 | Size: 945450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: TOSHIBA TransMemory USB Device +++++
--- User ---
[MBR] 83efa69100e2924250ef41a573a8cbc5
[bSP] 0279de78f5ccfca5303680a8110cae42 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 14793 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 

Link to post
Share on other sites

Clean log, try the following:

 

Read the following link before we continue and run Combofix:

ComboFix usage, Questions, Help? - Look here

Next,

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

http://www.infospyware.net/antimalware/combofix/

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
  • Close any open browsers and any other programs you might have running
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review



****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

*EXTRA NOTES*


  •    
  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
       
  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
       
  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)



Post the log in next reply please...

Kevin
 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.