centre Posted October 31, 2014 ID:899763 Share Posted October 31, 2014 I had some PUPs like search conduit and others that I had gotten rid of via malwayrebytes and adwcleaner. I'm still having issues. In particular, I'm getting things showing up like the error.jpg file attached. The computer also seems slower than normal. RogueKiller shows a bunch of pum's. I've attaches the frst.txt log that I just ran. I am not going to do anything else until one of you kind folks point me in the right direction! I appreciate the help!FRST.txt Link to post Share on other sites More sharing options...
Maniac Posted November 2, 2014 ID:901341 Share Posted November 2, 2014 Hello centre and ! My name is Borislav and I will be glad to help you solve your malware problem. Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Please post your Addition.txt content. Link to post Share on other sites More sharing options...
centre Posted November 2, 2014 Author ID:901453 Share Posted November 2, 2014 Thank you, Borislav. Here is my addition.txt contents. I appreciate the help greatly! Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01Ran by Lenny at 2014-10-30 18:53:47Running from C:\FRSTBoot Mode: Normal============================================================================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}AV: Total Defense Anti-Virus (Enabled - Up to date) {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}AS: Total Defense Anti-Virus (Enabled - Up to date) {ECD425A9-8C8F-D447-4EAB-6F599E267857}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Total Defense Personal Firewall (Disabled) {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}==================== Installed Programs ======================(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)3ivx MPEG-4 5.0.3 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)Advanced Uninstaller PRO - Version 11 (HKLM-x32\...\AU11_is1) (Version: 11 - Innovative Solutions)aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hiddenaioscnnr (x32 Version: 6.2.3.10 - Your Company Name) Hiddenaioscnnr (x32 Version: 7.6.13.10 - Your Company Name) HiddenAkamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)Amazon Cloud Drive (HKLM-x32\...\{66209054-3985-4125-B0CB-C69F75D2F0D9}) (Version: 1.10.00.0 - Amazon.com)Amazon Kindle For PC v1.1 (HKCU\...\Amazon Kindle For PC) (Version: - )Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.0.0 - Amazon Services LLC)Amazon Music Importer (x32 Version: 2.0.0 - Amazon Services LLC) HiddenAmazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.1.0.124 - Amazon.com)Amazon Unbox Video (x32 Version: 2.1.0.124 - Amazon.com) HiddenANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) HiddenAnti-Virus (Version: 3.2.0.48 - Total Defense, Inc.) HiddenAPH placeholder (Version: - ) HiddenApple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )Atmel ARM GNU Toolchain (HKLM-x32\...\{2FD611C3-3CB4-4270-A707-599534207327}) (Version: 4.7.3.1029 - Atmel)Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{6C145A91-14F2-4135-88CD-A9ADC2D20769}) (Version: 3.4.2.1002 - Atmel)Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{27BF4D30-8C2D-4C9E-934B-B20CC2C56A4F}) (Version: 3.4.2.1002 - Atmel)Atmel Studio 6.1 (HKLM-x32\...\{71D5A296-D77E-4BC5-BB75-12AD20001A61}) (Version: 6.1.2730 - Atmel)Atmel USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 11.5 - Atmel)AtmelSoftwareFramework (HKLM-x32\...\{12B00B9E-5C2C-48CB-B79A-10BA40E87198}) (Version: 3.8.900 - Atmel)Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.7 - Autodesk, Inc.)AVR macro Assembler (HKLM-x32\...\{9BD4DB0C-954E-4098-AFC1-7B1A23B4A7FD}) (Version: 2.1.39.1005 - Atmel)Back to the Future The Game - Episode 1 (HKLM-x32\...\Episode 1) (Version: 1.0.0.0 - Telltale Games)Batman: Arkham City™ PC (HKLM-x32\...\Steam App 57400) (Version: - Rocksteady)Batman: Arkham City™ PC (HKLM-x32\...\Steam App 57419) (Version: - )Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)Battlefield 2 (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version: - )Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)Battlefield 3™ Open Beta (HKLM-x32\...\{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}) (Version: 1.0.0.0 - Electronic Arts)Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)BF3 Settings Editor (HKLM\...\{0122EDA0-52FC-4EC2-9A31-A2A757A7D40E}) (Version: 2.3 - Realmware)Bitcoin (HKCU\...\Bitcoin) (Version: 0.8.1 - Bitcoin project)BitTorrent (HKLM-x32\...\BitTorrent) (Version: - BitTorrent, Inc)BitZipper 2010 (HKLM-x32\...\BitZipper_is1) (Version: - Bitberry Software)Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)BOINC (HKLM\...\{D0183F8F-46BB-409F-9CD7-FB43F1A4279B}) (Version: 7.2.42 - Space Sciences Laboratory, U.C. Berkeley)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Brother HL-5370DW (HKLM-x32\...\{39380C40-936E-4CD5-B13C-88607B05A9E0}) (Version: 1.00 - Brother)C2A (HKLM-x32\...\C2A_is1) (Version: - )C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) HiddenCall of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) HiddenCanon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )Canon Utilities Digital Photo Professional 3.11 (HKLM-x32\...\DPP) (Version: 3.11.1.0 - Canon Inc.)Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.11.4.0 - Canon Inc.)Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)center (x32 Version: 7.7.2.0 - Eastman Kodak Company) HiddenCisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11006.1 - Cisco Consumer Products LLC)ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)Core FTP LE 2.1 (HKLM-x32\...\Core FTP LE 2.1) (Version: - )Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.25 - Creative Technology Limited)Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: - Creative Technology Limited)Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)CyberLink PhotoDirector 4 (HKLM-x32\...\InstallShield_{44510C84-AE2A-4079-A75B-D44E68D73B9A}) (Version: 4.0.4317.0 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDark Master version 1.11 (HKLM-x32\...\{3AE0F5B6-A61A-49C6-9B73-C1B5E5199BE6}_is1) (Version: 1.11 - DarkMaster Software)DeepSkyStacker (HKLM-x32\...\{18435829-4E75-4CD1-9796-A62DBBAE2ED7}) (Version: 3.2.0 - )doPDF 7.1 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)DraftSight x64 (HKLM\...\{3B12A1AA-A3FB-4047-9520-A8584425FF8F}) (Version: 10.1.1069 - Dassault Systemes)Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )DVDFab 6.2.0.5 (11/11/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)EasyBCD 1.7.2 (HKLM-x32\...\EasyBCD) (Version: 1.7.2 - NeoSmart Technologies)easyHDR 3 (HKLM\...\easyHDR 3) (Version: 3.4.0 - SIMPARTEK - Bartlomiej Okonek)easyHDR PRO 2 (HKLM-x32\...\easyHDR_PRO_2) (Version: 2.30.4 - SIMPARTEK - Bartlomiej Okonek)Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenEPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)Eraser 5.8.7 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.7 - The Eraser Project)erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hiddenessentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) HiddenFacebook Plug-In (HKCU\...\Facebook Plug-In) (Version: - Facebook, Inc.)FBackup 5 (x32 Version: 5.0.483 - Softland) HiddenFBackup 5.0 (HKLM-x32\...\{88b6269d-63a1-42ce-8bb8-e11b87f2a2e6}) (Version: 5.0.483.0 - Softland)FlipShare (HKLM-x32\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video)Focus Magic 4.00 (HKLM-x32\...\Focus Magic_is1) (Version: 4.00 - Acclaim Software Ltd)Garmin City Navigator North America NT 2011.31 Update (HKLM-x32\...\{82E7071E-2386-4B87-9C18-EDB8A7FBE4FF}) (Version: 14.30.0.0 - Garmin Ltd or its subsidiaries)Garmin City Navigator North America NT 2014.40 Update (HKLM-x32\...\{82B42DF2-2ECF-4C4B-B939-A275664028E2}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries)Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenGarmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenGarmin MapInstall (HKLM-x32\...\{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)Garmin WebUpdater (HKLM-x32\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.21.000 - Runtime Software)GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.3.3.1 - GitHub, Inc.)GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 8.1.5.7 - Siber Systems)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)Google Earth (HKLM-x32\...\{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}) (Version: 7.1.1.1580 - Google)Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) HiddenHard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)HD Tune Pro 4.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) HiddenHIPS (Version: 13.2.0.39 - Total Defense, Inc.) HiddenHi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 1.5.6 - X-Rite)ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)iDEN Phonebook Manager (HKLM-x32\...\{67EC0571-4B4E-40C2-8A81-8C1B02D87DB0}) (Version: - )Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) HiddenImage Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)Img2CAD 7.1 (HKLM-x32\...\Img2CAD_is1) (Version: - Img2CAD, Inc.)ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.4.0 - LIGHTNING UK!)Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 19079) (Version: 19079 - Intel)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)iSEEK AnswerWorks English Runtime (HKLM-x32\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 009.000.0002 - Vantage Linguistics)IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)Jaikoz (64-bit) 6.1.1 (HKLM\...\Jaikoz (64-bit) 6.1.1) (Version: 6.1.1 - )Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)Juniper Networks Network Connect 6.5.0 (HKLM-x32\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.14599 - Juniper Networks)Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.17675 - Juniper Networks)Juniper Networks Secure Application Manager (HKLM-x32\...\Neoteris_Secure_Application_Manager) (Version: 7.1.0.17675 - Juniper Networks)Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.0.9667 - Juniper Networks, Inc.)Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 7.1.0.17675 - Juniper Networks)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenKiCad 2013.03.15 (HKLM-x32\...\KiCad) (Version: 2013.03.15 - )Kid-Tough Digital Studio Software (HKLM-x32\...\InstallShield_{64591C5E-D559-4F61-AA91-8051B86E459D}) (Version: 1.0.0.9 - Fisher-Price)Kid-Tough Digital Studio Software (x32 Version: 1.0.0.9 - Fisher-Price) HiddenKnoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) HiddenKODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.3.0.18537 - LeapFrog)LeapFrog Connect (x32 Version: 5.3.0.18537 - LeapFrog) HiddenLeapFrog LeapPad Explorer Plugin (x32 Version: 5.2.1.18456 - LeapFrog) HiddenLeapFrog My Pals Plugin (x32 Version: 5.1.26.18340 - LeapFrog) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)LWS VideoEffects (Version: 13.30.1379.0 - Logitech) HiddenMagic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios AB)Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)Medal of Honor (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ)Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM-x32\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation)Microsoft F# Runtime for Silverlight 4 (HKLM-x32\...\{27B6D024-FD7E-4A88-BC17-5AFBE33EC072}) (Version: 2.0.0.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)Microsoft Silverlight Tools for Visual Studio 2010 (HKLM-x32\...\{558358E5-E4F3-4374-BA1D-26FF39EF87D9}) (Version: 10.0.30319.400 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)Microsoft Visual Web Developer 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Web Developer 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Web Platform Installer 3.0 (HKLM\...\{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}) (Version: 3.0.5 - Microsoft Corporation)Moo0 DiskCleaner 1.16 (HKLM-x32\...\Moo0 DiskCleaner) (Version: - )Mosaic Creator 3.1 (HKLM-x32\...\Mosaic Creator_is1) (Version: - )Motorola Driver Installation 4.5.0 (HKLM\...\{9E61C67F-DFEC-466D-9478-56F3E36D1F31}) (Version: 4.5.0 - Motorola Inc.)Motorola Phone Tools (HKLM-x32\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software)Motorola Phone Tools (x32 Version: 4.30 - BVRP Software) HiddenMotorola Phone Tools (x32 Version: 5.00 - BVRP Software) HiddenMozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) HiddenMSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) HiddenMSVC90_x64 (Version: 1.0.1.0 - Nokia) HiddenMSVC90_x64 (Version: 1.0.1.2 - Nokia) HiddenMSVC90_x86 (x32 Version: 1.0.1.0 - Nokia) HiddenMSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)Nanoptix Printer Driver Setup V1.5 (C:\Program Files (x86)\Nanoptix Printer Driver Setup V1.5\) (HKLM-x32\...\ST6UNST #3) (Version: - )Nanoptix Printer Driver Setup V1.5 (HKLM-x32\...\ST6UNST #1) (Version: - )Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)NexRemote (HKLM-x32\...\NexRemote) (Version: 1.6.14 - Celestron)Nitro Pro 8 (HKLM\...\{1FE32237-FC1F-4E8B-A385-5A748C8E6FDA}) (Version: 8.5.3.14 - Nitro)Nitro Reader 3 (HKLM\...\{3C1F302A-CC25-488D-9C24-A76B95BC916F}) (Version: 3.0.6.3 - Nitro)Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)Nokia Ovi Player (HKLM-x32\...\{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}) (Version: 2.1.11020 - Nokia Ovi Player)Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) HiddenNokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)Nokia Suite (x32 Version: 3.8.48.0 - Nokia) HiddenNokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{E4423F16-0E98-4855-BFF4-3EF016C55D67}) (Version: 2.7.16 - Nokia)Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.)NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) HiddenOctoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )OpenAL (HKLM-x32\...\OpenAL) (Version: - )OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)Pazera Free MOV to AVI Converter 1.5 (HKLM-x32\...\{770103E9-E1C3-48C9-812B-2982C7070575}_is1) (Version: 1.5 - Jacek Pazera)PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)PC Wizard 2010.1.93 (HKLM-x32\...\PC Wizard 2010_is1) (Version: - Laurent KUTIL & Franck DELATTRE)PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)PHD Guiding 1.13.0 (HKLM-x32\...\PHD Guiding_is1) (Version: - Stark Labs)Photomatix Pro version 4.2.6 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.6 - HDRsoft Ltd)Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)Pinnacle Studio 15 Ultimate Plugins (HKLM-x32\...\{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}) (Version: 15.0.0.7593 - Pinnacle Systems)Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)PIPP 2.2.8 (HKLM-x32\...\PIPP) (Version: 2.2.8 - Chris Garry)PixInsight Core for Windows (x64) (HKLM-x32\...\PCL64) (Version: - )PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version: - )PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) HiddenPrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)PrintProjects (HKCU\...\PrintProjects) (Version: 1.0.0.15322 - RocketLife Inc.)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)Quartus II Programmer and SignalTap II 13.0.0.156 (HKLM-x32\...\Quartus II Programmer and SignalTap II 13.0.0.156) (Version: 13.0 - Altera Corporation)QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version: - )RegiStax 6 (HKCU\...\RegiStax 6) (Version: - )RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version: - )Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) HiddenRivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)RoboForm 7-9-10-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-10-1 - Siber Systems)SDR Free DVD Ripper (HKLM-x32\...\SDR Free DVD Ripper_is1) (Version: 1.0 - SoftDevResource)Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) HiddenSid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)SleepyHead version 0.9.1 beta (HKLM-x32\...\{DE2F7052-404D-4848-AB11-7CC100FD9680}_is1) (Version: 0.9.1 beta - Mark Watkins)Snagit 10.0.1 (HKLM-x32\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)Software Update Wizard (Redist) 4.5 (HKLM-x32\...\Software Update Wizard (Redist)) (Version: 4.5 - PowerProgrammer)Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) HiddenStarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.3.6.19269 - Blizzard Entertainment)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTeam Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)Tor 0.2.1.30 (HKLM-x32\...\Tor) (Version: - )Total Defense Internet Security Suite (HKLM\...\eTrust Suite Personal) (Version: 9.0.0.26 - Total Defense, Inc.)Tribes Ascend Closed Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 0.1.760.0 - Hi-Rez Studios)TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version: - Intuit, Inc)TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)United MileagePlus Shopping Assistant (HKLM-x32\...\UnitedMPS) (Version: 1.0.0.1 - Billeo, Inc.)Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog)Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version: - LeapFrog)Vidalia 0.2.12 (HKLM-x32\...\Vidalia) (Version: - )Video Converter Factory Pro (HKLM-x32\...\VideoConverterFactoryPro) (Version: - WonderFox Soft, Inc. All Rights Reserved.)ViewMate 11.6 (HKLM-x32\...\{2ECE7AA7-F042-4478-B576-AE5AE7BD3943}) (Version: 11.6.6 - PentaLogix)Visual Micro for Arduino (HKLM-x32\...\{BDCB3A20-E2DF-4A8E-8AD8-0639AB293A6F}) (Version: 14.01.2601 - Visual Micro Limited)VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: - )WCF RIA Services V1.0 for Visual Studio 2010 (HKLM-x32\...\{8FFC6175-D2C5-4FA7-91E8-E2A9431A5CDA}) (Version: 4.0.50506.0 - Microsoft Corporation)WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)webplugin.exe version 3.0.0.2 (HKLM-x32\...\{E790ABDC-FE4D-4C68-B40F-C93A3D33FA9E}_is1) (Version: 3.0.0.2 - )Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm)Windows Driver Package - Segger (jlink) USB (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)Windows Driver Package - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)Wings 3D 1.4.1 (HKLM-x32\...\Wings 3D 1.4.1) (Version: - )WinISO 5.3 (HKLM-x32\...\WinISO_is1) (Version: - WinISO Computing Inc.)WinX Blu-ray Decrypter 2.0 (HKLM-x32\...\WinX Blu-ray Decrypter_is1) (Version: - Digiarty Software,Inc.)WinX DVD Ripper Platinum 5.1 (HKLM-x32\...\WinX DVD Ripper Platinum GOTD Special Edition_is1) (Version: - Digiarty Software, Inc.)WinX DVD Ripper Platinum 7.5.7 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)WinX HD Video Converter Deluxe 3.10.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software,Inc.)WiRNS (HKLM-x32\...\{0EF33776-AE44-4FBE-8BAC-98FACA739983}) (Version: 2.1.0.0 - WiRNS)WonderFox DVD Ripper (HKLM-x32\...\WonderFoxDVDRipper) (Version: - WonderFox Soft, Inc. All Rights Reserved.)WonderFox DVD Ripper Pro version 6.5 (HKLM-x32\...\{438E8CF7-FDE7-40D6-9D4F-2FF3EF200EC0}_is1) (Version: 6.5 - WonderFox Soft, Inc)XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)X-Rite Device Services Manager (HKLM-x32\...\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}) (Version: 2.3.82 - X-Rite)==================== Custom CLSID (selected items): ==========================(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {1F1AA503-9468-D082-5535-6BEE85889A47} No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {475BDE4F-9468-D082-194E-2AB685889A47} No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\advpack.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)==================== Restore Points =========================27-10-2014 23:28:42 Windows Update30-10-2014 02:52:07 Checkpoint by HitmanPro==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2009-07-13 22:34 - 2014-10-29 06:56 - 00000882 ____A C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)Task: {0A883350-6B37-4A57-A122-2C4CA58E59E6} - System32\Tasks\{F31E2A43-DBE4-4B44-8823-3BD64064D417} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {0C47DEF2-B810-4982-A819-D0E736053F15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)Task: {11515034-5FAE-4FA1-9803-A55A2D84B879} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJJJLJIMMJKMLJCNHMGMIMJMCNLMKMLJNJCNOJOJJJKMCNHMLMJJMMHMKJJJOJNMGMIMKJJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMOMNMKMHMJNHICMMJBJKJLIMJJNBJCMDLKJBJPNMKAJGJEJOJJNKJCMDJKJMIOMKMKMPLOJLJKJDJPIHJGJOJBNBJKJLIJNNICMJNDJCMKJBJJNMJCMMMFMMMIMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"Task: {1939E97F-4A51-47FD-A121-7E84A7266CEF} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()Task: {24145344-EB5E-41CB-9845-82776D0C72AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)Task: {25A8646D-E675-4E97-878F-D5C6E77AB83E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-10-18] (Siber Systems)Task: {2E85F4EB-D0E7-4327-B775-2A34AD2CBBBF} - System32\Tasks\{E28D1454-4CC4-400F-BEC2-C7C90805E9A3} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {35289D93-5AAD-4E01-944C-7A8DAAE7A2D0} - System32\Tasks\{4F03601B-6DAE-4DFF-A58D-60F5E859FC4B} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {40392C99-D2F9-4275-9AF0-2338B7D1FABC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)Task: {4801DB27-C14F-4B71-90EF-D7541ADA402F} - System32\Tasks\{1EA864DD-CE1D-47B9-BA74-67A44A530C94} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {4F20E07A-2CE9-40A0-9D9D-09FD994BEDAF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackupTask: {557A5ADA-86FD-49DC-8C32-C8A91BA500D6} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJJJLJIMMJKMLJCNHMGMIMJMCNLMKMLJNJCNOJOJJJKMCNHMLMJJMMHMKJJJOJNMGMIMKJJNJICMIMCNNMCNGMFMHMCNPMCNIMJMPMOMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMDLKJBJPNMKAJGJEJOJJNKJCMDJKJMIOMKMKMPLOJLJKJDJPIHJGJOJBNBJKJLIJNNICMJNDJCMKJBJ"Task: {7097FB6F-4358-45B6-A549-FD9D6F6CB27D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()Task: {7836029C-9435-4880-A511-94D39FB11B0A} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-06-23] (X-Rite Inc.)Task: {79BB4263-C232-43FC-939F-1C1AE01D53E7} - System32\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97} => C:\Users\Lenny\AppData\Local\Temp\is-67VLK.tmp\XRD Manager.exe <==== ATTENTIONTask: {7A855573-CDAA-4F44-90A2-6DE2CF1F88C6} - System32\Tasks\{FCC88699-3DF0-493C-9A95-0A118CAB5AEA} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)Task: {829C0F1F-953E-4970-A434-48B1EBDEB10C} - System32\Tasks\{4E3B5BB3-B791-4EC5-8CBF-915C7950BB8C} => Iexplore.exe http://ui.skype.com/ui/0/4.1.0.179/en/abandoninstall?source=lightinstaller&page=tsChrome&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:offered-installedTask: {8FE48A90-8A66-4E80-A49B-7EBF69B27EF3} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)Task: {928BD26C-B2EC-4A92-9046-D7B052BC9C19} - System32\Tasks\{B30645DC-3E7C-4A26-855B-22486C774D04} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {A1B75668-3580-407A-881A-3939D495136F} - System32\Tasks\{9625D193-BFAF-434D-9E49-20CA5BD2A12D} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {CD46A49E-96FC-4C7E-AC73-6DD2E7C5481C} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe [2014-10-18] (Siber Systems)Task: {CE96590B-32EF-471F-8112-69FF80DA9333} - System32\Tasks\{7B4F7486-CFE8-49B3-8D37-34CEF3930303} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {E3657384-BA11-4DFF-9406-5C74BEEB70BE} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Lenny => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-01-19] (H.D.S. Hungary) <==== ATTENTIONTask: {E7542C65-4F6B-497D-A8A2-193028CD59F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)Task: {F1FBD307-F4C4-4A55-81C4-A1E7442BE226} - System32\Tasks\{BC1E5E40-767B-474C-B47F-13E665A1D7BF} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {F44D5E07-CCAE-4E8C-84D5-871C14B77888} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core.job => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA.job => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exeTask: C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.job => C:\Users\Lenny\AppData\Local\Temp\is-67VLK.tmp\XRD Manager.exe==================== Loaded Modules (whitelisted) =============2014-06-28 10:49 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2012-11-28 21:14 - 2011-02-28 18:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll2014-01-07 19:12 - 2012-06-16 10:31 - 01128448 ____R () C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll2014-05-06 05:49 - 2014-04-11 14:40 - 00736450 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll2012-12-27 14:59 - 2012-12-27 14:59 - 01327025 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll2012-12-27 14:59 - 2012-12-27 14:59 - 03470769 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll2012-12-27 14:59 - 2012-12-27 14:59 - 00553393 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll2011-05-06 13:07 - 2011-05-06 13:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe2011-05-06 12:58 - 2011-05-06 12:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe2013-06-13 20:19 - 2013-04-24 23:03 - 00268800 _____ () C:\altera\13.0\qprogrammer\bin64\jtagserver.exe2013-06-13 20:19 - 2013-04-24 23:01 - 00028160 _____ () C:\altera\13.0\qprogrammer\bin64\ccl_ver.dll2013-06-13 20:19 - 2013-04-24 21:50 - 00879616 _____ () C:\altera\13.0\qprogrammer\bin64\dinkum_alt.dll2011-01-30 21:58 - 2010-01-27 12:37 - 00091392 _____ () C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe2014-02-28 07:07 - 2014-07-13 17:02 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe2011-02-24 15:36 - 2011-02-24 15:36 - 01041488 _____ () C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll2011-03-14 16:41 - 2011-03-14 16:41 - 00845392 _____ () C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll2014-01-07 19:12 - 2013-09-21 14:31 - 01139208 ____R () C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll2014-10-29 06:24 - 2014-10-29 07:27 - 17526360 _____ () C:\Users\Lenny\Desktop\RogueKillerX64.exe2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-06-23 20:04 - 2014-06-23 20:04 - 00464384 ____R () C:\Program Files (x86)\Softland\FBackup 5\bResourceStrings.bpl2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll2010-10-26 00:06 - 2010-10-26 00:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll2011-05-06 13:07 - 2011-05-06 13:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll2011-05-06 13:02 - 2011-05-06 13:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll2010-10-26 00:23 - 2010-10-26 00:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll2010-10-26 00:08 - 2010-10-26 00:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll2010-10-26 00:23 - 2010-10-26 00:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll2010-10-26 00:06 - 2010-10-26 00:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll2010-10-26 08:34 - 2010-10-26 08:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll2010-10-26 00:37 - 2010-10-26 00:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll2010-05-20 13:49 - 2010-05-20 13:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll2010-05-17 09:47 - 2010-05-17 09:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll2009-11-01 22:47 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL2009-11-01 22:47 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll2010-10-26 00:06 - 2010-10-26 00:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll2010-10-26 00:08 - 2010-10-26 00:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll2010-10-26 00:23 - 2010-10-26 00:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll2010-05-20 13:49 - 2010-05-20 13:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll2010-05-17 09:47 - 2010-05-17 09:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll2010-05-17 09:47 - 2010-05-17 09:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll2014-06-23 17:06 - 2014-06-23 17:06 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll2014-06-23 17:06 - 2014-06-23 17:06 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll2010-03-04 13:01 - 2010-03-04 13:01 - 00097384 ____R () C:\Program Files (x86)\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll2014-02-13 20:31 - 2014-10-29 06:28 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll2014-10-16 09:18 - 2014-10-16 09:18 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5d29373df3398f72bd90d096a4b94d97\IsdiInterop.ni.dll2011-01-20 11:20 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2010-02-14 15:36 - 2010-02-14 15:36 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll2010-02-14 15:36 - 2010-02-14 15:36 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll2011-01-21 19:50 - 2011-01-21 19:50 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll2009-12-11 13:44 - 2009-12-11 13:44 - 00045864 ____R () C:\Program Files (x86)\Nero\Nero 10\Nero Express\BCGPOleAcc.dll==================== Alternate Data Streams (whitelisted) =========(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)AlternateDataStreams: C:\Windows:nlsPreferencesAlternateDataStreams: C:\ProgramData\TEMP:0CFF5F08==================== Safe Mode (whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FBackup5Srv => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FBackup5Srv => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"==================== EXE Association (whitelisted) =============(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)==================== MSCONFIG/TASK MANAGER disabled items =========(Currently there is no automatic fix for this section.)MSCONFIG\Services: 0298191357999298mcinstcleanup => 2MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3MSCONFIG\Services: McMPFSvc => 2MSCONFIG\Services: McNASvc => 2MSCONFIG\Services: McShield => 2MSCONFIG\Services: MSK80Service => 2MSCONFIG\Services: nvUpdatusService => 2MSCONFIG\Services: SkypeUpdate => 2MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk => C:\Windows\pss\Amazon Unbox.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^i1Profiler Tray.lnk => C:\Windows\pss\i1Profiler Tray.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk => C:\Windows\pss\Snagit 10.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UnitedMPS.lnk => C:\Windows\pss\UnitedMPS.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^XRGamma.lnk => C:\Windows\pss\XRGamma.lnk.CommonStartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.StartupMSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Lenny\AppData\Local\Akamai\netsession_win.exe"MSCONFIG\startupreg: Amazon Cloud Drive => C:\Users\Lenny\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exeMSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesMSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2317.0\mswinext.exe"MSCONFIG\startupreg: BrStsWnd => C:\Program Files (x86)\Brownie\BrstsW64.exe AutorunMSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonMSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logonMSCONFIG\startupreg: COMMUNICATOR => "C:\Program Files (x86)\Microsoft Office Communicator\Communicator.exe" /silentRetrials /backgroundMSCONFIG\startupreg: Conime => %windir%\system32\conime.exeMSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXEMSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exeMSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exeMSCONFIG\startupreg: EPSON Stylus Photo R280 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE /FU "C:\Users\Lenny\AppData\Local\Temp\E_S48E.tmp" /EF "HKCU"MSCONFIG\startupreg: Eraser => C:\Program Files\Eraser\Eraser.exe -hideMSCONFIG\startupreg: FBackup 5 Tray Agent => "C:\Program Files (x86)\Softland\FBackup 5\bTray.exe"MSCONFIG\startupreg: FPPhotoMiddleWare => C:\Program Files (x86)\Fisher-Price\Kid-Tough Digital Studio Software\Util\Kid-Tough Digital Studio Software Middleware.exeMSCONFIG\startupreg: Garmin Lifetime Updater => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimizedMSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"MSCONFIG\startupreg: Google Update => "C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe" /cMSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifworkMSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXEMSCONFIG\startupreg: Intel AppUp(SM) center => "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exeMSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenMSCONFIG\startupreg: McPvTray_exe => "C:\Program Files\McAfee\MAT\McPvTray.exe"MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyMSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStartMSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startupMSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststartMSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -trayMSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartMSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRunMSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunMSCONFIG\startupreg: Steam => "c:\program files (x86)\steam\steam.exe" -silentMSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"MSCONFIG\startupreg: WiRNSMon => C:\WiRNS\WiRNSMon.exe========================= Accounts: ==========================Administrator (S-1-5-21-4283040996-3033618002-920699296-500 - Administrator - Disabled)Guest (S-1-5-21-4283040996-3033618002-920699296-501 - Limited - Disabled)Len (S-1-5-21-4283040996-3033618002-920699296-1016 - Administrator - Enabled)Lenny (S-1-5-21-4283040996-3033618002-920699296-1001 - Administrator - Enabled) => C:\Users\LennyMegan (S-1-5-21-4283040996-3033618002-920699296-1006 - Limited - Enabled)mythtv (S-1-5-21-4283040996-3033618002-920699296-1009 - Limited - Enabled)==================== Faulty Device Manager Devices =============Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.==================== Event log errors: =========================Application errors:==================Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:37:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: MotoConnect.exe, version: 1.1.21.0, time stamp: 0x4b67f0bfFaulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86Exception code: 0xe06d7363Fault offset: 0x0000c42dFaulting process id: 0x2010Faulting application start time: 0xMotoConnect.exe0Faulting application path: MotoConnect.exe1Faulting module path: MotoConnect.exe2Report Id: MotoConnect.exe3Error: (10/29/2014 11:33:48 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program AdwCleaner.exe version 3.3.1.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 18a0Start Time: 01cff3f1dac784b2Termination Time: 0Application Path: C:\Users\Lenny\Desktop\AdwCleaner.exeReport Id: 76284f7a-5fe5-11e4-9d70-00268313bf43System errors:=============Error: (10/30/2014 06:53:24 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:48:14 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:43:04 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:37:54 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:32:44 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:27:34 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:22:24 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:17:14 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:12:04 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Error: (10/30/2014 06:06:54 PM) (Source: NetBT) (EventID: 4321) (User: )Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.120.The computer with the IP address 192.168.1.1 did not allow the name to be claimed bythis computer.Microsoft Office Sessions:=========================Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:51:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (10/29/2014 11:41:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (10/29/2014 11:37:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: MotoConnect.exe1.1.21.04b67f0bfKERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d201001cff3f2d2d90af1C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exeC:\Windows\syswow64\KERNELBASE.dll11217292-5fe6-11e4-9d70-00268313bf43Error: (10/29/2014 11:33:48 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: AdwCleaner.exe3.3.1.118a001cff3f1dac784b20C:\Users\Lenny\Desktop\AdwCleaner.exe76284f7a-5fe5-11e4-9d70-00268313bf43CodeIntegrity Errors:=================================== Date: 2014-10-29 22:58:24.422 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Lenny\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-29 22:58:24.236 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Lenny\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.==================== Memory info ===========================Processor: Intel® Core i7-2600K CPU @ 3.40GHzPercentage of memory in use: 43%Total physical RAM: 8159.09 MBAvailable physical RAM: 4581.3 MBTotal Pagefile: 16316.35 MBAvailable Pagefile: 11197.27 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB==================== Drives ================================Drive c: (Windows7) (Fixed) (Total:1863.01 GB) (Free:214.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive f: () (Removable) (Total:14.92 GB) (Free:10.63 GB) exFATDrive g: (RAID) (Fixed) (Total:2794.39 GB) (Free:970.73 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)Partition: GPT Partition Type.========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4EBC02CF)Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)========================================================Disk: 2 (Size: 14.9 GB) (Disk ID: 00FEF155)Partition 1: (Active) - (Size=14.9 GB) - (Type=07 NTFS)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Maniac Posted November 3, 2014 ID:902060 Share Posted November 3, 2014 P2P/Piracy Warning: If you're using Peer 2 Peer software such as BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Link to post Share on other sites More sharing options...
centre Posted November 3, 2014 Author ID:902126 Share Posted November 3, 2014 Understood and will comply. I hadn't even realized I had bittorrent on here. Link to post Share on other sites More sharing options...
Maniac Posted November 5, 2014 ID:903247 Share Posted November 5, 2014 When you do that, please re-generate a new fresh FRST log and post it here. Link to post Share on other sites More sharing options...
centre Posted November 6, 2014 Author ID:903393 Share Posted November 6, 2014 I took the opportunity to do some much needed cleaning of programs I haven't used in years. Below is the new first. It won't let me post the addition as it will make this reply too long. I'll do a second reply. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014Ran by Lenny (administrator) on LENNY-PC on 05-11-2014 21:01:18Running from C:\Users\Lenny\Desktop\FRSTLoaded Profile: Lenny (Available profiles: Lenny)Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe(Computer Associates International, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\hdsentinel.exe(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Softland) C:\Program Files (x86)\Softland\FBackup 5\bService.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\casc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinctray.exe(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boincmgr.exe(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe() C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_7.24_windows_intelx86.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\Data\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe() C:\altera\13.0\qprogrammer\bin64\jtagserver.exe(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe() C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_um_7.24_windows_intelx86.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe() C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe(Microsoft Corporation) C:\Windows\System32\msiexec.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe(Motorola) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE(Palm) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\System32\PnkBstrA.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe(CA) C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe(RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe(rbolen70,Glenn1963) C:\WiRNS\WiRNS.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccEvtMgr.exe() C:\Program Files (x86)\BOINC\Data\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation__modified_fit_1.36_windows_x86_64__opencl_nvidia_101.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccprovep.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)HKLM\...\Run: [cctray] => C:\Program Files\Total Defense\Internet Security Suite\casc.exe [2733576 2013-09-21] (Total Defense, Inc.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [73360 2014-02-27] (Space Sciences Laboratory)HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exeWinlogon\Notify\PFW-x32: UmxWnp.Dll [X]HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [FBackup 4] => [X]HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [] => [X]HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\boincmgr.exe [5885072 2014-02-27] (Space Sciences Laboratory)HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-10-18] (Siber Systems)HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"AppInit_DLLs: UmxSbxExA64.dll => C:\Windows\system32\UmxSbxExA64.dll [171600 2011-02-28] (CA)AppInit_DLLs: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs => HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs File Not FoundAppInit_DLLs-x32: UmxSbxExw.dll => "UmxSbxExw.dll" File Not Found==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.passwird.com/URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No FileURLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No FileHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4283040996-3033618002-920699296-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}SearchScopes: HKCU - DefaultScope {99ED197B-139E-4CC0-8CB1-B71969B3047F} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}SearchScopes: HKCU - {43EF75EC-D86C-450A-8662-300D9166C332} URL = http://www.bing.com/search?q={searchTerms}&form=OSDSRCSearchScopes: HKCU - {4C9D1B42-C84E-4be6-9B9B-FC6C2D405271} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}SearchScopes: HKCU - {99ED197B-139E-4CC0-8CB1-B71969B3047F} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}SearchScopes: HKCU - {A7BFA6F1-B11A-4b4c-BE24-05E52CE2AEE2} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMBSearchScopes: HKCU - {F424DB34-2544-412C-8662-5815DEA1DE10} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)BHO: Total Defense Anti-Phishing Toolbar Helper -> {45011CF5-E4A9-4F13-9093-F30A784EB9B2} -> C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)BHO-x32: Total Defense Anti-Phishing Toolbar Helper -> {45011CF5-E4A9-4F13-9093-F30A784EB9B2} -> C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: No Name -> {89867A4A-BDEE-4259-964A-B8E87C4892F3} -> No FileBHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)Toolbar: HKLM - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)Toolbar: HKLM-x32 - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No FileToolbar: HKCU - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabDPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {28B66320-9687-4B13-8757-36F901887AB5} http://www.seehere.com/ips-opdata/layout/fujius02/objects/jordan-canvasx.cabDPF: HKLM-x32 {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.storefront.com/images/global/activex/SFImageUpload1_10.CABDPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cabDPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cabDPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cabDPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ra.vgt.net/dana-cached/sc/JuniperSetupClient.cabDPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cabHandler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]ShellExecuteHooks-x32: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]Winsock: Catalog9 01 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9 02 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9 14 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9-x64 01 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Winsock: Catalog9-x64 02 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Winsock: Catalog9-x64 14 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Tcpip\Parameters: [DhcpNameServer] 205.171.203.226 205.171.2.226 192.168.1.1Tcpip\..\Interfaces\{4591C56C-AF49-49E9-BDBA-95DBC46C6A44}: [NameServer] 208.33.159.39,71.2.28.14FireFox:========FF ProfilePath: C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.defaultFF DefaultSearchEngine: SwagbucksFF SearchEngineOrder.1: Secure SearchFF SelectedSearchEngine: SwagbucksFF NetworkProxy: "no_proxies_on", "127.0.0.1"FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Lenny\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No FileFF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)FF SearchPlugin: C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\searchplugins\swagbucks.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xmlFF Extension: Garmin Communicator - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-21]FF Extension: Microsoft .NET Framework Assistant - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-06]FF Extension: DownloadHelper - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]FF Extension: Flash and Video Download - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-10-15]FF Extension: Torbutton - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2011-04-17]FF Extension: Distill Web Monitor (formerly AlertBox) - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\alertbox@ajitk.com.xpi [2012-05-21]FF Extension: Check4Change - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\check4change-owner@mozdev.org.xpi [2011-08-20]FF Extension: Exif Viewer - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2013-06-18]FF Extension: Adblock Plus - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]FF Extension: BetterPrivacy - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-08-20]FF Extension: DownThemAll! - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-01-29]FF Extension: Greasemonkey - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]FF HKLM-x32\...\Firefox\Extensions: [caaphishtoolbar@ca.com] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\FirefoxFF Extension: Total Defense Anti-Phishing Toolbar - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox [2014-01-07]FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\FirefoxFF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2009-11-02]FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\FirefoxChrome:=======Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTIONCHR Profile: C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Entanglement Web App) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-11]CHR Extension: (Angry Birds) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-05-11]CHR Extension: (United MileagePlus Shopping Assistant) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbcdijacbpcopcaejdbbnepdkljlckol [2013-03-09]CHR Extension: (SiteAdvisor) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-03-03]CHR Extension: (Total Defense Anti-Phishing Toolbar) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih [2014-04-04]CHR Extension: (Skype Click to Call) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-04]CHR Extension: (Poppit) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-11]CHR Extension: (Google Wallet) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-04]CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-04-04]CHR HKLM-x32\...\Chrome\Extension: [hpdpkkpdlooddakbebmkeeegehfjdnih] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\GoogleChrome\td_aphish_toolbar.crx [2014-01-07]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-04-04]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-03-04] (Amazon.com) [File not signed]R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 CAAMSvc; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [313040 2014-01-07] (Total Defense, Inc.)R3 CaCCProvSP; C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe [367112 2013-09-21] (Total Defense, Inc.)R2 CAISafe; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe [314888 2013-09-21] (Computer Associates International, Inc.)R2 ccSchedulerSVC; C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe [288776 2013-09-21] (Total Defense, Inc.)R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2012-12-27] (Dassault Systèmes) [File not signed]R2 FBackup5Srv; C:\Program Files (x86)\Softland\FBackup 5\bService.exe [3095608 2014-06-23] (Softland)R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] () [File not signed]S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [File not signed]R2 JTAGServer; C:\altera\13.0\qprogrammer\bin64\jtagserver.exe [268800 2013-04-24] () [File not signed]R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2014-01-22] (LeapFrog Enterprises, Inc.) [File not signed]R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]R2 MotoConnect Service; C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [91392 2010-01-27] ()R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software)R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2012-10-30] (Nitro PDF Software)R2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [72192 2011-06-24] (Palm) [File not signed]R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-13] ()R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-12] ()S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)R2 UmxEngine; C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe [920656 2011-04-04] (CA)R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)R2 WiRNS.exe; C:\WiRNS\WiRNS.exe [147456 2011-10-25] (rbolen70,Glenn1963) [File not signed]R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-06-23] (X-Rite Inc.)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1101600 2010-03-23] (Ralink Technology Corp.)S3 AlteraUSBBlaster; C:\Windows\System32\drivers\usbblstr.sys [70480 2013-04-24] (FTDI Ltd.)R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.)R1 KmxAgent; C:\Windows\System32\DRIVERS\kmxagent.sys [113744 2011-10-26] (CA)R0 KmxAMRT; C:\Windows\System32\DRIVERS\KmxAMRT.sys [182352 2011-10-27] (Total Defense)R2 KmxCF; C:\Windows\System32\DRIVERS\KmxCF.sys [201936 2011-09-06] (CA)R1 KmxCfg; C:\Windows\System32\DRIVERS\kmxcfg.sys [365136 2011-09-06] (CA)R1 KmxFile; C:\Windows\System32\DRIVERS\KmxFile.sys [87120 2011-09-06] (CA)R1 KmxFilter; C:\Windows\System32\DRIVERS\KmxFilter.sys [99024 2011-09-06] (CA)R0 KmxFw; C:\Windows\System32\DRIVERS\kmxfw.sys [143824 2011-09-06] (CA)R2 KmxSbx; C:\Windows\System32\DRIVERS\KmxSbx.sys [81488 2011-09-06] (CA)S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-07-16] (McAfee, Inc.)S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-13] ()R1 NEOFLTR_710_17675; C:\Windows\system32\Drivers\NEOFLTR_710_17675.SYS [97912 2011-02-10] (Juniper Networks)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2010-12-28] ()R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2014-10-29] ()R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity)R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2014-07-11] (Nicomsoft Ltd.)R2 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [10240 2014-07-11] (Nicomsoft Ltd.) [File not signed]S3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 vserial; System32\DRIVERS\vserial.sys [X]==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-11-05 20:57 - 2014-11-05 21:01 - 00000000 ____D () C:\Users\Lenny\Desktop\FRST2014-11-05 20:56 - 2014-11-05 20:56 - 00000000 ___RD () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-05 20:23 - 2014-11-05 20:23 - 00099384 _____ () C:\Users\Lenny\AppData\Roaming\inst.exe2014-11-04 20:09 - 2014-11-04 20:09 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{2C08B549-ABDA-4097-A8A2-4E0375426559}2014-11-02 22:25 - 2014-11-02 22:25 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{47846622-8F3C-43CD-9944-A79B5BEA359D}2014-11-02 10:25 - 2014-11-02 10:25 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{74D39D9B-4417-4462-BB65-073B9294FE2A}2014-11-01 22:24 - 2014-11-01 22:24 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A49C0519-8258-4252-AFDB-346145CF1A26}2014-11-01 10:23 - 2014-11-01 10:23 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{24053101-2A8A-4B3B-889B-F41BB7489E0A}2014-11-01 10:21 - 2014-11-01 10:21 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{6B0F5714-6386-40F0-B679-ED1A58FA2678}2014-11-01 10:21 - 2014-11-01 10:21 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{5405A83B-43D4-4C48-96D9-A34835223BFA}2014-11-01 10:20 - 2014-11-01 10:20 - 00000000 ____D () C:\Users\Lenny\WebDownload2014-10-31 02:18 - 2014-10-31 02:18 - 00000406 _____ () C:\Windows\SysWOW64\2014-10-30 17:44 - 2014-10-30 17:44 - 00000841 _____ () C:\Users\Lenny\.recently-used.xbel2014-10-30 17:43 - 2014-11-05 21:01 - 00000000 ____D () C:\FRST2014-10-30 06:10 - 2014-10-30 06:10 - 00020038 _____ () C:\Users\Lenny\Desktop\RKreport_SCN_10302014_070941.log2014-10-29 23:12 - 2014-10-29 23:12 - 00001655 _____ () C:\Users\Lenny\Desktop\easyHDR 3.lnk2014-10-29 23:11 - 2014-10-29 23:11 - 22628864 _____ (SIMPARTEK - Bartlomiej Okonek) C:\Users\Lenny\Desktop\easyHDR_3040_setup-1.exe2014-10-29 22:15 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-10-29 22:13 - 2014-10-29 22:36 - 00000000 ____D () C:\AdwCleaner2014-10-29 22:10 - 2014-10-29 16:45 - 01375089 _____ () C:\Users\Lenny\Desktop\AdwCleaner.exe2014-10-29 21:55 - 2014-10-29 22:17 - 00542868 _____ () C:\MGlogs.zip2014-10-29 21:53 - 2014-10-29 21:54 - 00090966 _____ () C:\Users\Lenny\Desktop\HitmanPro_20141029_2253.log2014-10-29 21:52 - 2014-10-29 21:52 - 00090966 _____ () C:\Users\Lenny\Desktop\HitmanPro_20141029_2251.log2014-10-29 21:33 - 2014-10-29 21:33 - 00000000 ____D () C:\Program Files\HitmanPro2014-10-29 21:32 - 2014-10-29 21:54 - 00000000 ____D () C:\ProgramData\HitmanPro2014-10-29 21:29 - 2014-10-29 03:33 - 04163057 _____ () C:\Users\Lenny\Desktop\tdsskiller.zip2014-10-29 20:34 - 2014-10-29 20:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3EFF7018.sys2014-10-29 19:55 - 2014-10-29 20:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-29 19:55 - 2014-10-29 19:55 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-29 19:55 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-29 19:55 - 2014-10-01 10:39 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-29 19:55 - 2014-10-01 10:39 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-29 19:55 - 2014-10-01 10:39 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-29 19:51 - 2014-10-29 19:51 - 00000000 _____ () C:\Windows\system32\Drivers\is-PP571.tmp2014-10-29 19:51 - 2014-10-29 19:51 - 00000000 _____ () C:\Windows\system32\Drivers\is-13G8P.tmp2014-10-29 19:50 - 2014-10-29 19:50 - 00000000 ____D () C:\Program Files (x86)\MB2014-10-29 19:47 - 2014-10-29 19:47 - 00021810 _____ () C:\Users\Lenny\Desktop\RKreport_SCN_10292014_204510.log2014-10-29 19:34 - 2014-10-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-29 18:24 - 2014-10-29 22:58 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2014-10-29 18:24 - 2014-10-29 18:24 - 00000000 ____D () C:\ProgramData\RogueKiller2014-10-29 05:28 - 2014-10-29 05:28 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{6A8BF2E7-88D9-4A92-BFFD-15E779C83034}2014-10-29 05:24 - 2014-10-29 21:32 - 11222744 _____ (SurfRight B.V.) C:\Users\Lenny\Desktop\HitmanPro_x64.exe2014-10-29 05:24 - 2014-10-29 06:27 - 17526360 _____ () C:\Users\Lenny\Desktop\RogueKillerX64.exe2014-10-29 05:24 - 2014-10-28 07:31 - 01990574 _____ () C:\Users\Lenny\Desktop\MGtools.exe2014-10-29 05:24 - 2014-10-28 07:29 - 19828216 _____ (Malwarebytes Corporation ) C:\Users\Lenny\Desktop\MB.exe2014-10-28 17:00 - 2014-10-28 17:00 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Lenny\Desktop\TDSSKiller.exe2014-10-27 18:49 - 2014-10-27 18:50 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{354684CC-FF9C-4517-B2D1-D1B48BE67808}2014-10-27 18:09 - 2014-10-27 18:09 - 00000000 ____D () C:\SUPERDelete2014-10-27 18:08 - 2014-10-27 18:08 - 01055936 _____ (Adobe) C:\Users\Lenny\Downloads\install_flashplayer15x32axau_mssd_aaa_aih.exe2014-10-23 20:17 - 2014-10-23 20:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{B715B83C-02EC-45DB-B84E-DFDDAC19BA0F}2014-10-23 19:08 - 2014-10-23 19:21 - 00000000 ____D () C:\Users\Lenny\Desktop\Trip_to_PA2014-10-23 08:17 - 2014-10-23 08:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{D22C1FC4-E5D2-4230-BAB5-A01666AB356D}2014-10-22 20:17 - 2014-10-22 20:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{C10A6334-87FC-48C7-88D6-4182DD51AF40}2014-10-22 16:12 - 2014-11-05 20:56 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}2014-10-22 08:16 - 2014-10-22 08:16 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{3C6B4BC4-7A05-4C86-B547-F756F41C4D41}2014-10-21 20:15 - 2014-10-21 20:15 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A0FB0FB9-D303-424E-8CC6-A20819CF1A23}2014-10-20 19:20 - 2014-10-20 19:20 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{B3C373A8-EA6B-435C-A671-9ADAEE81E856}2014-10-20 19:15 - 2014-10-20 19:19 - 00000000 ____D () C:\Users\Lenny\Desktop\Leaf2014-10-18 17:17 - 2014-10-29 05:36 - 00009306 _____ () C:\Users\Lenny\Desktop\mousehunt.xlsx2014-10-18 17:17 - 2014-10-23 05:57 - 00000165 ____H () C:\Users\Lenny\Desktop\~$mousehunt.xlsx2014-10-18 16:05 - 2014-10-18 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-10-18 07:36 - 2014-10-18 07:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{90F43029-6C4E-47AB-97F2-72CFDE38B9DC}2014-10-16 14:28 - 2014-10-16 14:28 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{DA4CB2AF-FC67-4706-B3D2-61DA188571E9}2014-10-16 07:51 - 2014-10-16 07:51 - 00000000 ____D () C:\Program Files (x86)\Java2014-10-16 06:48 - 2014-10-16 06:48 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{CC19ECC4-FC46-4C25-B855-AE9F4C0775DD}2014-10-16 02:53 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-10-16 02:53 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2014-10-16 02:53 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-10-16 02:53 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-16 02:53 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-16 02:53 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-16 02:53 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-16 02:53 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-16 02:53 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-16 02:53 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-16 02:53 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-16 02:53 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-10-16 02:53 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-10-16 02:53 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-16 02:53 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-16 02:53 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-16 02:53 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-10-16 02:53 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-10-16 02:53 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-16 02:53 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-16 02:53 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-10-16 02:53 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-10-16 02:53 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-10-16 02:53 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-10-16 02:53 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-16 02:53 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-16 02:53 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-10-16 02:53 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-10-16 02:53 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-10-16 02:53 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-10-16 02:53 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-10-16 02:53 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-10-16 02:53 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-16 02:53 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-16 02:53 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-16 02:53 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-16 02:53 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-10-16 02:53 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-10-16 02:53 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-10-16 02:53 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-10-16 02:53 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-10-16 02:53 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-16 02:53 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-16 02:53 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-10-16 02:53 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-10-16 02:53 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-16 02:53 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-10-16 02:53 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-16 02:53 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-10-16 02:53 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-16 02:53 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-16 02:53 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-16 02:53 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-16 02:53 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-16 02:53 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll2014-10-16 02:53 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll2014-10-16 02:52 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-10-16 02:52 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-10-16 02:52 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-16 02:52 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-16 02:52 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-10-16 02:52 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-10-16 02:52 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll2014-10-16 02:52 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-10-16 02:52 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-10-16 02:52 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys2014-10-16 02:52 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2014-10-16 02:51 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-16 02:51 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-16 02:51 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-16 02:51 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-15 21:29 - 2014-10-15 21:29 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{BFB0C2EB-910C-4970-8272-F4FEA4DDD019}2014-10-15 21:06 - 2006-08-04 16:43 - 00073728 _____ (brother) C:\Windows\SysWOW64\BRWEBUP.EXE2014-10-15 21:06 - 2006-08-03 12:14 - 00090112 _____ (brother) C:\Windows\SysWOW64\BrWebIns.dll2014-10-15 21:01 - 2014-10-15 21:04 - 187666696 _____ (A.I.SOFT,INC.) C:\Users\Lenny\Downloads\Y09A_C1-inst-win78-C1-enus.EXE2014-10-15 19:51 - 2014-10-16 10:59 - 00000000 ____D () C:\Users\Lenny\Desktop\Bee_Kindergarten2014-10-15 06:09 - 2014-10-15 06:09 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{BF14A88F-1373-43C1-B7CA-93F048458C6A}2014-10-14 18:54 - 2014-10-14 18:54 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{0BC76CD6-5A34-4367-9FC7-D083570E06B1}2014-10-14 05:26 - 2014-10-14 05:26 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{9DAD0DB5-5680-43B0-A6F5-2FB29BAD0D91}2014-10-11 12:20 - 2014-10-11 12:20 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A22F6CCE-A734-4F3F-AE49-8F04FC47C3A0}2014-10-10 05:17 - 2014-10-10 05:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{E202DD03-6171-4624-B6EE-863D3A92CC6C}2014-10-08 19:35 - 2014-10-08 19:37 - 00000000 ____D () C:\Users\Lenny\Desktop\pic2014-10-07 19:12 - 2014-10-07 19:12 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{D55BCDBB-AD34-44CE-9EE3-FF3EC7450A6F}2014-10-06 06:05 - 2014-10-06 06:05 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{7BD6C676-F0D7-4977-AE40-DF98AF17BE9E}==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-11-05 21:08 - 2011-03-08 21:11 - 01967115 _____ () C:\Windows\WindowsUpdate.log2014-11-05 21:05 - 2009-07-14 00:13 - 00888424 _____ () C:\Windows\system32\PerfStringBackup.INI2014-11-05 21:01 - 2011-02-04 21:05 - 00000000 ____D () C:\WiRNS2014-11-05 20:58 - 2012-06-14 02:36 - 00147414 _____ () C:\Windows\setupact.log2014-11-05 20:57 - 2012-08-19 15:20 - 00000000 ____D () C:\ProgramData\Kodak2014-11-05 20:57 - 2009-12-25 21:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-11-05 20:56 - 2014-08-17 09:14 - 00001296 ____H () C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.job2014-11-05 20:56 - 2011-01-20 10:35 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini2014-11-05 20:56 - 2009-11-01 19:59 - 00153368 _____ () C:\Users\Lenny\AppData\Local\GDIPFONTCACHEV1.DAT2014-11-05 20:56 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-11-05 20:55 - 2012-06-14 02:35 - 01018372 _____ () C:\Windows\PFRO.log2014-11-05 20:55 - 2009-11-01 21:55 - 00000000 ____D () C:\ProgramData\NVIDIA2014-11-05 20:55 - 2009-11-01 21:18 - 00000000 ____D () C:\Program Files (x86)\Creative2014-11-05 20:51 - 2011-05-19 18:41 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Digiarty2014-11-05 20:51 - 2009-11-21 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty2014-11-05 20:50 - 2009-11-21 07:44 - 00000000 ____D () C:\Program Files (x86)\Digiarty2014-11-05 20:49 - 2010-10-21 04:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft2014-11-05 20:49 - 2010-10-21 04:42 - 00000000 ____D () C:\Program Files\WonderFox Soft2014-11-05 20:40 - 2012-09-25 18:56 - 00000000 ____D () C:\Program Files\PixInsight2014-11-05 20:34 - 2011-12-27 20:55 - 00000000 ____D () C:\Program Files (x86)\Moo02014-11-05 20:33 - 2009-11-13 20:50 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2014-11-05 20:33 - 2009-11-13 20:28 - 00000000 ____D () C:\Program Files (x86)\Steam2014-11-05 20:30 - 2010-07-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Smart Projects2014-11-05 20:28 - 2014-01-07 18:14 - 00000000 ____D () C:\Program Files (x86)\CA2014-11-05 20:26 - 2009-11-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON2014-11-05 20:24 - 2009-12-12 14:39 - 00000000 ____D () C:\Users\Lenny\AppData\Local\NeoSmart_Technologies2014-11-05 20:24 - 2009-12-12 14:36 - 00000000 ____D () C:\Program Files (x86)\NeoSmart Technologies2014-11-05 20:23 - 2013-12-25 08:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink2014-11-05 20:23 - 2009-12-28 06:41 - 00000033 _____ () C:\Users\Lenny\AppData\Roaming\pcouffin.log2014-11-05 20:23 - 2009-12-28 06:40 - 00082816 _____ (VSO Software) C:\Users\Lenny\AppData\Roaming\pcouffin.sys2014-11-05 20:23 - 2009-12-28 06:40 - 00007859 _____ () C:\Users\Lenny\AppData\Roaming\pcouffin.cat2014-11-05 20:23 - 2009-12-28 06:40 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Vso2014-11-05 20:22 - 2013-12-25 08:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 42014-11-05 20:19 - 2009-12-20 14:23 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Creative2014-11-05 20:16 - 2010-05-23 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core FTP2014-11-05 20:15 - 2009-11-01 21:47 - 00000000 ____D () C:\ProgramData\Creative2014-11-05 20:11 - 2013-03-02 07:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour2014-11-05 20:04 - 2009-07-13 23:45 - 00504024 _____ () C:\Windows\system32\FNTCACHE.DAT2014-11-05 20:01 - 2014-01-07 20:23 - 02713117 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k02014-11-05 20:01 - 2014-01-07 20:23 - 00552676 _____ () C:\Windows\system32\Drivers\KmxAgent.asc2014-11-05 20:01 - 2014-01-07 20:23 - 00000679 _____ () C:\Windows\system32\Drivers\kmxzone.u2k02014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k72014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k62014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k52014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k42014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k32014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k22014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k12014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k72014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k62014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k52014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k42014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k32014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k22014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k12014-11-05 20:01 - 2013-07-31 22:57 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core.job2014-11-05 19:55 - 2011-02-26 20:53 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Apple2014-11-05 19:51 - 2009-12-25 21:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-11-05 19:46 - 2010-01-25 19:11 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-11-05 19:45 - 2009-11-01 20:23 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Adobe2014-11-05 19:25 - 2014-08-29 05:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Adobe2014-11-05 08:00 - 2014-08-17 09:13 - 00000388 _____ () C:\Windows\Tasks\X-Rite Device Services Software Updater.job2014-11-04 20:22 - 2014-05-07 05:24 - 00287232 ___SH () C:\Users\Lenny\Desktop\Thumbs.db2014-11-04 19:40 - 2011-04-30 20:03 - 00000000 ____D () C:\temp2014-11-04 19:27 - 2009-07-13 21:34 - 00000626 _____ () C:\Windows\win.ini2014-11-04 19:20 - 2009-07-13 23:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-11-04 19:20 - 2009-07-13 23:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-11-01 10:20 - 2009-11-01 19:57 - 00000000 ____D () C:\Users\Lenny2014-10-30 17:44 - 2011-04-30 20:04 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\gtk-2.02014-10-30 17:44 - 2011-04-30 20:03 - 00000000 ____D () C:\Users\Lenny\.gimp-2.62014-10-30 14:16 - 2014-01-18 11:53 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Deployment2014-10-30 06:25 - 2009-11-01 20:14 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-10-29 23:12 - 2013-07-28 06:44 - 00000000 ____D () C:\Users\Lenny\easyHDR 32014-10-29 23:12 - 2013-07-28 06:44 - 00000000 ____D () C:\Program Files\easyHDR 32014-10-29 23:09 - 2014-10-01 22:31 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Anvsoft2014-10-29 22:47 - 2014-01-15 17:42 - 00000000 ___RD () C:\Users\Lenny\Dropbox2014-10-29 22:47 - 2010-04-21 18:54 - 00000341 _____ () C:\Windows\Brownie.ini2014-10-29 22:47 - 2010-03-26 19:44 - 00000000 ____D () C:\Windows\pss2014-10-29 22:47 - 2009-11-24 22:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Eraser2014-10-29 22:45 - 2014-01-15 17:40 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Dropbox2014-10-29 22:17 - 2008-12-04 21:09 - 00000000 ____D () C:\MGtools2014-10-29 21:59 - 2009-11-18 16:56 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Skype2014-10-29 21:28 - 2014-04-09 05:48 - 00000000 ____D () C:\Users\Lenny\Desktop\Cleanup2014-10-29 21:27 - 2011-01-20 10:33 - 00000000 ____D () C:\Users\Lenny\AppData\Local\CrashDumps2014-10-29 19:34 - 2010-11-13 08:40 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-29 06:20 - 2014-01-18 07:01 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Media Player Classic2014-10-29 06:03 - 2014-01-15 17:41 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-10-29 05:58 - 2013-06-13 19:08 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Akamai2014-10-29 05:46 - 2009-12-25 21:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-10-29 05:46 - 2009-12-25 21:29 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-10-29 05:39 - 2012-04-25 04:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-10-29 05:28 - 2014-02-13 19:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-10-28 06:02 - 2012-10-10 21:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\dvdcss2014-10-27 18:09 - 2013-01-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons2014-10-24 04:35 - 2013-07-31 22:57 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA2014-10-24 04:35 - 2013-07-31 22:57 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core2014-10-24 04:35 - 2013-07-31 22:57 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA.job2014-10-23 19:12 - 2014-10-04 15:43 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Media Converter2014-10-23 19:06 - 2010-04-21 06:43 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Nero2014-10-22 18:32 - 2011-02-22 20:14 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-10-18 17:05 - 2012-04-07 07:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-10-18 17:05 - 2011-05-24 19:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-10-18 16:52 - 2009-11-11 07:03 - 00000000 ____D () C:\Program Files (x86)\BOINC2014-10-18 16:05 - 2010-11-25 18:25 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-10-18 16:05 - 2009-11-18 16:55 - 00000000 ____D () C:\ProgramData\Skype2014-10-18 06:50 - 2011-05-11 20:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\RoboForm2014-10-18 06:49 - 2011-06-20 21:31 - 00004208 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm2014-10-18 06:48 - 2011-11-25 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm2014-10-18 06:48 - 2009-11-02 19:55 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon2014-10-18 06:47 - 2014-04-27 06:06 - 16254368 _____ (Siber Systems) C:\Users\Lenny\Desktop\RoboForm-Setup-cnetc.exe2014-10-16 11:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2014-10-16 07:54 - 2013-10-26 08:16 - 00000000 ____D () C:\ProgramData\Oracle2014-10-16 07:52 - 2014-06-28 06:22 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-10-16 07:10 - 2014-05-06 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-10-16 07:06 - 2009-11-18 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-10-16 07:01 - 2013-08-14 02:01 - 00000000 ____D () C:\Windows\system32\MRT2014-10-16 06:50 - 2009-11-01 21:53 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-10-15 21:06 - 2010-04-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Brownie2014-10-15 21:06 - 2009-11-01 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-10-15 20:59 - 2010-04-21 18:55 - 00000426 _____ () C:\Windows\BRWMARK.INI2014-10-15 19:09 - 2012-11-28 20:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\PrimoPDF2014-10-12 02:03 - 2011-05-19 19:25 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI2014-10-09 15:44 - 2012-10-30 19:23 - 00000000 ___RD () C:\Users\Lenny\Documents\RocketLifeNetwork2014-10-09 15:43 - 2014-10-02 08:20 - 00002059 _____ () C:\Users\Lenny\Desktop\PrintProjects.lnk2014-10-09 15:43 - 2014-10-02 08:20 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\PrintProjects2014-10-09 15:43 - 2014-10-02 08:20 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintProjects2014-10-07 09:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDFFiles to move or delete:====================C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.jobSome content of TEMP:====================C:\Users\Lenny\AppData\Local\Temp\dllnt_dump.dllC:\Users\Lenny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6ckm5e.dllC:\Users\Lenny\AppData\Local\Temp\DVMu.dllC:\Users\Lenny\AppData\Local\Temp\JREInstall??2.exeC:\Users\Lenny\AppData\Local\Temp\NEventMessages.dllC:\Users\Lenny\AppData\Local\Temp\NOSEventMessages.dllC:\Users\Lenny\AppData\Local\Temp\nv3DVStreaming.dllC:\Users\Lenny\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Lenny\AppData\Local\Temp\nvStereoApiI.dllC:\Users\Lenny\AppData\Local\Temp\nvStInst.exeC:\Users\Lenny\AppData\Local\Temp\Quarantine.exeC:\Users\Lenny\AppData\Local\Temp\SkypeSetup.exeC:\Users\Lenny\AppData\Local\Temp\sonarinst.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-10-27 07:11==================== End Of Log ============================ Link to post Share on other sites More sharing options...
centre Posted November 6, 2014 Author ID:903394 Share Posted November 6, 2014 Here's the addition.txt Thanks for your continued help! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014Ran by Lenny (administrator) on LENNY-PC on 05-11-2014 21:01:18Running from C:\Users\Lenny\Desktop\FRSTLoaded Profile: Lenny (Available profiles: Lenny)Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\CAAMSvc.exe(Computer Associates International, Inc.) C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\hdsentinel.exe(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Softland) C:\Program Files (x86)\Softland\FBackup 5\bService.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\casc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinctray.exe(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boincmgr.exe(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe() C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_7.24_windows_intelx86.exe(Space Sciences Laboratory) C:\Program Files (x86)\BOINC\Data\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe() C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe() C:\altera\13.0\qprogrammer\bin64\jtagserver.exe(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe() C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_um_7.24_windows_intelx86.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe() C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe(Microsoft Corporation) C:\Windows\System32\msiexec.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe(Motorola) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE(Palm) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\System32\PnkBstrA.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe(CA) C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe(RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe(rbolen70,Glenn1963) C:\WiRNS\WiRNS.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccEvtMgr.exe() C:\Program Files (x86)\BOINC\Data\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation__modified_fit_1.36_windows_x86_64__opencl_nvidia_101.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\ccprovep.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Total Defense, Inc.) C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)HKLM\...\Run: [cctray] => C:\Program Files\Total Defense\Internet Security Suite\casc.exe [2733576 2013-09-21] (Total Defense, Inc.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [73360 2014-02-27] (Space Sciences Laboratory)HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exeWinlogon\Notify\PFW-x32: UmxWnp.Dll [X]HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [FBackup 4] => [X]HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [] => [X]HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\boincmgr.exe [5885072 2014-02-27] (Space Sciences Laboratory)HKU\S-1-5-21-4283040996-3033618002-920699296-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-10-18] (Siber Systems)HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"AppInit_DLLs: UmxSbxExA64.dll => C:\Windows\system32\UmxSbxExA64.dll [171600 2011-02-28] (CA)AppInit_DLLs: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs => HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs File Not FoundAppInit_DLLs-x32: UmxSbxExw.dll => "UmxSbxExw.dll" File Not Found==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.passwird.com/URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No FileURLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No FileHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4283040996-3033618002-920699296-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}SearchScopes: HKCU - DefaultScope {99ED197B-139E-4CC0-8CB1-B71969B3047F} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}SearchScopes: HKCU - {43EF75EC-D86C-450A-8662-300D9166C332} URL = http://www.bing.com/search?q={searchTerms}&form=OSDSRCSearchScopes: HKCU - {4C9D1B42-C84E-4be6-9B9B-FC6C2D405271} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}SearchScopes: HKCU - {99ED197B-139E-4CC0-8CB1-B71969B3047F} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}SearchScopes: HKCU - {A7BFA6F1-B11A-4b4c-BE24-05E52CE2AEE2} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMBSearchScopes: HKCU - {F424DB34-2544-412C-8662-5815DEA1DE10} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)BHO: Total Defense Anti-Phishing Toolbar Helper -> {45011CF5-E4A9-4F13-9093-F30A784EB9B2} -> C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)BHO-x32: Total Defense Anti-Phishing Toolbar Helper -> {45011CF5-E4A9-4F13-9093-F30A784EB9B2} -> C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: No Name -> {89867A4A-BDEE-4259-964A-B8E87C4892F3} -> No FileBHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)Toolbar: HKLM - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)Toolbar: HKLM-x32 - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\toolbar\caIEToolbar.dll (Total Defense, Inc.)Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No FileToolbar: HKCU - Total Defense Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\toolbar\caIEToolbar.dll (Total Defense, Inc.)DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabDPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {28B66320-9687-4B13-8757-36F901887AB5} http://www.seehere.com/ips-opdata/layout/fujius02/objects/jordan-canvasx.cabDPF: HKLM-x32 {2FF8D282-F78A-4A33-ABC2-49E72A341482} http://riteaid.storefront.com/images/global/activex/SFImageUpload1_10.CABDPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cabDPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cabDPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cabDPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ra.vgt.net/dana-cached/sc/JuniperSetupClient.cabDPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cabHandler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileHandler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]ShellExecuteHooks-x32: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]Winsock: Catalog9 01 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9 02 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9 14 C:\Windows\SysWOW64\VetRedir.dll [97800] (Computer Associates International, Inc.)Winsock: Catalog9-x64 01 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Winsock: Catalog9-x64 02 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Winsock: Catalog9-x64 14 C:\Windows\system32\VetRedir64.dll [105992] (Computer Associates International, Inc.)Tcpip\Parameters: [DhcpNameServer] 205.171.203.226 205.171.2.226 192.168.1.1Tcpip\..\Interfaces\{4591C56C-AF49-49E9-BDBA-95DBC46C6A44}: [NameServer] 208.33.159.39,71.2.28.14FireFox:========FF ProfilePath: C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.defaultFF DefaultSearchEngine: SwagbucksFF SearchEngineOrder.1: Secure SearchFF SelectedSearchEngine: SwagbucksFF NetworkProxy: "no_proxies_on", "127.0.0.1"FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Lenny\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No FileFF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)FF SearchPlugin: C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\searchplugins\swagbucks.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xmlFF Extension: Garmin Communicator - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-21]FF Extension: Microsoft .NET Framework Assistant - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-06]FF Extension: DownloadHelper - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]FF Extension: Flash and Video Download - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-10-15]FF Extension: Torbutton - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2011-04-17]FF Extension: Distill Web Monitor (formerly AlertBox) - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\alertbox@ajitk.com.xpi [2012-05-21]FF Extension: Check4Change - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\check4change-owner@mozdev.org.xpi [2011-08-20]FF Extension: Exif Viewer - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2013-06-18]FF Extension: Adblock Plus - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]FF Extension: BetterPrivacy - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-08-20]FF Extension: DownThemAll! - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-01-29]FF Extension: Greasemonkey - C:\Users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\213dt8j0.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]FF HKLM-x32\...\Firefox\Extensions: [caaphishtoolbar@ca.com] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\FirefoxFF Extension: Total Defense Anti-Phishing Toolbar - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\Firefox [2014-01-07]FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\FirefoxFF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2009-11-02]FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\FirefoxChrome:=======Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTIONCHR Profile: C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Entanglement Web App) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-11]CHR Extension: (Angry Birds) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-05-11]CHR Extension: (United MileagePlus Shopping Assistant) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbcdijacbpcopcaejdbbnepdkljlckol [2013-03-09]CHR Extension: (SiteAdvisor) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-03-03]CHR Extension: (Total Defense Anti-Phishing Toolbar) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih [2014-04-04]CHR Extension: (Skype Click to Call) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-04]CHR Extension: (Poppit) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-11]CHR Extension: (Google Wallet) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-04]CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-04-04]CHR HKLM-x32\...\Chrome\Extension: [hpdpkkpdlooddakbebmkeeegehfjdnih] - C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\x86\Toolbar\GoogleChrome\td_aphish_toolbar.crx [2014-01-07]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-04-04]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-03-04] (Amazon.com) [File not signed]R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 CAAMSvc; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [313040 2014-01-07] (Total Defense, Inc.)R3 CaCCProvSP; C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe [367112 2013-09-21] (Total Defense, Inc.)R2 CAISafe; C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\isafe.exe [314888 2013-09-21] (Computer Associates International, Inc.)R2 ccSchedulerSVC; C:\Program Files\Total Defense\Internet Security Suite\ccschedulersvc.exe [288776 2013-09-21] (Total Defense, Inc.)R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2012-12-27] (Dassault Systèmes) [File not signed]R2 FBackup5Srv; C:\Program Files (x86)\Softland\FBackup 5\bService.exe [3095608 2014-06-23] (Softland)R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] () [File not signed]S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [File not signed]R2 JTAGServer; C:\altera\13.0\qprogrammer\bin64\jtagserver.exe [268800 2013-04-24] () [File not signed]R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2014-01-22] (LeapFrog Enterprises, Inc.) [File not signed]R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]R2 MotoConnect Service; C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [91392 2010-01-27] ()R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software)R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2012-10-30] (Nitro PDF Software)R2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [72192 2011-06-24] (Palm) [File not signed]R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-13] ()R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-12] ()S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)R2 UmxEngine; C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe [920656 2011-04-04] (CA)R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)R2 WiRNS.exe; C:\WiRNS\WiRNS.exe [147456 2011-10-25] (rbolen70,Glenn1963) [File not signed]R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-06-23] (X-Rite Inc.)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1101600 2010-03-23] (Ralink Technology Corp.)S3 AlteraUSBBlaster; C:\Windows\System32\drivers\usbblstr.sys [70480 2013-04-24] (FTDI Ltd.)R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.)R1 KmxAgent; C:\Windows\System32\DRIVERS\kmxagent.sys [113744 2011-10-26] (CA)R0 KmxAMRT; C:\Windows\System32\DRIVERS\KmxAMRT.sys [182352 2011-10-27] (Total Defense)R2 KmxCF; C:\Windows\System32\DRIVERS\KmxCF.sys [201936 2011-09-06] (CA)R1 KmxCfg; C:\Windows\System32\DRIVERS\kmxcfg.sys [365136 2011-09-06] (CA)R1 KmxFile; C:\Windows\System32\DRIVERS\KmxFile.sys [87120 2011-09-06] (CA)R1 KmxFilter; C:\Windows\System32\DRIVERS\KmxFilter.sys [99024 2011-09-06] (CA)R0 KmxFw; C:\Windows\System32\DRIVERS\kmxfw.sys [143824 2011-09-06] (CA)R2 KmxSbx; C:\Windows\System32\DRIVERS\KmxSbx.sys [81488 2011-09-06] (CA)S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-07-16] (McAfee, Inc.)S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-13] ()R1 NEOFLTR_710_17675; C:\Windows\system32\Drivers\NEOFLTR_710_17675.SYS [97912 2011-02-10] (Juniper Networks)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2010-12-28] ()R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2014-10-29] ()R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity)R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2014-07-11] (Nicomsoft Ltd.)R2 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [10240 2014-07-11] (Nicomsoft Ltd.) [File not signed]S3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 vserial; System32\DRIVERS\vserial.sys [X]==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2014-11-05 20:57 - 2014-11-05 21:01 - 00000000 ____D () C:\Users\Lenny\Desktop\FRST2014-11-05 20:56 - 2014-11-05 20:56 - 00000000 ___RD () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-05 20:23 - 2014-11-05 20:23 - 00099384 _____ () C:\Users\Lenny\AppData\Roaming\inst.exe2014-11-04 20:09 - 2014-11-04 20:09 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{2C08B549-ABDA-4097-A8A2-4E0375426559}2014-11-02 22:25 - 2014-11-02 22:25 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{47846622-8F3C-43CD-9944-A79B5BEA359D}2014-11-02 10:25 - 2014-11-02 10:25 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{74D39D9B-4417-4462-BB65-073B9294FE2A}2014-11-01 22:24 - 2014-11-01 22:24 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A49C0519-8258-4252-AFDB-346145CF1A26}2014-11-01 10:23 - 2014-11-01 10:23 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{24053101-2A8A-4B3B-889B-F41BB7489E0A}2014-11-01 10:21 - 2014-11-01 10:21 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{6B0F5714-6386-40F0-B679-ED1A58FA2678}2014-11-01 10:21 - 2014-11-01 10:21 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{5405A83B-43D4-4C48-96D9-A34835223BFA}2014-11-01 10:20 - 2014-11-01 10:20 - 00000000 ____D () C:\Users\Lenny\WebDownload2014-10-31 02:18 - 2014-10-31 02:18 - 00000406 _____ () C:\Windows\SysWOW64\2014-10-30 17:44 - 2014-10-30 17:44 - 00000841 _____ () C:\Users\Lenny\.recently-used.xbel2014-10-30 17:43 - 2014-11-05 21:01 - 00000000 ____D () C:\FRST2014-10-30 06:10 - 2014-10-30 06:10 - 00020038 _____ () C:\Users\Lenny\Desktop\RKreport_SCN_10302014_070941.log2014-10-29 23:12 - 2014-10-29 23:12 - 00001655 _____ () C:\Users\Lenny\Desktop\easyHDR 3.lnk2014-10-29 23:11 - 2014-10-29 23:11 - 22628864 _____ (SIMPARTEK - Bartlomiej Okonek) C:\Users\Lenny\Desktop\easyHDR_3040_setup-1.exe2014-10-29 22:15 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-10-29 22:13 - 2014-10-29 22:36 - 00000000 ____D () C:\AdwCleaner2014-10-29 22:10 - 2014-10-29 16:45 - 01375089 _____ () C:\Users\Lenny\Desktop\AdwCleaner.exe2014-10-29 21:55 - 2014-10-29 22:17 - 00542868 _____ () C:\MGlogs.zip2014-10-29 21:53 - 2014-10-29 21:54 - 00090966 _____ () C:\Users\Lenny\Desktop\HitmanPro_20141029_2253.log2014-10-29 21:52 - 2014-10-29 21:52 - 00090966 _____ () C:\Users\Lenny\Desktop\HitmanPro_20141029_2251.log2014-10-29 21:33 - 2014-10-29 21:33 - 00000000 ____D () C:\Program Files\HitmanPro2014-10-29 21:32 - 2014-10-29 21:54 - 00000000 ____D () C:\ProgramData\HitmanPro2014-10-29 21:29 - 2014-10-29 03:33 - 04163057 _____ () C:\Users\Lenny\Desktop\tdsskiller.zip2014-10-29 20:34 - 2014-10-29 20:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3EFF7018.sys2014-10-29 19:55 - 2014-10-29 20:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-29 19:55 - 2014-10-29 19:55 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-29 19:55 - 2014-10-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-29 19:55 - 2014-10-01 10:39 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-29 19:55 - 2014-10-01 10:39 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-29 19:55 - 2014-10-01 10:39 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-29 19:51 - 2014-10-29 19:51 - 00000000 _____ () C:\Windows\system32\Drivers\is-PP571.tmp2014-10-29 19:51 - 2014-10-29 19:51 - 00000000 _____ () C:\Windows\system32\Drivers\is-13G8P.tmp2014-10-29 19:50 - 2014-10-29 19:50 - 00000000 ____D () C:\Program Files (x86)\MB2014-10-29 19:47 - 2014-10-29 19:47 - 00021810 _____ () C:\Users\Lenny\Desktop\RKreport_SCN_10292014_204510.log2014-10-29 19:34 - 2014-10-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-29 18:24 - 2014-10-29 22:58 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys2014-10-29 18:24 - 2014-10-29 18:24 - 00000000 ____D () C:\ProgramData\RogueKiller2014-10-29 05:28 - 2014-10-29 05:28 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{6A8BF2E7-88D9-4A92-BFFD-15E779C83034}2014-10-29 05:24 - 2014-10-29 21:32 - 11222744 _____ (SurfRight B.V.) C:\Users\Lenny\Desktop\HitmanPro_x64.exe2014-10-29 05:24 - 2014-10-29 06:27 - 17526360 _____ () C:\Users\Lenny\Desktop\RogueKillerX64.exe2014-10-29 05:24 - 2014-10-28 07:31 - 01990574 _____ () C:\Users\Lenny\Desktop\MGtools.exe2014-10-29 05:24 - 2014-10-28 07:29 - 19828216 _____ (Malwarebytes Corporation ) C:\Users\Lenny\Desktop\MB.exe2014-10-28 17:00 - 2014-10-28 17:00 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Lenny\Desktop\TDSSKiller.exe2014-10-27 18:49 - 2014-10-27 18:50 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{354684CC-FF9C-4517-B2D1-D1B48BE67808}2014-10-27 18:09 - 2014-10-27 18:09 - 00000000 ____D () C:\SUPERDelete2014-10-27 18:08 - 2014-10-27 18:08 - 01055936 _____ (Adobe) C:\Users\Lenny\Downloads\install_flashplayer15x32axau_mssd_aaa_aih.exe2014-10-23 20:17 - 2014-10-23 20:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{B715B83C-02EC-45DB-B84E-DFDDAC19BA0F}2014-10-23 19:08 - 2014-10-23 19:21 - 00000000 ____D () C:\Users\Lenny\Desktop\Trip_to_PA2014-10-23 08:17 - 2014-10-23 08:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{D22C1FC4-E5D2-4230-BAB5-A01666AB356D}2014-10-22 20:17 - 2014-10-22 20:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{C10A6334-87FC-48C7-88D6-4182DD51AF40}2014-10-22 16:12 - 2014-11-05 20:56 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}2014-10-22 08:16 - 2014-10-22 08:16 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{3C6B4BC4-7A05-4C86-B547-F756F41C4D41}2014-10-21 20:15 - 2014-10-21 20:15 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A0FB0FB9-D303-424E-8CC6-A20819CF1A23}2014-10-20 19:20 - 2014-10-20 19:20 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{B3C373A8-EA6B-435C-A671-9ADAEE81E856}2014-10-20 19:15 - 2014-10-20 19:19 - 00000000 ____D () C:\Users\Lenny\Desktop\Leaf2014-10-18 17:17 - 2014-10-29 05:36 - 00009306 _____ () C:\Users\Lenny\Desktop\mousehunt.xlsx2014-10-18 17:17 - 2014-10-23 05:57 - 00000165 ____H () C:\Users\Lenny\Desktop\~$mousehunt.xlsx2014-10-18 16:05 - 2014-10-18 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-10-18 07:36 - 2014-10-18 07:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{90F43029-6C4E-47AB-97F2-72CFDE38B9DC}2014-10-16 14:28 - 2014-10-16 14:28 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{DA4CB2AF-FC67-4706-B3D2-61DA188571E9}2014-10-16 07:51 - 2014-10-16 07:51 - 00000000 ____D () C:\Program Files (x86)\Java2014-10-16 06:48 - 2014-10-16 06:48 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{CC19ECC4-FC46-4C25-B855-AE9F4C0775DD}2014-10-16 02:53 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-10-16 02:53 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2014-10-16 02:53 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-10-16 02:53 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-16 02:53 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-16 02:53 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-16 02:53 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-16 02:53 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-16 02:53 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-16 02:53 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-16 02:53 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-16 02:53 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-16 02:53 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-10-16 02:53 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-10-16 02:53 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-16 02:53 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-16 02:53 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-16 02:53 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-10-16 02:53 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-10-16 02:53 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-16 02:53 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-16 02:53 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-10-16 02:53 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-10-16 02:53 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-10-16 02:53 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-10-16 02:53 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-16 02:53 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-16 02:53 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-10-16 02:53 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-10-16 02:53 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-10-16 02:53 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-10-16 02:53 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-10-16 02:53 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-10-16 02:53 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-10-16 02:53 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-16 02:53 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-16 02:53 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-16 02:53 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-16 02:53 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-10-16 02:53 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-10-16 02:53 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-10-16 02:53 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-10-16 02:53 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-10-16 02:53 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-16 02:53 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-16 02:53 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-10-16 02:53 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-10-16 02:53 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-16 02:53 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-10-16 02:53 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-16 02:53 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-10-16 02:53 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-16 02:53 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-16 02:53 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-16 02:53 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-16 02:53 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-16 02:53 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll2014-10-16 02:53 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll2014-10-16 02:53 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll2014-10-16 02:52 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-10-16 02:52 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-10-16 02:52 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-16 02:52 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-16 02:52 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-10-16 02:52 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-10-16 02:52 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-10-16 02:52 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll2014-10-16 02:52 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-10-16 02:52 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-10-16 02:52 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys2014-10-16 02:52 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2014-10-16 02:51 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-16 02:51 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-16 02:51 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-16 02:51 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-15 21:29 - 2014-10-15 21:29 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{BFB0C2EB-910C-4970-8272-F4FEA4DDD019}2014-10-15 21:06 - 2006-08-04 16:43 - 00073728 _____ (brother) C:\Windows\SysWOW64\BRWEBUP.EXE2014-10-15 21:06 - 2006-08-03 12:14 - 00090112 _____ (brother) C:\Windows\SysWOW64\BrWebIns.dll2014-10-15 21:01 - 2014-10-15 21:04 - 187666696 _____ (A.I.SOFT,INC.) C:\Users\Lenny\Downloads\Y09A_C1-inst-win78-C1-enus.EXE2014-10-15 19:51 - 2014-10-16 10:59 - 00000000 ____D () C:\Users\Lenny\Desktop\Bee_Kindergarten2014-10-15 06:09 - 2014-10-15 06:09 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{BF14A88F-1373-43C1-B7CA-93F048458C6A}2014-10-14 18:54 - 2014-10-14 18:54 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{0BC76CD6-5A34-4367-9FC7-D083570E06B1}2014-10-14 05:26 - 2014-10-14 05:26 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{9DAD0DB5-5680-43B0-A6F5-2FB29BAD0D91}2014-10-11 12:20 - 2014-10-11 12:20 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{A22F6CCE-A734-4F3F-AE49-8F04FC47C3A0}2014-10-10 05:17 - 2014-10-10 05:17 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{E202DD03-6171-4624-B6EE-863D3A92CC6C}2014-10-08 19:35 - 2014-10-08 19:37 - 00000000 ____D () C:\Users\Lenny\Desktop\pic2014-10-07 19:12 - 2014-10-07 19:12 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{D55BCDBB-AD34-44CE-9EE3-FF3EC7450A6F}2014-10-06 06:05 - 2014-10-06 06:05 - 00000000 ____D () C:\Users\Lenny\AppData\Local\{7BD6C676-F0D7-4977-AE40-DF98AF17BE9E}==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2014-11-05 21:08 - 2011-03-08 21:11 - 01967115 _____ () C:\Windows\WindowsUpdate.log2014-11-05 21:05 - 2009-07-14 00:13 - 00888424 _____ () C:\Windows\system32\PerfStringBackup.INI2014-11-05 21:01 - 2011-02-04 21:05 - 00000000 ____D () C:\WiRNS2014-11-05 20:58 - 2012-06-14 02:36 - 00147414 _____ () C:\Windows\setupact.log2014-11-05 20:57 - 2012-08-19 15:20 - 00000000 ____D () C:\ProgramData\Kodak2014-11-05 20:57 - 2009-12-25 21:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-11-05 20:56 - 2014-08-17 09:14 - 00001296 ____H () C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.job2014-11-05 20:56 - 2011-01-20 10:35 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini2014-11-05 20:56 - 2009-11-01 19:59 - 00153368 _____ () C:\Users\Lenny\AppData\Local\GDIPFONTCACHEV1.DAT2014-11-05 20:56 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-11-05 20:55 - 2012-06-14 02:35 - 01018372 _____ () C:\Windows\PFRO.log2014-11-05 20:55 - 2009-11-01 21:55 - 00000000 ____D () C:\ProgramData\NVIDIA2014-11-05 20:55 - 2009-11-01 21:18 - 00000000 ____D () C:\Program Files (x86)\Creative2014-11-05 20:51 - 2011-05-19 18:41 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Digiarty2014-11-05 20:51 - 2009-11-21 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty2014-11-05 20:50 - 2009-11-21 07:44 - 00000000 ____D () C:\Program Files (x86)\Digiarty2014-11-05 20:49 - 2010-10-21 04:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WonderFox Soft2014-11-05 20:49 - 2010-10-21 04:42 - 00000000 ____D () C:\Program Files\WonderFox Soft2014-11-05 20:40 - 2012-09-25 18:56 - 00000000 ____D () C:\Program Files\PixInsight2014-11-05 20:34 - 2011-12-27 20:55 - 00000000 ____D () C:\Program Files (x86)\Moo02014-11-05 20:33 - 2009-11-13 20:50 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2014-11-05 20:33 - 2009-11-13 20:28 - 00000000 ____D () C:\Program Files (x86)\Steam2014-11-05 20:30 - 2010-07-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Smart Projects2014-11-05 20:28 - 2014-01-07 18:14 - 00000000 ____D () C:\Program Files (x86)\CA2014-11-05 20:26 - 2009-11-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON2014-11-05 20:24 - 2009-12-12 14:39 - 00000000 ____D () C:\Users\Lenny\AppData\Local\NeoSmart_Technologies2014-11-05 20:24 - 2009-12-12 14:36 - 00000000 ____D () C:\Program Files (x86)\NeoSmart Technologies2014-11-05 20:23 - 2013-12-25 08:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink2014-11-05 20:23 - 2009-12-28 06:41 - 00000033 _____ () C:\Users\Lenny\AppData\Roaming\pcouffin.log2014-11-05 20:23 - 2009-12-28 06:40 - 00082816 _____ (VSO Software) C:\Users\Lenny\AppData\Roaming\pcouffin.sys2014-11-05 20:23 - 2009-12-28 06:40 - 00007859 _____ () C:\Users\Lenny\AppData\Roaming\pcouffin.cat2014-11-05 20:23 - 2009-12-28 06:40 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Vso2014-11-05 20:22 - 2013-12-25 08:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 42014-11-05 20:19 - 2009-12-20 14:23 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Creative2014-11-05 20:16 - 2010-05-23 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core FTP2014-11-05 20:15 - 2009-11-01 21:47 - 00000000 ____D () C:\ProgramData\Creative2014-11-05 20:11 - 2013-03-02 07:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour2014-11-05 20:04 - 2009-07-13 23:45 - 00504024 _____ () C:\Windows\system32\FNTCACHE.DAT2014-11-05 20:01 - 2014-01-07 20:23 - 02713117 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k02014-11-05 20:01 - 2014-01-07 20:23 - 00552676 _____ () C:\Windows\system32\Drivers\KmxAgent.asc2014-11-05 20:01 - 2014-01-07 20:23 - 00000679 _____ () C:\Windows\system32\Drivers\kmxzone.u2k02014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k72014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k62014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k52014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k42014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k32014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k22014-11-05 20:01 - 2014-01-07 20:23 - 00000085 _____ () C:\Windows\system32\Drivers\kmxcfg.u2k12014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k72014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k62014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k52014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k42014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k32014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k22014-11-05 20:01 - 2014-01-07 20:23 - 00000049 _____ () C:\Windows\system32\Drivers\kmxzone.u2k12014-11-05 20:01 - 2013-07-31 22:57 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core.job2014-11-05 19:55 - 2011-02-26 20:53 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Apple2014-11-05 19:51 - 2009-12-25 21:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-11-05 19:46 - 2010-01-25 19:11 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-11-05 19:45 - 2009-11-01 20:23 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Adobe2014-11-05 19:25 - 2014-08-29 05:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Adobe2014-11-05 08:00 - 2014-08-17 09:13 - 00000388 _____ () C:\Windows\Tasks\X-Rite Device Services Software Updater.job2014-11-04 20:22 - 2014-05-07 05:24 - 00287232 ___SH () C:\Users\Lenny\Desktop\Thumbs.db2014-11-04 19:40 - 2011-04-30 20:03 - 00000000 ____D () C:\temp2014-11-04 19:27 - 2009-07-13 21:34 - 00000626 _____ () C:\Windows\win.ini2014-11-04 19:20 - 2009-07-13 23:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-11-04 19:20 - 2009-07-13 23:45 - 00013808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-11-01 10:20 - 2009-11-01 19:57 - 00000000 ____D () C:\Users\Lenny2014-10-30 17:44 - 2011-04-30 20:04 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\gtk-2.02014-10-30 17:44 - 2011-04-30 20:03 - 00000000 ____D () C:\Users\Lenny\.gimp-2.62014-10-30 14:16 - 2014-01-18 11:53 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Deployment2014-10-30 06:25 - 2009-11-01 20:14 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-10-29 23:12 - 2013-07-28 06:44 - 00000000 ____D () C:\Users\Lenny\easyHDR 32014-10-29 23:12 - 2013-07-28 06:44 - 00000000 ____D () C:\Program Files\easyHDR 32014-10-29 23:09 - 2014-10-01 22:31 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Anvsoft2014-10-29 22:47 - 2014-01-15 17:42 - 00000000 ___RD () C:\Users\Lenny\Dropbox2014-10-29 22:47 - 2010-04-21 18:54 - 00000341 _____ () C:\Windows\Brownie.ini2014-10-29 22:47 - 2010-03-26 19:44 - 00000000 ____D () C:\Windows\pss2014-10-29 22:47 - 2009-11-24 22:36 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Eraser2014-10-29 22:45 - 2014-01-15 17:40 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Dropbox2014-10-29 22:17 - 2008-12-04 21:09 - 00000000 ____D () C:\MGtools2014-10-29 21:59 - 2009-11-18 16:56 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Skype2014-10-29 21:28 - 2014-04-09 05:48 - 00000000 ____D () C:\Users\Lenny\Desktop\Cleanup2014-10-29 21:27 - 2011-01-20 10:33 - 00000000 ____D () C:\Users\Lenny\AppData\Local\CrashDumps2014-10-29 19:34 - 2010-11-13 08:40 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-29 06:20 - 2014-01-18 07:01 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Media Player Classic2014-10-29 06:03 - 2014-01-15 17:41 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-10-29 05:58 - 2013-06-13 19:08 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Akamai2014-10-29 05:46 - 2009-12-25 21:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-10-29 05:46 - 2009-12-25 21:29 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-10-29 05:39 - 2012-04-25 04:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-10-29 05:28 - 2014-02-13 19:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-10-28 06:02 - 2012-10-10 21:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\dvdcss2014-10-27 18:09 - 2013-01-20 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons2014-10-24 04:35 - 2013-07-31 22:57 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA2014-10-24 04:35 - 2013-07-31 22:57 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core2014-10-24 04:35 - 2013-07-31 22:57 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA.job2014-10-23 19:12 - 2014-10-04 15:43 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Media Converter2014-10-23 19:06 - 2010-04-21 06:43 - 00000000 ____D () C:\Users\Lenny\AppData\Local\Nero2014-10-22 18:32 - 2011-02-22 20:14 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-10-18 17:05 - 2012-04-07 07:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-10-18 17:05 - 2011-05-24 19:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-10-18 16:52 - 2009-11-11 07:03 - 00000000 ____D () C:\Program Files (x86)\BOINC2014-10-18 16:05 - 2010-11-25 18:25 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-10-18 16:05 - 2009-11-18 16:55 - 00000000 ____D () C:\ProgramData\Skype2014-10-18 06:50 - 2011-05-11 20:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\RoboForm2014-10-18 06:49 - 2011-06-20 21:31 - 00004208 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm2014-10-18 06:48 - 2011-11-25 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm2014-10-18 06:48 - 2009-11-02 19:55 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon2014-10-18 06:47 - 2014-04-27 06:06 - 16254368 _____ (Siber Systems) C:\Users\Lenny\Desktop\RoboForm-Setup-cnetc.exe2014-10-16 11:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache2014-10-16 07:54 - 2013-10-26 08:16 - 00000000 ____D () C:\ProgramData\Oracle2014-10-16 07:52 - 2014-06-28 06:22 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-10-16 07:52 - 2014-06-28 06:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-10-16 07:10 - 2014-05-06 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-10-16 07:06 - 2009-11-18 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-10-16 07:01 - 2013-08-14 02:01 - 00000000 ____D () C:\Windows\system32\MRT2014-10-16 06:50 - 2009-11-01 21:53 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-10-15 21:06 - 2010-04-21 18:55 - 00000000 ____D () C:\Program Files (x86)\Brownie2014-10-15 21:06 - 2009-11-01 21:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-10-15 20:59 - 2010-04-21 18:55 - 00000426 _____ () C:\Windows\BRWMARK.INI2014-10-15 19:09 - 2012-11-28 20:14 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\PrimoPDF2014-10-12 02:03 - 2011-05-19 19:25 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI2014-10-09 15:44 - 2012-10-30 19:23 - 00000000 ___RD () C:\Users\Lenny\Documents\RocketLifeNetwork2014-10-09 15:43 - 2014-10-02 08:20 - 00002059 _____ () C:\Users\Lenny\Desktop\PrintProjects.lnk2014-10-09 15:43 - 2014-10-02 08:20 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\PrintProjects2014-10-09 15:43 - 2014-10-02 08:20 - 00000000 ____D () C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintProjects2014-10-07 09:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDFFiles to move or delete:====================C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.jobSome content of TEMP:====================C:\Users\Lenny\AppData\Local\Temp\dllnt_dump.dllC:\Users\Lenny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6ckm5e.dllC:\Users\Lenny\AppData\Local\Temp\DVMu.dllC:\Users\Lenny\AppData\Local\Temp\JREInstall??2.exeC:\Users\Lenny\AppData\Local\Temp\NEventMessages.dllC:\Users\Lenny\AppData\Local\Temp\NOSEventMessages.dllC:\Users\Lenny\AppData\Local\Temp\nv3DVStreaming.dllC:\Users\Lenny\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Lenny\AppData\Local\Temp\nvStereoApiI.dllC:\Users\Lenny\AppData\Local\Temp\nvStInst.exeC:\Users\Lenny\AppData\Local\Temp\Quarantine.exeC:\Users\Lenny\AppData\Local\Temp\SkypeSetup.exeC:\Users\Lenny\AppData\Local\Temp\sonarinst.exe==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2014-10-27 07:11==================== End Of Log ============================ Link to post Share on other sites More sharing options...
centre Posted November 6, 2014 Author ID:903396 Share Posted November 6, 2014 Oops...I pasted the same thing twice. sorry. The real addition.txt is below. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014Ran by Lenny at 2014-11-05 21:13:09Running from C:\Users\Lenny\Desktop\FRSTBoot Mode: Normal============================================================================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}AV: Total Defense Anti-Virus (Disabled - Up to date) {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}AS: Total Defense Anti-Virus (Disabled - Up to date) {ECD425A9-8C8F-D447-4EAB-6F599E267857}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Total Defense Personal Firewall (Disabled) {6F8E4568-E0DA-DA91-5F44-FD1E1B727591}==================== Installed Programs ======================(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)3ivx MPEG-4 5.0.3 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)Advanced Uninstaller PRO - Version 11 (HKLM-x32\...\AU11_is1) (Version: 11 - Innovative Solutions)aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hiddenaioscnnr (x32 Version: 6.2.3.10 - Your Company Name) Hiddenaioscnnr (x32 Version: 7.6.13.10 - Your Company Name) HiddenAkamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)Amazon Cloud Drive (HKLM-x32\...\{66209054-3985-4125-B0CB-C69F75D2F0D9}) (Version: 1.10.00.0 - Amazon.com)Amazon Kindle For PC v1.1 (HKCU\...\Amazon Kindle For PC) (Version: - )Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.0.0 - Amazon Services LLC)Amazon Music Importer (x32 Version: 2.0.0 - Amazon Services LLC) HiddenAmazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.1.0.124 - Amazon.com)Amazon Unbox Video (x32 Version: 2.1.0.124 - Amazon.com) HiddenANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) HiddenAnti-Virus (Version: 3.2.0.48 - Total Defense, Inc.) HiddenAPH placeholder (Version: - ) HiddenAssassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )Atmel ARM GNU Toolchain (HKLM-x32\...\{2FD611C3-3CB4-4270-A707-599534207327}) (Version: 4.7.3.1029 - Atmel)Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{6C145A91-14F2-4135-88CD-A9ADC2D20769}) (Version: 3.4.2.1002 - Atmel)Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{27BF4D30-8C2D-4C9E-934B-B20CC2C56A4F}) (Version: 3.4.2.1002 - Atmel)Atmel Studio 6.1 (HKLM-x32\...\{71D5A296-D77E-4BC5-BB75-12AD20001A61}) (Version: 6.1.2730 - Atmel)Atmel USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 11.5 - Atmel)AtmelSoftwareFramework (HKLM-x32\...\{12B00B9E-5C2C-48CB-B79A-10BA40E87198}) (Version: 3.8.900 - Atmel)Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.7 - Autodesk, Inc.)AVR macro Assembler (HKLM-x32\...\{9BD4DB0C-954E-4098-AFC1-7B1A23B4A7FD}) (Version: 2.1.39.1005 - Atmel)Back to the Future The Game - Episode 1 (HKLM-x32\...\Episode 1) (Version: 1.0.0.0 - Telltale Games)Batman: Arkham City™ PC (HKLM-x32\...\Steam App 57400) (Version: - Rocksteady)Batman: Arkham City™ PC (HKLM-x32\...\Steam App 57419) (Version: - )Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)Battlefield 2 (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version: - )Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)Battlefield 3™ Open Beta (HKLM-x32\...\{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}) (Version: 1.0.0.0 - Electronic Arts)Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)BF3 Settings Editor (HKLM\...\{0122EDA0-52FC-4EC2-9A31-A2A757A7D40E}) (Version: 2.3 - Realmware)Bitcoin (HKCU\...\Bitcoin) (Version: 0.8.1 - Bitcoin project)Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)BOINC (HKLM\...\{D0183F8F-46BB-409F-9CD7-FB43F1A4279B}) (Version: 7.2.42 - Space Sciences Laboratory, U.C. Berkeley)Brother HL-5370DW (HKLM-x32\...\{39380C40-936E-4CD5-B13C-88607B05A9E0}) (Version: 1.00 - Brother)C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) HiddenCall of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) HiddenCanon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )Canon Utilities Digital Photo Professional 3.11 (HKLM-x32\...\DPP) (Version: 3.11.1.0 - Canon Inc.)Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.11.4.0 - Canon Inc.)Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.)Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)center (x32 Version: 7.7.2.0 - Eastman Kodak Company) HiddenCisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11006.1 - Cisco Consumer Products LLC)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDark Master version 1.11 (HKLM-x32\...\{3AE0F5B6-A61A-49C6-9B73-C1B5E5199BE6}_is1) (Version: 1.11 - DarkMaster Software)DeepSkyStacker (HKLM-x32\...\{18435829-4E75-4CD1-9796-A62DBBAE2ED7}) (Version: 3.2.0 - )doPDF 7.1 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)DraftSight x64 (HKLM\...\{3B12A1AA-A3FB-4047-9520-A8584425FF8F}) (Version: 10.1.1069 - Dassault Systemes)Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)easyHDR 3 (HKLM\...\easyHDR 3) (Version: 3.4.0 - SIMPARTEK - Bartlomiej Okonek)easyHDR PRO 2 (HKLM-x32\...\easyHDR_PRO_2) (Version: 2.30.4 - SIMPARTEK - Bartlomiej Okonek)Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenEraser 5.8.7 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.7 - The Eraser Project)erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hiddenessentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) HiddenFBackup 5 (x32 Version: 5.0.483 - Softland) HiddenFBackup 5.0 (HKLM-x32\...\{88b6269d-63a1-42ce-8bb8-e11b87f2a2e6}) (Version: 5.0.483.0 - Softland)FlipShare (HKLM-x32\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video)Garmin City Navigator North America NT 2014.40 Update (HKLM-x32\...\{82B42DF2-2ECF-4C4B-B939-A275664028E2}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries)Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenGarmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) HiddenGarmin MapInstall (HKLM-x32\...\{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)Garmin WebUpdater (HKLM-x32\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.21.000 - Runtime Software)GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.3.3.1 - GitHub, Inc.)GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 8.1.5.7 - Siber Systems)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)Google Earth (HKLM-x32\...\{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}) (Version: 7.1.1.1580 - Google)Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) HiddenHard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)HD Tune Pro 4.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) HiddenHi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 1.5.6 - X-Rite)ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)iDEN Phonebook Manager (HKLM-x32\...\{67EC0571-4B4E-40C2-8A81-8C1B02D87DB0}) (Version: - )Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) HiddenImage Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)Img2CAD 7.1 (HKLM-x32\...\Img2CAD_is1) (Version: - Img2CAD, Inc.)Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 19079) (Version: 19079 - Intel)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)Jaikoz (64-bit) 6.1.1 (HKLM\...\Jaikoz (64-bit) 6.1.1) (Version: 6.1.1 - )Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)Juniper Networks Network Connect 6.5.0 (HKLM-x32\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.14599 - Juniper Networks)Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.17675 - Juniper Networks)Juniper Networks Secure Application Manager (HKLM-x32\...\Neoteris_Secure_Application_Manager) (Version: 7.1.0.17675 - Juniper Networks)Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.0.9667 - Juniper Networks, Inc.)Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 7.1.0.17675 - Juniper Networks)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenKiCad 2013.03.15 (HKLM-x32\...\KiCad) (Version: 2013.03.15 - )Kid-Tough Digital Studio Software (HKLM-x32\...\InstallShield_{64591C5E-D559-4F61-AA91-8051B86E459D}) (Version: 1.0.0.9 - Fisher-Price)Kid-Tough Digital Studio Software (x32 Version: 1.0.0.9 - Fisher-Price) HiddenKodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) HiddenKODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.3.0.18537 - LeapFrog)LeapFrog Connect (x32 Version: 5.3.0.18537 - LeapFrog) HiddenLeapFrog LeapPad Explorer Plugin (x32 Version: 5.2.1.18456 - LeapFrog) HiddenLeapFrog My Pals Plugin (x32 Version: 5.1.26.18340 - LeapFrog) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)LWS VideoEffects (Version: 13.30.1379.0 - Logitech) HiddenMalwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)Medal of Honor (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ)Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM-x32\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation)Microsoft F# Runtime for Silverlight 4 (HKLM-x32\...\{27B6D024-FD7E-4A88-BC17-5AFBE33EC072}) (Version: 2.0.0.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)Microsoft Silverlight Tools for Visual Studio 2010 (HKLM-x32\...\{558358E5-E4F3-4374-BA1D-26FF39EF87D9}) (Version: 10.0.30319.400 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)Microsoft Visual Web Developer 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Web Developer 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Web Platform Installer 3.0 (HKLM\...\{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}) (Version: 3.0.5 - Microsoft Corporation)Mosaic Creator 3.1 (HKLM-x32\...\Mosaic Creator_is1) (Version: - )Motorola Driver Installation 4.5.0 (HKLM\...\{9E61C67F-DFEC-466D-9478-56F3E36D1F31}) (Version: 4.5.0 - Motorola Inc.)Motorola Phone Tools (HKLM-x32\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software)Motorola Phone Tools (x32 Version: 4.30 - BVRP Software) HiddenMotorola Phone Tools (x32 Version: 5.00 - BVRP Software) HiddenMozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) HiddenMSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) HiddenMSVC90_x64 (Version: 1.0.1.0 - Nokia) HiddenMSVC90_x64 (Version: 1.0.1.2 - Nokia) HiddenMSVC90_x86 (x32 Version: 1.0.1.0 - Nokia) HiddenMSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)NexRemote (HKLM-x32\...\NexRemote) (Version: 1.6.14 - Celestron)Nitro Pro 8 (HKLM\...\{1FE32237-FC1F-4E8B-A385-5A748C8E6FDA}) (Version: 8.5.3.14 - Nitro)Nitro Reader 3 (HKLM\...\{3C1F302A-CC25-488D-9C24-A76B95BC916F}) (Version: 3.0.6.3 - Nitro)Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)Nokia Ovi Player (HKLM-x32\...\{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}) (Version: 2.1.11020 - Nokia Ovi Player)Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) HiddenNokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)Nokia Suite (x32 Version: 3.8.48.0 - Nokia) HiddenNokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{E4423F16-0E98-4855-BFF4-3EF016C55D67}) (Version: 2.7.16 - Nokia)Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.76 - Palm, Inc.)NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) HiddenOpenAL (HKLM-x32\...\OpenAL) (Version: - )OpenOffice.org 3.1 (HKLM-x32\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)PHD Guiding 1.13.0 (HKLM-x32\...\PHD Guiding_is1) (Version: - Stark Labs)Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)Pinnacle Studio 15 Ultimate Plugins (HKLM-x32\...\{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}) (Version: 15.0.0.7593 - Pinnacle Systems)Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)PIPP 2.2.8 (HKLM-x32\...\PIPP) (Version: 2.2.8 - Chris Garry)PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) HiddenPrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)PrintProjects (HKCU\...\PrintProjects) (Version: 1.0.0.15322 - RocketLife Inc.)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)Quartus II Programmer and SignalTap II 13.0.0.156 (HKLM-x32\...\Quartus II Programmer and SignalTap II 13.0.0.156) (Version: 13.0 - Altera Corporation)QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)RegiStax 6 (HKCU\...\RegiStax 6) (Version: - )RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version: - )Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) HiddenRivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)RoboForm 7-9-10-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-10-1 - Siber Systems)Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) HiddenSid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)SleepyHead version 0.9.1 beta (HKLM-x32\...\{DE2F7052-404D-4848-AB11-7CC100FD9680}_is1) (Version: 0.9.1 beta - Mark Watkins)Snagit 10.0.1 (HKLM-x32\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) HiddenSql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) HiddenStarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.3.6.19269 - Blizzard Entertainment)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTeam Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)Total Defense Internet Security Suite (HKLM\...\eTrust Suite Personal) (Version: 9.0.0.26 - Total Defense, Inc.)Tribes Ascend Closed Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 0.1.760.0 - Hi-Rez Studios)TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version: - Intuit, Inc)TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog)Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version: - LeapFrog)ViewMate 11.6 (HKLM-x32\...\{2ECE7AA7-F042-4478-B576-AE5AE7BD3943}) (Version: 11.6.6 - PentaLogix)Visual Micro for Arduino (HKLM-x32\...\{BDCB3A20-E2DF-4A8E-8AD8-0639AB293A6F}) (Version: 14.01.2601 - Visual Micro Limited)VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)WCF RIA Services V1.0 for Visual Studio 2010 (HKLM-x32\...\{8FFC6175-D2C5-4FA7-91E8-E2A9431A5CDA}) (Version: 4.0.50506.0 - Microsoft Corporation)WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm)Windows Driver Package - Segger (jlink) USB (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)Windows Driver Package - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)Wings 3D 1.4.1 (HKLM-x32\...\Wings 3D 1.4.1) (Version: - )WiRNS (HKLM-x32\...\{0EF33776-AE44-4FBE-8BAC-98FACA739983}) (Version: 2.1.0.0 - WiRNS)XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)X-Rite Device Services Manager (HKLM-x32\...\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}) (Version: 2.3.82 - X-Rite)==================== Custom CLSID (selected items): ==========================(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {1F1AA503-9468-D082-5535-6BEE85889A47} No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {475BDE4F-9468-D082-194E-2AB685889A47} No FileCustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lenny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\advpack.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-4283040996-3033618002-920699296-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)==================== Restore Points =========================30-10-2014 02:52:07 Checkpoint by HitmanPro31-10-2014 04:01:31 Windows Update03-11-2014 11:42:22 Windows Update==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2009-07-13 21:34 - 2014-10-29 05:56 - 00000882 ____A C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)Task: {0A883350-6B37-4A57-A122-2C4CA58E59E6} - System32\Tasks\{F31E2A43-DBE4-4B44-8823-3BD64064D417} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {0C47DEF2-B810-4982-A819-D0E736053F15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)Task: {11515034-5FAE-4FA1-9803-A55A2D84B879} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJJJLJIMMJKMLJCNHMGMIMJMCNLMKMLJNJCNOJOJJJKMCNHMLMJJMMHMKJJJOJNMGMIMKJJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMOMNMKMHMJNHICMMJBJKJLIMJJNBJCMDLKJBJPNMKAJGJEJOJJNKJCMDJKJMIOMKMKMPLOJLJKJDJPIHJGJOJBNBJKJLIJNNICMJNDJCMKJBJJNMJCMMMFMMMIMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"Task: {1939E97F-4A51-47FD-A121-7E84A7266CEF} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()Task: {24145344-EB5E-41CB-9845-82776D0C72AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)Task: {25A8646D-E675-4E97-878F-D5C6E77AB83E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-10-18] (Siber Systems)Task: {2E85F4EB-D0E7-4327-B775-2A34AD2CBBBF} - System32\Tasks\{E28D1454-4CC4-400F-BEC2-C7C90805E9A3} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {35289D93-5AAD-4E01-944C-7A8DAAE7A2D0} - System32\Tasks\{4F03601B-6DAE-4DFF-A58D-60F5E859FC4B} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {40392C99-D2F9-4275-9AF0-2338B7D1FABC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)Task: {4801DB27-C14F-4B71-90EF-D7541ADA402F} - System32\Tasks\{1EA864DD-CE1D-47B9-BA74-67A44A530C94} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {4F20E07A-2CE9-40A0-9D9D-09FD994BEDAF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackupTask: {557A5ADA-86FD-49DC-8C32-C8A91BA500D6} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJMJJJLJIMMJKMLJCNHMGMIMJMCNLMKMLJNJCNOJOJJJKMCNHMLMJJMMHMKJJJOJNMGMIMKJJNJICMIMCNNMCNGMFMHMCNPMCNIMJMPMOMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMDLKJBJPNMKAJGJEJOJJNKJCMDJKJMIOMKMKMPLOJLJKJDJPIHJGJOJBNBJKJLIJNNICMJNDJCMKJBJ"Task: {7097FB6F-4358-45B6-A549-FD9D6F6CB27D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()Task: {7836029C-9435-4880-A511-94D39FB11B0A} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-06-23] (X-Rite Inc.)Task: {79BB4263-C232-43FC-939F-1C1AE01D53E7} - System32\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97} => C:\Users\Lenny\AppData\Local\Temp\is-67VLK.tmp\XRD Manager.exe <==== ATTENTIONTask: {7A855573-CDAA-4F44-90A2-6DE2CF1F88C6} - System32\Tasks\{FCC88699-3DF0-493C-9A95-0A118CAB5AEA} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)Task: {829C0F1F-953E-4970-A434-48B1EBDEB10C} - System32\Tasks\{4E3B5BB3-B791-4EC5-8CBF-915C7950BB8C} => Iexplore.exe http://ui.skype.com/ui/0/4.1.0.179/en/abandoninstall?source=lightinstaller&page=tsChrome&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:offered-installedTask: {8FE48A90-8A66-4E80-A49B-7EBF69B27EF3} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)Task: {928BD26C-B2EC-4A92-9046-D7B052BC9C19} - System32\Tasks\{B30645DC-3E7C-4A26-855B-22486C774D04} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {A1B75668-3580-407A-881A-3939D495136F} - System32\Tasks\{9625D193-BFAF-434D-9E49-20CA5BD2A12D} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {CD46A49E-96FC-4C7E-AC73-6DD2E7C5481C} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe [2014-10-18] (Siber Systems)Task: {CE96590B-32EF-471F-8112-69FF80DA9333} - System32\Tasks\{7B4F7486-CFE8-49B3-8D37-34CEF3930303} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {E3657384-BA11-4DFF-9406-5C74BEEB70BE} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Lenny => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-01-19] (H.D.S. Hungary) <==== ATTENTIONTask: {E7542C65-4F6B-497D-A8A2-193028CD59F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)Task: {F1FBD307-F4C4-4A55-81C4-A1E7442BE226} - System32\Tasks\{BC1E5E40-767B-474C-B47F-13E665A1D7BF} => C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exeTask: {F44D5E07-CCAE-4E8C-84D5-871C14B77888} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001Core.job => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4283040996-3033618002-920699296-1001UA.job => C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exeTask: C:\Windows\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}.job => C:\Users\Lenny\AppData\Local\Temp\is-67VLK.tmp\XRD Manager.exe==================== Loaded Modules (whitelisted) =============2014-06-28 09:49 - 2014-07-02 13:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2012-11-28 20:14 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll2014-05-06 04:49 - 2014-04-11 13:40 - 00736450 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll2014-01-07 18:12 - 2012-06-16 09:31 - 01128448 ____R () C:\Program Files\Total Defense\Internet Security Suite\log4cplusU.dll2012-12-27 13:59 - 2012-12-27 13:59 - 01327025 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll2012-12-27 13:59 - 2012-12-27 13:59 - 03470769 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll2012-12-27 13:59 - 2012-12-27 13:59 - 00553393 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll2014-01-07 18:12 - 2013-09-21 13:31 - 01139208 ____R () C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe2012-10-19 12:18 - 2012-10-19 12:18 - 00079872 _____ () C:\Program Files (x86)\BOINC\zlib1.dll2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe2014-08-23 12:07 - 2014-08-23 12:07 - 00784384 _____ () C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_7.24_windows_intelx86.exe2014-10-21 13:52 - 2014-10-21 13:53 - 13511755 _____ () C:\Program Files (x86)\BOINC\Data\projects\einstein.phys.uwm.edu\hsgamma_FGRP4_1.04_windows_intelx86__FGRP4-SSE2.exe2013-06-13 19:19 - 2013-04-24 22:03 - 00268800 _____ () C:\altera\13.0\qprogrammer\bin64\jtagserver.exe2013-06-13 19:19 - 2013-04-24 22:01 - 00028160 _____ () C:\altera\13.0\qprogrammer\bin64\ccl_ver.dll2013-06-13 19:19 - 2013-04-24 20:50 - 00879616 _____ () C:\altera\13.0\qprogrammer\bin64\dinkum_alt.dll2014-09-21 01:12 - 2014-07-16 09:40 - 04596224 _____ () C:\Program Files (x86)\BOINC\Data\projects\climateprediction.net\hadcm3s_um_7.24_windows_intelx86.exe2011-01-30 20:58 - 2010-01-27 11:37 - 00091392 _____ () C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe2014-02-28 06:07 - 2014-07-13 16:02 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe2011-02-24 14:36 - 2011-02-24 14:36 - 01041488 _____ () C:\Program Files\CA\SharedComponents\TMEngine\KnownApps.dll2011-03-14 15:41 - 2011-03-14 15:41 - 00845392 _____ () C:\Program Files\CA\SharedComponents\TMEngine\WindowsUserIdentity.dll2009-08-10 09:51 - 2011-08-17 00:16 - 01083392 _____ () C:\WiRNS\sqlite3.DLL2014-10-08 12:52 - 2014-10-08 12:52 - 01318912 _____ () C:\Program Files (x86)\BOINC\Data\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation__modified_fit_1.36_windows_x86_64__opencl_nvidia_101.exe2014-06-23 19:04 - 2014-06-23 19:04 - 00464384 ____R () C:\Program Files (x86)\Softland\FBackup 5\bResourceStrings.bpl2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll2010-05-07 17:35 - 2010-05-07 17:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll2010-05-07 17:35 - 2010-05-07 17:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll2010-05-07 17:36 - 2010-05-07 17:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll2010-05-07 17:37 - 2010-05-07 17:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll2010-05-07 17:37 - 2010-05-07 17:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll2014-06-23 16:06 - 2014-06-23 16:06 - 01588224 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll2014-06-23 16:06 - 2014-06-23 16:06 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll2010-03-04 12:01 - 2010-03-04 12:01 - 00097384 ____R () C:\Program Files (x86)\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll2014-10-16 08:18 - 2014-10-16 08:18 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5d29373df3398f72bd90d096a4b94d97\IsdiInterop.ni.dll2011-01-20 10:20 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2010-02-14 14:36 - 2010-02-14 14:36 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll2010-02-14 14:36 - 2010-02-14 14:36 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll2011-01-21 18:50 - 2011-01-21 18:50 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll2014-02-13 19:31 - 2014-10-29 05:28 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll2014-10-18 17:05 - 2014-10-18 17:05 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll==================== Alternate Data Streams (whitelisted) =========(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)AlternateDataStreams: C:\Windows:nlsPreferencesAlternateDataStreams: C:\ProgramData\TEMP:0CFF5F08==================== Safe Mode (whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FBackup5Srv => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FBackup5Srv => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"==================== EXE Association (whitelisted) =============(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)==================== MSCONFIG/TASK MANAGER disabled items =========(Currently there is no automatic fix for this section.)MSCONFIG\Services: 0298191357999298mcinstcleanup => 2MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3MSCONFIG\Services: McMPFSvc => 2MSCONFIG\Services: McNASvc => 2MSCONFIG\Services: McShield => 2MSCONFIG\Services: MSK80Service => 2MSCONFIG\Services: nvUpdatusService => 2MSCONFIG\Services: SkypeUpdate => 2MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Amazon Unbox.lnk => C:\Windows\pss\Amazon Unbox.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^i1Profiler Tray.lnk => C:\Windows\pss\i1Profiler Tray.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk => C:\Windows\pss\Snagit 10.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UnitedMPS.lnk => C:\Windows\pss\UnitedMPS.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^XRGamma.lnk => C:\Windows\pss\XRGamma.lnk.CommonStartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.StartupMSCONFIG\startupfolder: C:^Users^Lenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.StartupMSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Lenny\AppData\Local\Akamai\netsession_win.exe"MSCONFIG\startupreg: Amazon Cloud Drive => C:\Users\Lenny\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exeMSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesMSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2317.0\mswinext.exe"MSCONFIG\startupreg: BrStsWnd => C:\Program Files (x86)\Brownie\BrstsW64.exe AutorunMSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonMSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logonMSCONFIG\startupreg: COMMUNICATOR => "C:\Program Files (x86)\Microsoft Office Communicator\Communicator.exe" /silentRetrials /backgroundMSCONFIG\startupreg: Conime => %windir%\system32\conime.exeMSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXEMSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exeMSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exeMSCONFIG\startupreg: EPSON Stylus Photo R280 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE /FU "C:\Users\Lenny\AppData\Local\Temp\E_S48E.tmp" /EF "HKCU"MSCONFIG\startupreg: Eraser => C:\Program Files\Eraser\Eraser.exe -hideMSCONFIG\startupreg: FBackup 5 Tray Agent => "C:\Program Files (x86)\Softland\FBackup 5\bTray.exe"MSCONFIG\startupreg: FPPhotoMiddleWare => C:\Program Files (x86)\Fisher-Price\Kid-Tough Digital Studio Software\Util\Kid-Tough Digital Studio Software Middleware.exeMSCONFIG\startupreg: Garmin Lifetime Updater => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimizedMSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"MSCONFIG\startupreg: Google Update => "C:\Users\Lenny\AppData\Local\Google\Update\GoogleUpdate.exe" /cMSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifworkMSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXEMSCONFIG\startupreg: Intel AppUp(SM) center => "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exeMSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenMSCONFIG\startupreg: McPvTray_exe => "C:\Program Files\McAfee\MAT\McPvTray.exe"MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyMSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStartMSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startupMSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststartMSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -trayMSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartMSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRunMSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunMSCONFIG\startupreg: Steam => "c:\program files (x86)\steam\steam.exe" -silentMSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeMSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"MSCONFIG\startupreg: WiRNSMon => C:\WiRNS\WiRNSMon.exe========================= Accounts: ==========================Administrator (S-1-5-21-4283040996-3033618002-920699296-500 - Administrator - Disabled)Guest (S-1-5-21-4283040996-3033618002-920699296-501 - Limited - Disabled)Len (S-1-5-21-4283040996-3033618002-920699296-1016 - Administrator - Enabled)Lenny (S-1-5-21-4283040996-3033618002-920699296-1001 - Administrator - Enabled) => C:\Users\LennyMegan (S-1-5-21-4283040996-3033618002-920699296-1006 - Limited - Enabled)mythtv (S-1-5-21-4283040996-3033618002-920699296-1009 - Limited - Enabled)==================== Faulty Device Manager Devices =============Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.==================== Event log errors: =========================Application errors:==================Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (11/05/2014 08:46:12 PM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Users\Lenny\AppData\Local\Temp\set312E.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\"; Description = Removed Creative Volume Panel; Error = 0x8007043c).Error: (11/05/2014 08:42:01 PM) (Source: WebUpdate4) (EventID: 2) (User: Lenny-PC)Description: The service process could not connect to the service controller.Error: (11/05/2014 08:22:32 PM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Program Files (x86)\InstallShield Installation Information\{44510C84-AE2A-4079-A75B-D44E68D73B9A}\setup.exe Files (x86)\InstallShield Installation Information\{44510C84-AE2A-4079-A75B-D44E68D73B9A}\setup.exe" /z-uninstall; Description = Configured PhotoDirector; Error = 0x8007043c).Error: (11/05/2014 08:22:09 PM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Users\Lenny\AppData\Local\Temp\set2F78.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\"; Description = Removed Creative Software AutoUpdate; Error = 0x8007043c).Error: (11/05/2014 08:20:11 PM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Users\Lenny\AppData\Local\Temp\set62E7.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\"; Description = Removed WaveStudio 7; Error = 0x8007043c).Error: (11/05/2014 08:18:15 PM) (Source: System Restore) (EventID: 8193) (User: )Description: Failed to create restore point (Process = C:\Users\Lenny\AppData\Local\Temp\set9C1F.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\"; Description = Removed Console Launcher; Error = 0x8007043c).System errors:=============Error: (11/05/2014 09:06:29 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}Error: (11/05/2014 09:05:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Windows Update service hung on starting.Error: (11/05/2014 08:57:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Garmin Core Update Service service failed to start due to the following error:%%1053Error: (11/05/2014 08:57:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.Error: (11/05/2014 08:55:30 PM) (Source: NetBT) (EventID: 4311) (User: )Description: Initialization failed because the driver device could not be created.Use the string "08002700C8ED" to identify the interface for which initializationfailed. It represents the MAC address of the failed interface or theGlobally Unique Interface Identifier (GUID) if NetBT was unable tomap from GUID to MAC address. If neither the MAC address nor the GUID wereavailable, the string represents a cluster device name.Error: (11/05/2014 08:55:30 PM) (Source: NetBT) (EventID: 4311) (User: )Description: Initialization failed because the driver device could not be created.Use the string "00FFB05A1F0D" to identify the interface for which initializationfailed. It represents the MAC address of the failed interface or theGlobally Unique Interface Identifier (GUID) if NetBT was unable tomap from GUID to MAC address. If neither the MAC address nor the GUID wereavailable, the string represents a cluster device name.Error: (11/05/2014 08:51:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068Error: (11/05/2014 08:50:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068Error: (11/05/2014 08:50:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068Error: (11/05/2014 08:49:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1068Microsoft Office Sessions:=========================Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.56.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.56.1:5353 18 1.56.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 120.1.168.192.in-addr.arpa. PTR Lenny-PC.local.Error: (11/05/2014 08:57:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 192.168.1.120:5353 18 120.1.168.192.in-addr.arpa. PTR Lenny-PC-2.local.Error: (11/05/2014 08:46:12 PM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Users\Lenny\AppData\Local\Temp\set312E.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\"Removed Creative Volume Panel0x8007043cError: (11/05/2014 08:42:01 PM) (Source: WebUpdate4) (EventID: 2) (User: Lenny-PC)Description: The service process could not connect to the service controller.Error: (11/05/2014 08:22:32 PM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Program Files (x86)\InstallShield Installation Information\{44510C84-AE2A-4079-A75B-D44E68D73B9A}\setup.exe Files (x86)\InstallShield Installation Information\{44510C84-AE2A-4079-A75B-D44E68D73B9A}\setup.exe" /z-uninstallConfigured PhotoDirector0x8007043cError: (11/05/2014 08:22:09 PM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Users\Lenny\AppData\Local\Temp\set2F78.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\"Removed Creative Software AutoUpdate0x8007043cError: (11/05/2014 08:20:11 PM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Users\Lenny\AppData\Local\Temp\set62E7.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\"Removed WaveStudio 70x8007043cError: (11/05/2014 08:18:15 PM) (Source: System Restore) (EventID: 8193) (User: )Description: C:\Users\Lenny\AppData\Local\Temp\set9C1F.tmp -deleter -l0x9 /remove -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\"Removed Console Launcher0x8007043c==================== Memory info ===========================Processor: Intel® Core i7-2600K CPU @ 3.40GHzPercentage of memory in use: 50%Total physical RAM: 8159.09 MBAvailable physical RAM: 4059 MBTotal Pagefile: 16316.35 MBAvailable Pagefile: 12130.78 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB==================== Drives ================================Drive c: (Windows7) (Fixed) (Total:1863.01 GB) (Free:214.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (IPC) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFSDrive g: (RAID) (Fixed) (Total:2794.39 GB) (Free:970.07 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)Partition: GPT Partition Type.========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4EBC02CF)Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Maniac Posted November 9, 2014 ID:905229 Share Posted November 9, 2014 Step 1 I notice that you are using more than one antivirus program.Microsoft Security EssentialsTotal Defense Internet Security SuiteThis is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them and then reboot your system. Step 2 Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.fixlist.txt Link to post Share on other sites More sharing options...
centre Posted November 9, 2014 Author ID:905471 Share Posted November 9, 2014 Thank you, I have uninstalled microsoft security essentials. Also, after running FRST64, please see the following fixlog.txt contents: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01Ran by Lenny at 2014-11-09 15:03:17 Run:1Running from C:\Users\Lenny\Desktop\FRSTLoaded Profile: Lenny (Available profiles: Lenny)Boot Mode: Normal==============================================Content of fixlist:*****************StartTask: {79BB4263-C232-43FC-939F-1C1AE01D53E7} - System32\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97} => C:\Users\Lenny\AppData\Local\Temp\is-67VLK.tmp\XRD Manager.exe <==== ATTENTIONTask: {E3657384-BA11-4DFF-9406-5C74BEEB70BE} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Lenny => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-01-19] (H.D.S. Hungary) <==== ATTENTIONHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4283040996-3033618002-920699296-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONToolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTIONEnd*****************"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79BB4263-C232-43FC-939F-1C1AE01D53E7}" => Key deleted successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79BB4263-C232-43FC-939F-1C1AE01D53E7}" => Key deleted successfully.C:\Windows\System32\Tasks\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97} => Moved successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A1B2112-3617-4D99-BF54-7AB8F9D18F97}" => Key deleted successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3657384-BA11-4DFF-9406-5C74BEEB70BE}" => Key deleted successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3657384-BA11-4DFF-9406-5C74BEEB70BE}" => Key deleted successfully.C:\Windows\System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Lenny => Moved successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HardDiskSentinel\Hard Disk Sentinel_Lenny" => Key deleted successfully."HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully."HKU\S-1-5-21-4283040996-3033618002-920699296-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => value deleted successfully."HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}" => Key not found.Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION => Error: No automatic fix found for this entry.==== End of Fixlog ==== Link to post Share on other sites More sharing options...
Maniac Posted November 11, 2014 ID:906574 Share Posted November 11, 2014 Step 1Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.Go to Scanner tab and select Threat Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. Step 2 Please scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your Desktop.Double click on the to download the ESET Smart Installer. icon on your Desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under Scan Settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.When the scan completes, click List ThreatsClick Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.Click the Back button.Click the Finish button.In your next reply, post the following log files:Malwarebytes' Anti-Malware logESET Online Scanner Link to post Share on other sites More sharing options...
centre Posted November 13, 2014 Author ID:907385 Share Posted November 13, 2014 Thank you. Here is the log results of Step 1. Step 2 is still going, 10 hours and counting. I'll post those results when complete. Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 2014-11-12Scan Time: 07:00Logfile: MBAM_LOG.txtAdministrator: YesVersion: 2.00.3.1025Malware Database: v2014.11.12.06Rootkit Database: v2014.11.11.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: LennyScan Type: Threat ScanResult: CompletedObjects Scanned: 424411Time Elapsed: 24 min, 45 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 2PUM.Bad.Proxy, HKU\.DEFAULT-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, Quarantined, [275e4febc6b669cd772549f80cf70df3]PUM.Bad.Proxy, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, Quarantined, [82032d0de99351e54f4def52f50e55ab]Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 1Trojan.Downloader, C:\Users\Lenny\AppData\Local\Temp\DVMu.dll, Quarantined, [562fd46623594de9a16a737119e87090],Physical Sectors: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
centre Posted November 14, 2014 Author ID:907908 Share Posted November 14, 2014 ESET has been stuck at 46% for the last 24 hours after scanning 480071 files. Thoughts on how best to proceed? Should I stop the scan? The total scan time continues to move upward (but is back at 10 plus hours presumably because it flips to 00:00:00 after 24 hours have elapsed) but the Target file has been the same, and old Fedora 10 ISO I had. Link to post Share on other sites More sharing options...
centre Posted November 15, 2014 Author ID:908289 Share Posted November 15, 2014 Still stuck. Same number of files scanned, same file. 23 hours showing elapsed (really almost 48), Link to post Share on other sites More sharing options...
centre Posted November 15, 2014 Author ID:908531 Share Posted November 15, 2014 Believe it or not, it has started moving again. 481,546 files scanned. I guess I'll just let it continue. It is very slow. Link to post Share on other sites More sharing options...
Maniac Posted November 16, 2014 ID:909155 Share Posted November 16, 2014 You can stop it. Try this one: Please download the Kaspersky Virus Removal Tool from here to your Desktop. Double-click the Removal Tool. Click the cog in the upper right corner: Select down to and including your main drive. Once done please select the Automatic Scan tab and press Start Scan. Allow AVP to delete all infections found. Once it has finished select the Report tab. Select the Detected threats report from the left and press the Save button. Save it to your Desktop and post the contents in your next reply. Link to post Share on other sites More sharing options...
centre Posted November 18, 2014 Author ID:909734 Share Posted November 18, 2014 Thank you. The ESET actually finished running finally. These were the results: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi a variant of Win32/PriceGong.A potentially unwanted application C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\BitTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Swag_Bucks\tbSwa2.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitTorrentBar\tbBitT.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantinedC:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantinedC:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantinedC:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert00.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantinedC:\AdwCleaner\Quarantine\C\Users\Lenny\AppData\Local\Conduit\CT2260173\Swag_BucksAutoUpdaterHelper.exe.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantinedC:\AdwCleaner\Quarantine\C\Users\Lenny\AppData\LocalLow\BitTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantinedC:\G_DRIVE\old_C_Drive\old_desktop\couponprinter.exe a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantinedC:\G_DRIVE\old_C_Drive\old_desktop\Work\DESKTOPS\Old_Desktop_computer\homepage\homepage_new.exe probably unknown NewHeur_PE virus deleted - quarantinedC:\MGtools\Process.exe Win32/PrcView potentially unsafe application deleted - quarantinedC:\Program Files (x86)\Bitcoin\bitcoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantinedC:\Program Files (x86)\Bitcoin\daemon\bitcoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantinedC:\Users\Lenny\AppData\Local\Temp\dlm5B35.tmp\acaladvdripperprose.exe Win32/Somoto.E potentially unwanted application deleted - quarantinedC:\Users\Lenny\AppData\Local\Temp\dlmBA69.tmp\SDRFreeDVDRipper_setup.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantinedC:\Users\Lenny\AppData\Local\Temp\dlmD110.tmp\acaladvdripperprose.exe Win32/Somoto.E potentially unwanted application deleted - quarantinedC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantinedC:\Windows\System32\config\systemprofile\AppData\LocalLow\BitTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantinedC:\Windows\System32\config\systemprofile\AppData\LocalLow\Swag_Bucks\tbSwa2.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantinedG:\$RECYCLE.BIN\S-1-5-21-4283040996-3033618002-920699296-1001\$R22PY3N.exe a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantinedG:\C_MP3s\Music_2\iTunes_and_iPod_Library_Backups\iPodApps\iPod_Support_v3_08.zip Win32/PrcView potentially unsafe application deleted - quarantinedG:\C_MP3s\Music_2\iTunes_and_iPod_Library_Backups\iPodApps\iPod_Support_v3_08\iPod_Support_v3_08.exe Win32/PrcView potentially unsafe application deleted - quarantinedG:\Desktop_Cleanup\Work\DESKTOPS\Old_Desktop_computer\homepage\homepage_new.exe probably unknown NewHeur_PE virus deleted - quarantinedG:\Downloads\NERO\NERO_BACKITUP\Nero_BackItUp-4.2.16.0_update.exe Win32/Toolbar.AskSBar potentially unwanted application deleted - quarantinedG:\Downloads\NERO\NERO_MOVEIT\Nero_Move_it-1.2.19.0_update.exe Win32/Toolbar.AskSBar potentially unwanted application deleted - quarantinedG:\iTunes_and_iPod_Library_Backups\iPodApps\iPod_Support_v3_08.zip Win32/PrcView potentially unsafe application deleted - quarantinedG:\iTunes_and_iPod_Library_Backups\iPodApps\iPod_Support_v3_08\iPod_Support_v3_08.exe Win32/PrcView potentially unsafe application deleted - quarantinedG:\old_C_Drive\old_desktop\Work\DESKTOPS\Old_Desktop_computer\homepage\homepage_new.exe probably unknown NewHeur_PE virus deleted - quarantined Link to post Share on other sites More sharing options...
Maniac Posted November 18, 2014 ID:909921 Share Posted November 18, 2014 Download TFC to your desktopOpen the file and close any other windows.It will close all programs itself when run, make sure to let it run uninterrupted.Click the Start button to begin the process. The program should not take long to finish its jobOnce its finished it should reboot your machine, if not, do this yourself to ensure a complete cleanHow are things now? Link to post Share on other sites More sharing options...
centre Posted November 21, 2014 Author ID:910899 Share Posted November 21, 2014 Thank you, I do think it is better. I have not seen any of the weird pop-ups that I did in the beginning attached to my very first post. Do you recommend anything else? Link to post Share on other sites More sharing options...
Maniac Posted November 23, 2014 ID:911701 Share Posted November 23, 2014 Of course. I recommend you to take some malware preventions: https://forums.malwarebytes.org/index.php?/topic/81386-so-how-did-i-get-infected-in-the-first-place/ Last steps: Step 1Download OTL to your desktop and run it.Click on CleanUp button.You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.Step 2 Please uninstall ESET Online Scanner . Safe surfing! Link to post Share on other sites More sharing options...
centre Posted November 26, 2014 Author ID:912658 Share Posted November 26, 2014 Thank you. I appreciate you volunteering your services. I just sent a donation your way. :-) Link to post Share on other sites More sharing options...
centre Posted November 27, 2014 Author ID:913041 Share Posted November 27, 2014 I may have spoken too soon. It looks like I still have an issue. If I leave my computer running, it locks up. I took a deeper look using the resource monitor. explorer.exe keeps gaining memory. Looking at the network, there are lots of connections to IPs even when first booting and not opening a browser. Thoughts? I tried running the malwayre bytes rootkit beta program and tdss killer but they didn't find anything. Link to post Share on other sites More sharing options...
centre Posted November 27, 2014 Author ID:913042 Share Posted November 27, 2014 resource monitor picture. Link to post Share on other sites More sharing options...
centre Posted November 28, 2014 Author ID:913539 Share Posted November 28, 2014 In looking at some websites, I came across a posting that looks as if it is identical to what I have going on. It is suggested it is a Backdoor:Win64/Rozena or Trojan.Win64/Rozena-varient The site mentions c:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} directory, which I do indeed have on my computer. Looking in the registry, it is called out in HKEY_CLASSES_ROOT\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A} How to disinfect? Link to post Share on other sites More sharing options...
Recommended Posts