Jump to content

PC started acting funky after AdwCleaner cleanup


Recommended Posts

Hello,

 

here is the link to the original thread that I started:

 

https://forums.malwarebytes.org/index.php?/topic/164954-vista-problems-after-running-adwcleaner-4110/

 

Malwarebytes scans came all clean. Then i ran Farbar Recovery Scan Tool. Here are the logs:

 

FIRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015
Ran by TEDi (administrator) on TEDI-PC on 17-02-2015 20:10:26
Running from C:\Users\TEDi\Desktop
Loaded Profiles: TEDi (Available profiles: TEDi)
Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NETGEAR Inc.) C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\BWMeter\BWMeterConSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Realtek) C:\Program Files\oem\11n USB Wireless LAN Utility\RtlService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Realtek Semiconductor Corp.) C:\Program Files\oem\11n USB Wireless LAN Utility\RtWLan.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(TuneUp Software) C:\Windows\System32\TUProgSt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6793760 2009-02-17] (Realtek Semiconductor)
HKLM\...\Run: [startCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [567368 2013-09-03] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Run: [] => [X]
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-11-06] (NETGEAR Inc.)
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\RunOnce: [Adobe Speed Launcher] => 1424225190
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\MountPoints2: N - N:\SETUP.EXE
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\MountPoints2: {1122c263-5754-11e2-b93a-00241d21b7ae} - N:\LaunchU3.exe -a
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\MountPoints2: {1c307b48-7926-11e0-802b-00241d21b7ae} - O:\LaunchU3.exe -a
HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\MountPoints2: {3aa5fe6c-2c0a-11e2-bfa4-00241d21b7ae} - S:\KODAK_Camera_Setup_App.exe
Startup: C:\Users\TEDi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Seagate NA4JXZK0 Product Registration.lnk
ShortcutTarget: Seagate NA4JXZK0 Product Registration.lnk -> C:\Users\TEDi\AppData\Roaming\Leadertech\PowerRegister\Seagate NA4JXZK0 Product Registration.exe (Leader Technologies/Seagate)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000 -> DefaultScope {BC4F3A92-0CCD-4177-9192-6177A6C7BFCA} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000 -> {BC4F3A92-0CCD-4177-9192-6177A6C7BFCA} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} http://10.0.0.7/aplugLite.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll File Not found ()
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 09 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 10 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 11 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 12 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 23 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 25 C:\Windows\system32\MyOSProtect.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957
FF DefaultSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\ATT\8.3.1.7\ma\bin\npMotive.dll (Alcatel-Lucent)
FF Plugin: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin HKU\S-1-5-21-2466917097-4220814058-3705793299-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\TEDi\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKU\S-1-5-21-2466917097-4220814058-3705793299-1000: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\TEDi\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957\Extensions\LogMeInClient@logmein.com [2014-11-04]
FF Extension: DownloadHelper - C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-27]
FF Extension: Who stole my pictures? - C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957\Extensions\images@wink.su.xpi [2014-03-29]
FF Extension: Adblock Plus - C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-23]
FF Extension: BetterPrivacy - C:\Users\TEDi\AppData\Roaming\Mozilla\Firefox\Profiles\0az6boje.default-1350005085957\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-27]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\mcciwbch@motive.com.xpi [2015-01-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-11-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2013-10-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [618936 2009-01-20] (Acronis)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe [401800 2013-08-23] (Samsung) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [622648 2013-09-11] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-11] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-11] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-11] (Avira Operations GmbH & Co. KG) [File not signed]
S2 ATT MAHostService; C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe [321024 2013-08-26] (Alcatel-Lucent) [File not signed]
R2 BWMeterConSvc; C:\Program Files\BWMeter\BWMeterConSvc.exe [62464 2009-10-03] () [File not signed]
S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [4707688 2009-10-09] (DisplayLink Corp.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-11-06] (NETGEAR)
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928 2011-03-21] (Nitro PDF Software)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
R2 pcCMService; C:\Program Files\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealtekCU; C:\Program Files\oem\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [574536 2013-09-03] (Copyright 2013 SAMSUNG)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [361216 2009-05-17] (TuneUp Software)
R2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [604416 2009-05-17] (TuneUp Software)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [192504 2010-09-21] () [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-01] (Avira Operations GmbH & Co. KG)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.2.21555.0.sys [21888 2010-02-27] (http://libusb-win32.sourceforge.net)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [164976 2009-10-09] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13936 2009-10-09] (DisplayLink Corp.)
S3 dsnpfd; C:\Windows\System32\DRIVERS\dsnpfd.sys [28552 2009-10-03] (DeskSoft)
R3 dsnpfdMP; C:\Windows\System32\DRIVERS\dsnpfd.sys [28552 2009-10-03] (DeskSoft)
S3 EGXFilter; C:\Windows\System32\drivers\egxfilter.sys [140800 2009-07-06] ()
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2008-04-22] (EnTech Taiwan)
S3 gdrv; C:\Windows\gdrv.sys [16608 2009-04-09] (Windows ® 2000 DDK provider)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 mr8980; C:\Windows\System32\DRIVERS\mr8980.sys [105856 2010-07-26] (Mars Semiconductor Corp.) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2014-11-20] (CACE Technologies, Inc.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [281088 2007-07-18] (Realtek Semiconductor Corporation                           )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [828520 2012-09-09] (Realtek Semiconductor Corporation                           )
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [56108 2008-07-07] (PowerISO Computing, Inc.) [File not signed]
S3 se32; C:\Windows\System32\drivers\se32.sys [12112 2007-05-03] (EnTech Taiwan)
R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [134272 2009-04-10] (Acronis)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R0 tdrpman174; C:\Windows\System32\DRIVERS\tdrpm174.sys [971552 2009-04-10] (Acronis)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44704 2009-04-10] (Acronis)
S3 xTouch; C:\Windows\System32\DRIVERS\xtouch.sys [125952 2009-07-06] ()
S1 archlp; system32\drivers\archlp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 lvpopflt; system32\DRIVERS\lvpopflt.sys [X]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
U5 sertouch; C:\Windows\System32\Drivers\sertouch.sys [128512 2009-07-06] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 20:10 - 2015-02-17 20:11 - 00024538 _____ () C:\Users\TEDi\Desktop\FRST.txt
2015-02-17 20:10 - 2015-02-17 20:10 - 00000000 ____D () C:\FRST
2015-02-17 19:57 - 2015-02-17 18:57 - 01125888 _____ (Farbar) C:\Users\TEDi\Desktop\FRST.exe
2015-02-17 10:02 - 2015-02-17 10:02 - 00000000 ____D () C:\Users\TEDi\Desktop\yaru32.v.1.40.win
2015-02-16 16:22 - 2015-02-16 16:21 - 00966249 _____ () C:\Users\TEDi\Desktop\yaru32.v.1.40.win.zip
2015-02-11 13:28 - 2015-02-17 20:09 - 00014868 _____ () C:\Windows\WindowsUpdate.log
2015-02-06 15:31 - 2015-02-06 15:31 - 00000270 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{82A5E1E0-5364-4602-87A7-2E9A61F48E9D}.job
2015-02-06 14:54 - 2015-02-16 17:01 - 00005430 _____ () C:\Users\TEDi\Desktop\AdwCleaner[s0].txt
2015-02-06 14:31 - 2015-02-06 14:31 - 02112512 _____ () C:\Users\TEDi\Downloads\adwcleaner_4.110.exe
2015-02-06 14:31 - 2015-02-06 14:31 - 02112512 _____ () C:\Users\TEDi\Desktop\adwcleaner_4.110.exe
2015-02-06 14:28 - 2015-02-06 14:28 - 00029259 _____ () C:\Users\TEDi\Downloads\lone-survivor_english-884959.zip
2015-02-06 14:26 - 2015-02-06 14:26 - 00039984 _____ () C:\Users\TEDi\Downloads\fury_english-1046799.zip
2015-02-03 11:57 - 2015-02-11 19:20 - 00000000 ____D () C:\AdwCleaner
2015-02-03 11:56 - 2015-02-03 11:56 - 02194432 _____ () C:\Users\TEDi\Downloads\adwcleaner_4.109.exe
2015-02-03 11:35 - 2015-02-03 11:32 - 00086589 _____ () C:\Users\TEDi\Desktop\New vendor.zip
2015-02-03 11:32 - 2015-02-03 11:32 - 00086589 _____ () C:\Users\TEDi\Downloads\New vendor.zip
2015-02-01 12:26 - 2015-02-01 12:26 - 00000000 _____ () C:\Users\TEDi\Desktop\New Text Document.txt
2015-01-31 15:25 - 2015-01-31 15:25 - 00040704 _____ () C:\Users\TEDi\Downloads\captain-phillips_english-844252.zip
2015-01-27 15:32 - 2015-02-03 11:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-22 18:22 - 2015-01-22 18:19 - 00897960 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2015-01-22 18:22 - 2015-01-22 18:19 - 00818088 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-01-22 18:19 - 2015-01-22 18:19 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-21 17:30 - 2015-01-21 23:28 - 00000000 ____D () C:\Users\TEDi\Desktop\ramka
2015-01-21 17:23 - 2015-01-21 17:26 - 08947446 _____ () C:\Users\TEDi\Downloads\ramka.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 20:07 - 2014-09-10 22:45 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 20:06 - 2006-11-02 07:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 20:06 - 2006-11-02 06:46 - 00005312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 20:06 - 2006-11-02 06:46 - 00005312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 19:41 - 2006-11-02 04:33 - 00755222 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-17 19:33 - 2013-06-09 11:47 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-02-17 19:33 - 2006-11-02 07:00 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-17 09:57 - 2014-11-20 00:35 - 00000000 ____D () C:\Users\TEDi\AppData\Local\NETGEARGenie
2015-02-17 09:55 - 2014-09-30 20:40 - 00165652 _____ () C:\Windows\Minidump\Mini021715-01.dmp
2015-02-17 09:55 - 2009-04-25 00:22 - 00000000 ____D () C:\Windows\Minidump
2015-02-13 12:52 - 2014-09-30 20:40 - 00147009 _____ () C:\Windows\Minidump\Mini021315-01.dmp
2015-02-11 20:04 - 2010-02-27 23:47 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2015-02-09 00:20 - 2009-04-09 06:13 - 00000000 ____D () C:\Users\TEDi
2015-02-08 18:45 - 2013-07-04 13:14 - 00000000 ____D () C:\Users\TEDi\AppData\Local\CrashDumps
2015-02-06 15:23 - 2009-04-27 11:01 - 00000069 _____ () C:\Windows\NeroDigital.ini
2015-02-06 14:19 - 2013-10-09 18:03 - 00000000 ____D () C:\Program Files\ATT
2015-02-03 11:49 - 2010-11-29 22:45 - 00000000 ____D () C:\Users\TEDi\Documents\My Scans
2015-02-03 11:21 - 2012-02-16 12:29 - 00000000 ____D () C:\Users\TEDi\AppData\Roaming\TeamViewer
2015-02-01 12:02 - 2015-01-17 13:37 - 00000840 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-01 12:02 - 2015-01-17 13:37 - 00000828 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-01 12:02 - 2015-01-17 13:37 - 00000000 ____D () C:\Program Files\TeamViewer
2015-02-01 11:48 - 2012-04-02 06:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-01 11:48 - 2011-05-18 19:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-31 15:57 - 2014-06-14 17:01 - 00000000 ____D () C:\Users\TEDi\Desktop\Itools
2015-01-31 15:38 - 2010-09-02 18:29 - 00027233 _____ () C:\Users\TEDi\Desktop\FutbolistPlovdiv2008.txt
2015-01-23 15:22 - 2009-04-09 21:38 - 00101376 _____ () C:\Users\TEDi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-22 18:24 - 2013-10-20 19:39 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 18:20 - 2010-05-17 17:44 - 00000000 ____D () C:\Program Files\Java
2015-01-22 18:19 - 2014-10-20 19:16 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-22 18:19 - 2014-10-20 19:16 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-22 18:19 - 2014-07-15 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-22 18:19 - 2014-07-15 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-18 10:33 - 2009-04-09 06:13 - 00100640 _____ () C:\Users\TEDi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-18 10:31 - 2006-11-02 06:46 - 02297448 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2009-04-18 15:49 - 2009-04-21 01:36 - 0022328 _____ () C:\Users\TEDi\AppData\Roaming\PnkBstrK.sys
2014-09-10 19:52 - 2014-10-29 19:48 - 0000600 _____ () C:\Users\TEDi\AppData\Roaming\winscp.rnd
2009-04-09 21:29 - 2009-04-09 21:29 - 0000552 _____ () C:\Users\TEDi\AppData\Local\d3d8caps.dat
2009-04-09 06:13 - 2014-11-12 10:00 - 0007836 _____ () C:\Users\TEDi\AppData\Local\d3d9caps.dat
2009-04-09 21:38 - 2015-01-23 15:22 - 0101376 _____ () C:\Users\TEDi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some zero byte size files/folders:
==========================
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-17 19:33

==================== End Of Log ============================

 

 

 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-02-2015
Ran by TEDi at 2015-02-17 20:11:12
Running from C:\Users\TEDi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.2.1.28086 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\uTorrent) (Version: 1.8.2 - )
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
3DMark Vantage (HKLM\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.0.1.1 - Futuremark Corporation)
3DMark06 (HKLM\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.1.0 - Futuremark)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis True Image Home (HKLM\...\{37C8899D-FD70-481F-94AA-1F1B08765E22}) (Version: 12.0.9709 - Acronis)
Active@ UNDELETE 7 Enterprise (HKLM\...\Active@ UNDELETE 7 Enterprise) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (HKLM\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{3AEB0C6A-BD57-4E3C-8AD7-83F5E614ED83}) (Version: 1.3.17 - Samsung)
AnyToISO (HKLM\...\AnyToISO_is1) (Version: 3.6.1 - CrystalIdea Software, Inc.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia Theatre 5 (HKLM\...\InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.0.1.114 - ArcSoft)
ArcSoft TotalMedia Theatre 5 (Version: 5.0.1.80 - ArcSoft) Hidden
ATI Catalyst Install Manager (HKLM\...\{2C99779B-99A9-CE50-C43F-A9F765E1FE23}) (Version: 3.0.719.0 - ATI Technologies, Inc.)
ATT Management Agent (HKLM\...\ATT-ATT Management Agent) (Version: 8.3.1.7 - ATT)
ATT-PRT22 (HKLM\...\ATT-PRT22) (Version:  - )
Avira Antivirus Premium (HKLM\...\Avira AntiVir Desktop) (Version: 13.0.0.4052 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
BWMeter (HKLM\...\BWMeter) (Version: 5.2.0 - DeskSoft)
ccc-core-static (Version: 2009.0317.2131.36802 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CoreAVC Professional Edition (remove only) (HKLM\...\CoreAVC Professional Edition) (Version:  - )
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DisplayLink Core Software (HKLM\...\{DE8CB084-AE1B-4038-8544-D6E9A1D5D808}) (Version: 5.2.21555.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{7336DD99-5B0D-4FBB-A1F2-FD188E117CCC}) (Version: 5.2.21997.0 - DisplayLink Corp.)
DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Dropbox) (Version: 2.2.3 - Dropbox, Inc.)
F4400 (Version: 140.0.696.000 - Hewlett-Packard) Hidden
FormatFactory 2.70 (HKLM\...\FormatFactory) (Version: 2.70 - Free Time)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.16.2.1 - Futuremark Corporation)
GetDataBack for FAT and GetDataBack for NTFS (HKLM\...\{49C09E32-B9FD-4EDC-9152-9BC0CC618A13}) (Version: 3.03.000 - Runtime Software)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
GRID (HKLM\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.00.0000 - Codemasters)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{A800FCC9-8E1E-4D84-9CED-47870701FDE1}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
iBackupBot 5.2.4 (HKLM\...\iBackupBot) (Version: 5.2.4 - VOWSoft, Ltd.)
iCloud (HKLM\...\{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}) (Version: 1.1.0.40 - Apple Inc.)
iExplorer 3.3.2.1 (HKLM\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.8.2414.748 - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KaraFun Player 2 (HKLM\...\KaraFun Player 2_is1) (Version: 2.1.30.158 - Recisio)
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Medieval CUE Splitter (HKLM\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microphone Pass-through(Playback) Emulator 1.5.1 (HKLM\...\{9AD0C1EE-A944-43D6-97A5-D8BB7BCAF2F8}_is1) (Version: 1.5.1 - Majiastic Computer)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Monitor Asset Manager (HKLM\...\Monitor Asset Manager) (Version:  - )
Mozilla Firefox (3.0.14) (HKLM\...\Mozilla Firefox (3.0.14)) (Version: 3.0.14 (en-US) - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
Need for Speed™ SHIFT (HKLM\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero 7 Premium (HKLM\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.3.1.46 - NETGEAR Inc.)
Nitro PDF Professional (HKLM\...\{5CDF6674-78CA-4B1F-A3CA-BA7EAC6E4E0B}) (Version: 6.2.1.10 - Nitro PDF Software)
Nokia Connectivity Cable Driver (HKLM\...\{0906982B-A432-4C06-8F01-C01BE1143779}) (Version: 7.1.92.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.6.36.0 - Nokia)
Nokia Suite (Version: 3.6.36.0 - Nokia) Hidden
NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\...\Octoshape Streaming Services) (Version:  - )
OpenAL (HKLM\...\OpenAL) (Version:  - )
oZone3D.Net FurMark v1.6.5 (HKLM\...\oZone3D.Net FurMark_is1) (Version:  - oZone3D.Net)
PC Connectivity Solution (HKLM\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM\...\PowerISO) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5793 - Realtek Semiconductor Corp.)
ReClock (remove only) (HKLM\...\ReClock) (Version:  - )
Recover My Files (HKLM\...\Recover My Files_is1) (Version: 3.9.7.5012 - GetData Pty Ltd)
RegVac Registry Cleaner 5.01 (Registered Version) (HKLM\...\RegVac Registry Cleaner (Registered Version)_is1) (Version:  - Super Win Software, Inc.)
Samsung Link 1.7.0.1309031728 (HKLM\...\8474-7877-9059-0204) (Version: 1.7.0.1309031728 - Copyright 2013 SAMSUNG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skins (Version: 2009.0317.2131.36802 - ATI) Hidden
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
Snagit 11 (HKLM\...\{68723B04-57EC-11E1-A6A8-9E2D4824019B}) (Version: 11.1.0 - TechSmith Corporation)
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
Tom Clancy's H.A.W.X (HKLM\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.00.00000 - Ubisoft)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Video Converter 3.50 (HKLM\...\Total Video Converter 3.50_is1) (Version:  - EffectMatrix Inc.)
Touchside (HKLM\...\{C6A750AE-6029-4435-9A8D-06507AA46798}) (Version: 1.00.000 - Touchside)
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility (HKLM\...\InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}) (Version: 1.00.0000 - )
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility (Version: 1.00.0000 - ) Hidden
TuneUp Utilities 2009 (HKLM\...\{55A29068-F2CE-456C-9148-C869879E2357}) (Version: 8.0.3100.31 - TuneUp Software)
VS 2008 CRT Package (HKLM\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Driver Package - OEM (mr8980) Image  (07/02/2010 1.0.0.0) (HKLM\...\0587FB824A2C7876CE70A17CA0BABB28702DE6DC) (Version: 07/02/2010 1.0.0.0 - OEM)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Sound Schemes (HKLM\...\UltSounds) (Version:  - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 4.1.9 (HKLM\...\winscp3_is1) (Version: 4.1.9 - Martin Prikryl)
Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4A0C-A916-1D12314F45EB}) (Version: 1.00.0183 - Co.,Ltd.)
Wireless Monitoring System (HKLM\...\InstallShield_{1E6679EB-C736-40E6-A1E5-F97F69A096E3}) (Version: 1.00.0000 - MR8980)
Wireless Monitoring System (Version: 1.00.0000 - MR8980) Hidden
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TEDi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{32C15893-74C0-4478-879B-FE14EB684AB4}\InprocServer32 -> C:\Users\TEDi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{39C26CEE-9070-4B47-9261-6743499AFBF7}\InprocServer32 -> C:\Users\TEDi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgutil.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\TEDi\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshape.dll (Octoshape ApS)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{9CC1FE07-02F9-49A6-A3F4-63AD8BAE9E49}\InprocServer32 -> C:\Users\TEDi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466917097-4220814058-3705793299-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TEDi\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 04:23 - 2009-04-25 01:07 - 00000789 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {178279AD-0523-4C60-97E0-D1522EE384A7} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {1969C96B-9572-44BD-84D9-939FDCC0E9A1} - System32\Tasks\{F6D28F6E-775A-4876-A20F-9D4933D06E22} => C:\Program Files\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {232C1A86-F2C2-49EC-8F02-BB920F9A754D} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {281028B8-1418-4EBB-AD08-50A37BD375BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {5915C5E2-D3AC-4D98-87EB-D5C152C38CC1} - System32\Tasks\HP online update program => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {9D198BA4-42C0-4F2B-9099-CB62888C0EC6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {CC74EB25-26F9-4E19-8104-00A7276E3F84} - System32\Tasks\Leader Technologies\PowerRegister\Seagate NA4JXZK0 Product Registration (TEDi) => C:\Users\TEDi\AppData\Roaming\Leadertech\PowerRegister\Seagate NA4JXZK0 Product Registration.exe [2009-01-16] (Leader Technologies/Seagate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\User_Feed_Synchronization-{82A5E1E0-5364-4602-87A7-2E9A61F48E9D}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) ==============

2013-03-31 21:26 - 2012-12-18 08:31 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2009-04-10 13:49 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2011-03-21 10:18 - 2011-03-21 10:18 - 00115008 _____ () C:\Program Files\Nitro PDF\Professional\NPShellExtension.dll
2011-04-20 00:21 - 2011-04-20 00:21 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-28 19:14 - 2013-09-28 19:14 - 03369922 _____ () C:\Program Files\NETGEAR Genie\bin\icuin51.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00544817 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00989805 _____ () C:\Program Files\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-28 19:14 - 2013-09-28 19:14 - 01978690 _____ () C:\Program Files\NETGEAR Genie\bin\icuuc51.dll
2013-09-28 19:14 - 2013-09-28 19:14 - 22378434 _____ () C:\Program Files\NETGEAR Genie\bin\icudt51.dll
2013-09-28 19:14 - 2013-09-28 19:14 - 01233408 _____ () C:\Program Files\NETGEAR Genie\bin\platforms\qwindows.dll
2014-11-17 03:46 - 2014-11-17 03:46 - 00639488 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll
2014-11-10 03:55 - 2014-11-10 03:55 - 01686016 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-11-05 01:36 - 2014-11-05 01:36 - 00192512 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-11-05 01:37 - 2014-11-05 01:37 - 00632832 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-11-14 04:53 - 2014-11-14 04:53 - 06499840 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-06-29 19:55 - 2014-06-29 19:55 - 00068608 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll
2014-06-29 20:05 - 2014-06-29 20:05 - 01183232 _____ () C:\Program Files\NETGEAR Genie\bin\qwt.dll
2014-11-07 03:13 - 2014-11-07 03:13 - 02475520 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2012-10-15 14:27 - 2012-10-15 14:27 - 00111616 _____ () C:\Program Files\NETGEAR Genie\bin\libvlc.dll
2012-10-15 14:28 - 2012-10-15 14:28 - 02286592 _____ () C:\Program Files\NETGEAR Genie\bin\libvlccore.dll
2014-11-17 01:00 - 2014-11-17 01:00 - 01056768 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-09-11 02:39 - 2014-09-11 02:39 - 00144896 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
2014-11-05 01:51 - 2014-11-05 01:51 - 01191424 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-11-17 00:21 - 2014-11-17 00:21 - 10374656 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-11-17 00:18 - 2014-11-17 00:18 - 02496512 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-11-06 03:39 - 2014-11-06 03:39 - 00200192 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-11-05 01:58 - 2014-11-05 01:58 - 00889344 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-11-05 02:00 - 2014-11-05 02:00 - 00435712 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00052224 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00261120 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-06-29 19:55 - 2014-06-29 19:55 - 00081408 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-11-03 02:23 - 2014-11-03 02:23 - 00143360 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
2014-06-18 20:22 - 2014-06-18 20:22 - 02177405 _____ () C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
2014-09-04 00:00 - 2014-09-04 00:00 - 00072192 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
2014-09-04 00:00 - 2014-09-04 00:00 - 00074240 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
2014-09-04 00:00 - 2014-09-04 00:00 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
2012-10-15 14:28 - 2012-10-15 14:28 - 00219648 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-10-15 14:28 - 2012-10-15 14:28 - 00049664 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-10-15 14:28 - 2012-10-15 14:28 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-10-15 14:28 - 2012-10-15 14:28 - 00070144 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2013-09-28 19:13 - 2013-09-28 19:13 - 00040960 _____ () C:\Program Files\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-11-05 01:59 - 2014-11-05 01:59 - 00642048 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-11-05 02:01 - 2014-11-05 02:01 - 00458752 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-06-29 20:33 - 2014-06-29 20:33 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-09-04 00:00 - 2014-09-04 00:00 - 00066560 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
2009-10-03 12:00 - 2009-10-03 12:00 - 00062464 _____ () C:\Program Files\BWMeter\BWMeterConSvc.exe
2011-03-31 15:08 - 2011-03-31 15:08 - 00080896 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2014-10-24 21:16 - 2009-12-09 20:20 - 00126976 _____ () C:\Program Files\oem\11n USB Wireless LAN Utility\EnumDevLib.dll
2013-06-22 19:29 - 2013-09-03 16:28 - 00011264 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-09-13 16:40 - 2014-09-13 16:40 - 00541696 ____N () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-09-03 08:53 - 2013-09-03 16:28 - 00982528 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-09-03 08:53 - 2013-09-03 16:28 - 01025024 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-08-23 13:49 - 2013-08-23 13:49 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\JNIInterface.dll
2013-08-23 13:50 - 2013-08-23 13:50 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ASFAPI.dll
2013-08-23 13:51 - 2013-08-23 13:51 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MediaDB_Manager.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MediaDB.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00706560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ContentDirectoryPresenter.dll
2013-08-23 13:51 - 2013-08-23 13:51 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DMS_Manager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2009-04-09 22:42 - 2009-04-09 22:42 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-10-30 13:39 - 2008-10-30 13:39 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-11-06 09:28 - 2014-11-06 09:28 - 00105216 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
2013-08-23 13:34 - 2013-08-23 13:34 - 01112576 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DMSManager.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DCMCDP.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\FolderCDP.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MetadataFramework.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\sqlite3.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MoodExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DCMImgExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AutoChaptering.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libexpat.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoThumb.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avcodec-52.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avutil-50.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avformat-52.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\swscale-0.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AudioExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ID3Driver.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\tag.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libThumbnail.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\RichInfoDriver.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ThumbnailMaker.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ImageMagickWrapper.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoMetadataDriver.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libKeyFrame.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\SECMetaDriver.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ImageExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\photoDriver.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libexif-12.dll.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\TextExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\Autobackup.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\RosettaAllShare.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\us.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13
AlternateDataStreams: C:\ProgramData\TEMP:F8D65F32

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2466917097-4220814058-3705793299-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TEDi\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 10.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LaunchTouchMon.lnk => C:\Windows\pss\LaunchTouchMon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk => C:\Windows\pss\TotalMedia Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Configuration Utility.lnk => C:\Windows\pss\Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: ClearTKHandle => C:\Program Files\Touchside\ClearTKHandle.exe
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: G DATA AntiVirus Trayapplication => C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Java => "C:\Users\TEDi\AppData\Local\Temp\Java.exe"
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: MobileDocuments => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: nmctxth => "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\TEDi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== Accounts: =============================

Administrator (S-1-5-21-2466917097-4220814058-3705793299-500 - Administrator - Disabled)
Guest (S-1-5-21-2466917097-4220814058-3705793299-501 - Limited - Enabled)
TEDi (S-1-5-21-2466917097-4220814058-3705793299-1000 - Administrator - Enabled) => C:\Users\TEDi

==================== Faulty Device Manager Devices =============

Name: isatap.{E0D9B7D8-A595-4D8C-AB06-DD02B98DFC5C}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Multimedia Controller
Description: Multimedia Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2015 08:09:29 PM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1031) (User: NT AUTHORITY)
Description: 0x80072af9

Error: (02/17/2015 08:07:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avmailc.exe, version 13.6.20.2202, time stamp 0x521f4012, faulting module MSVCR100.dll, version 10.0.40219.1, time stamp 0x4d5f0c22, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0xb80, application start time 0xavmailc.exe0.

Error: (02/17/2015 08:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avmailc.exe, version 13.6.20.2202, time stamp 0x521f4012, faulting module MSVCR100.dll, version 10.0.40219.1, time stamp 0x4d5f0c22, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0x1528, application start time 0xavmailc.exe0.

Error: (02/17/2015 08:07:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2015 08:07:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avmailc.exe, version 13.6.20.2202, time stamp 0x521f4012, faulting module MSVCR100.dll, version 10.0.40219.1, time stamp 0x4d5f0c22, exception code 0x40000015, fault offset 0x0008d6fd,
process id 0xf64, application start time 0xavmailc.exe0.

Error: (02/17/2015 08:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ss_conn_service.exe, version 2.5.0.0, time stamp 0x53355653, faulting module ss_conn_service.exe, version 2.5.0.0, time stamp 0x53355653, exception code 0x40000015, fault offset 0x00062af6,
process id 0xe48, application start time 0xss_conn_service.exe0.

Error: (02/17/2015 08:06:17 PM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1031) (User: NT AUTHORITY)
Description: 0x80072af9

Error: (02/17/2015 07:36:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2015 07:35:54 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/17/2015 07:07:48 PM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1031) (User: NT AUTHORITY)
Description: 0x80072af9


System errors:
=============
Error: (02/17/2015 08:11:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: DisplayLinkManager12940301Restart the service

Error: (02/17/2015 08:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Print Spooler2600001Restart the service

Error: (02/17/2015 08:09:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Windows Update%%2147952506

Error: (02/17/2015 08:09:04 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: 2147952506

Error: (02/17/2015 08:07:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Avira Mail Protection3

Error: (02/17/2015 08:07:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ATT MAHostService3

Error: (02/17/2015 08:07:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: ATT MAHostService%%4294967295

Error: (02/17/2015 08:07:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (02/17/2015 08:07:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ATT MAHostService210001Restart the service

Error: (02/17/2015 08:07:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: ATT MAHostService%%4294967295


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-02-17 20:10:35.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\dlkmd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 20:10:35.238
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\dlkmd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 20:10:35.147
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\dlkmd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 20:10:35.047
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\dlkmd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 20:07:28.578
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 19:43:25.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 19:43:25.301
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 19:43:25.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 19:43:25.130
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 19:39:16.448
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 39%
Total physical RAM: 3325.58 MB
Available physical RAM: 2007.52 MB
Total Pagefile: 6844.16 MB
Available Pagefile: 5299.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.59 GB) (Free:5.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:39.06 GB) (Free:26.54 GB) NTFS
Drive e: () (Fixed) (Total:39.06 GB) (Free:38.97 GB) NTFS
Drive f: () (Fixed) (Total:561.91 GB) (Free:323.6 GB) NTFS
Drive j: () (Fixed) (Total:97.66 GB) (Free:97.57 GB) NTFS
Drive k: () (Fixed) (Total:1765.36 GB) (Free:189.03 GB) NTFS
Drive l: () (Fixed) (Total:1863.01 GB) (Free:466.82 GB) NTFS
Drive m: () (Fixed) (Total:1863.01 GB) (Free:213.08 GB) NTFS
Drive o: () (Fixed) (Total:2794.51 GB) (Free:1753.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 005267FC)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1765.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 2E264054)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 92DCE1C5)
Partition 1: (Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=561.9 GB) - (Type=OF Extended)

========================================================
Disk: 7 (Size: 1863 GB) (Disk ID: E4CBBC8D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.

==================== End Of Log ============================

 

 

 

Link to post
Share on other sites

  • Root Admin

2015-02-06 14:28 - 2015-02-06 14:28 - 00029259 _____ () C:\Users\TEDi\Downloads\lone-survivor_english-884959.zip

2015-02-06 14:26 - 2015-02-06 14:26 - 00039984 _____ () C:\Users\TEDi\Downloads\fury_english-1046799.zip

2015-01-31 15:25 - 2015-01-31 15:25 - 00040704 _____ () C:\Users\TEDi\Downloads\captain-phillips_english-844252.zip

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.