Solved computer running extremely slow

[Solved] computer running extremely slow

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01
Ran by Gary (administrator) on GARY-PC on 01-05-2015 17:04:40
Running from C:\Users\Gary\Downloads
Loaded Profiles: Gary (Available profiles: Gary & UpdatusUser & Administrator)
Platform: Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
() C:\Windows\System32\UTSCSI.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Dropbox, Inc.) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files\Google\Update\Install\{8FA96F45-C46A-4134-ACF1-E76207C32A5A}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
(Google Inc.) C:\Windows\temp\CR_408E0.tmp\setup.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-04-22] (Avast Software s.r.o.)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [383368 2014-01-08] (Citrix Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Run: [Uploader] => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122984 2013-05-30] (Seagate Technology LLC)
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Run: [CAHeadless] => C:\Program Files\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1046944 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-20] (Microsoft Corporation)
Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-22] (Avast Software s.r.o.)
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> DefaultScope {E97A97C3-CBB5-40E7-A974-C7A64B1AB365} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {63140ECF-C629-BE59-8F0E-90B4FF340C03} URL = http://www.bing.com/search?q={searchTerms}&pc=Z128&form=ZGAIDF&install_date=20111231&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {CA051B20-F0FC-4230-AA0A-688B1E122C1B} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {E97A97C3-CBB5-40E7-A974-C7A64B1AB365} URL =
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-17] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll [2011-11-17] (Yahoo! Inc)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2014-01-08] (Citrix Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-30]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-03]

Chrome:
=======
CHR HomePage: Default -> https://search.yahoo.com/?type=523482&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://search.yahoo.com/?type=523482&fr=yo-yhp-ch ", "https://www.yahoo.com?fr=hp-avast&type=avastbcl "
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=523482&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-01]
CHR Extension: (No Name) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2015-05-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - No Path Or update_url value

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)
S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-22] (Avast Software)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-01-08] (Realtek Semiconductor)
R2 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2013-05-30] (Seagate Technology LLC)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-10-13] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-10-13] (Secunia)
R2 UTSCSI; C:\Windows\system32\UTSCSI.EXE [45056 2009-12-10] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-22] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-22] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-20] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-03-08] (REALiX(tm))
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-08-20] (COMPAL ELECTRONIC INC.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-23] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 PGR1394b; C:\Windows\System32\DRIVERS\HS3dSensor1394.sys [72704 2008-02-19] (Point Grey Research)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 pwftap; C:\Windows\System32\DRIVERS\pwftap.sys [31360 2014-07-24] (The OpenVPN Project)
R0 PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [46096 2013-07-19] (Corel Corporation)
S3 QCDonner; C:\Windows\System32\DRIVERS\LVCD.sys [474304 2004-04-27] (Logitech Inc.)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [273624 2015-02-10] (Realsil Semiconductor Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2009-11-08] (PowerISO Computing, Inc.) [File not signed]
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-22] (Avast Software)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
S3 PcdrNdisuio; system32\DRIVERS\pcdrndisuio.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 16:57 - 2015-05-01 17:06 - 00023016 _____ () C:\Users\Gary\Downloads\FRST.txt
2015-05-01 16:45 - 2015-05-01 17:04 - 00000000 ____D () C:\FRST
2015-05-01 16:42 - 2015-05-01 16:43 - 01140736 _____ (Farbar) C:\Users\Gary\Downloads\FRST.exe
2015-05-01 16:34 - 2015-05-01 17:02 - 00015357 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 16:34 - 2015-05-01 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-01 16:34 - 2015-04-22 18:43 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswAA3A.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00209048 _____ () C:\Windows\system32\Drivers\aswAA89.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA93F.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswAAAA.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA805.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00049904 _____ () C:\Windows\system32\Drivers\aswA98E.tmp
2015-05-01 16:34 - 2015-04-22 18:43 - 00024144 _____ () C:\Windows\system32\Drivers\aswA892.tmp
2015-05-01 16:34 - 2015-04-22 18:42 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswA324.tmp
2015-05-01 16:33 - 2015-04-22 18:43 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-23 17:38 - 2015-04-23 17:38 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-22 18:43 - 2015-04-22 18:43 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-21 06:05 - 2015-04-21 06:05 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-21 06:05 - 2015-04-21 06:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-21 06:04 - 2015-04-21 06:05 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-04-21 06:04 - 2015-04-21 06:04 - 00000000 ____D () C:\Program Files\iPod
2015-04-20 21:09 - 2015-04-20 21:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-15 03:25 - 2015-03-08 18:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 03:10 - 2015-03-04 19:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 03:10 - 2015-03-04 19:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 03:10 - 2015-03-04 19:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 03:09 - 2015-03-13 19:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 03:09 - 2015-03-12 18:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 03:09 - 2015-03-12 18:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 03:06 - 2015-04-15 03:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 03:06 - 2015-04-15 03:06 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-14 18:21 - 2015-03-09 16:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 18:21 - 2015-03-09 16:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 18:21 - 2015-03-09 16:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 18:21 - 2015-03-09 16:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 18:21 - 2015-03-09 15:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 18:21 - 2015-03-09 15:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 18:21 - 2015-03-09 15:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 18:21 - 2015-03-09 15:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 18:21 - 2015-03-09 15:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-14 18:21 - 2015-03-09 15:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-03 06:07 - 2015-04-03 06:07 - 00000093 _____ () C:\Users\Gary\AppData\Roaming\ARCompanion.log
2015-04-02 06:28 - 2015-04-02 06:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MKV to MP4 Converter
2015-04-02 06:28 - 2015-04-02 06:28 - 00000000 ____D () C:\Program Files\Free MKV to MP4 Converter
2015-04-02 06:27 - 2015-04-02 06:27 - 08309140 _____ (Freedom Software ) C:\Users\Gary\Downloads\freemkvtomp4converter_setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 17:23 - 2012-01-14 17:10 - 00000000 ____D () C:\Users\Administrator
2015-05-01 17:23 - 2009-05-31 12:40 - 00000000 ____D () C:\Users\Gary
2015-05-01 17:23 - 2006-11-02 03:22 - 63176704 _____ () C:\Windows\system32\config\software_previous
2015-05-01 17:23 - 2006-11-02 03:22 - 38010880 _____ () C:\Windows\system32\config\system_previous
2015-05-01 17:22 - 2015-03-08 18:45 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\ProductData
2015-05-01 17:22 - 2015-03-08 17:15 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\IObit
2015-05-01 17:22 - 2015-02-26 06:19 - 00000000 ____D () C:\Users\Gary\Desktop\Submit a claim_files
2015-05-01 17:22 - 2015-02-21 09:56 - 00000000 ____D () C:\Users\Gary\Desktop\Citibank Card Application - Final Summary_files
2015-05-01 17:22 - 2014-08-25 18:09 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\ICAClient
2015-05-01 17:22 - 2014-05-09 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-01 17:22 - 2014-05-09 19:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-01 17:22 - 2014-02-17 16:52 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Winamp
2015-05-01 17:22 - 2013-12-15 12:32 - 00000000 ___RD () C:\Users\Gary\SkyDrive
2015-05-01 17:22 - 2013-09-30 05:50 - 00000000 ____D () C:\Users\Gary\Desktop\Nero
2015-05-01 17:22 - 2013-03-06 17:39 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-01 17:22 - 2013-01-13 08:28 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\dvdcss
2015-05-01 17:22 - 2013-01-13 08:16 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\vlc
2015-05-01 17:22 - 2013-01-05 09:07 - 00000000 ____D () C:\Users\Gary\Downloads\M3U2iTunes_SetupWin
2015-05-01 17:22 - 2012-12-01 09:22 - 00000000 ____D () C:\Users\Gary\Desktop\miscellaneous items
2015-05-01 17:22 - 2012-11-17 09:36 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Azureus
2015-05-01 17:22 - 2012-05-12 06:22 - 00000000 ____D () C:\Users\Gary\Desktop\iTunes stuff
2015-05-01 17:22 - 2012-03-21 17:12 - 00000000 ____D () C:\Users\Gary\Downloads\JavaRa
2015-05-01 17:22 - 2012-03-21 16:50 - 00000000 ____D () C:\Users\Gary\Documents\JavaRa-2.0-beta
2015-05-01 17:22 - 2011-12-10 08:29 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp
2015-05-01 17:22 - 2011-12-10 08:29 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Catalina Marketing Corp
2015-05-01 17:22 - 2011-10-20 11:40 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Southwest Airlines
2015-05-01 17:22 - 2009-12-17 17:32 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Skype
2015-05-01 17:22 - 2009-11-01 18:09 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\mjusbsp
2015-05-01 17:22 - 2009-09-27 07:09 - 00000000 ____D () C:\Users\Gary\Desktop\audio and video converters
2015-05-01 17:22 - 2009-06-13 10:02 - 00000000 ____D () C:\Users\Gary\Documents\Microsoft office 2003
2015-05-01 17:22 - 2009-06-06 20:20 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-01 17:22 - 2009-05-31 15:26 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\uTorrent
2015-05-01 17:22 - 2009-05-31 13:40 - 00000000 ____D () C:\Users\Gary\etpro
2015-05-01 17:22 - 2009-05-31 12:40 - 00000000 ___RD () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-01 17:22 - 2009-05-31 12:40 - 00000000 ___RD () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-01 17:22 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\spool
2015-05-01 17:22 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-05-01 17:20 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\registration
2015-05-01 17:09 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-05-01 17:09 - 2006-11-02 03:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-05-01 17:09 - 2006-11-02 03:22 - 00057344 _____ () C:\Windows\system32\config\sam_previous
2015-05-01 17:02 - 2012-05-06 13:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-01 16:36 - 2011-09-28 05:34 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-01 16:34 - 2014-12-04 08:32 - 00001747 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-01 16:31 - 2013-03-06 17:41 - 00000000 ___RD () C:\Users\Gary\Dropbox
2015-05-01 16:31 - 2013-03-06 17:38 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Dropbox
2015-05-01 16:26 - 2011-09-28 05:34 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-01 16:26 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 16:26 - 2006-11-02 05:47 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-01 16:26 - 2006-11-02 05:47 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-01 15:50 - 2006-11-02 03:22 - 42205184 _____ () C:\Windows\system32\config\components_previous
2015-05-01 15:50 - 2006-11-02 03:22 - 00561152 _____ () C:\Windows\system32\config\default_previous
2015-05-01 05:18 - 2014-07-20 07:35 - 00000000 ____D () C:\Users\Gary\AppData\Local\CrashDumps
2015-04-30 05:39 - 2012-07-31 05:52 - 00000000 ____D () C:\Users\Gary\bali
2015-04-25 02:00 - 2009-06-06 10:48 - 00000000 ____D () C:\Users\Gary\AppData\Local\Adobe
2015-04-24 05:19 - 2009-05-31 13:40 - 00002000 _____ () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-TRADE MarketTrader.lnk
2015-04-23 19:20 - 2006-11-02 03:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 17:38 - 2013-03-06 17:41 - 00000918 _____ () C:\Users\Gary\Desktop\Dropbox.lnk
2015-04-23 06:44 - 2006-11-02 06:01 - 00032588 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-23 05:42 - 2014-05-09 16:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-04-22 18:43 - 2014-04-26 07:13 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-22 18:43 - 2013-03-06 07:20 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-22 18:43 - 2013-03-06 07:20 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-04-22 18:42 - 2012-01-30 21:56 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-21 17:52 - 2012-04-25 16:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-21 06:05 - 2011-08-28 06:55 - 00000000 ____D () C:\Program Files\iTunes
2015-04-21 06:04 - 2011-04-10 17:49 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-18 16:30 - 2009-08-09 18:03 - 00000000 ____D () C:\Users\Gary\Documents\dvd
2015-04-15 07:02 - 2012-05-06 13:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 07:02 - 2011-07-25 05:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 03:25 - 2013-08-14 03:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 03:15 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 03:11 - 2006-11-02 03:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 03:07 - 2009-12-17 17:31 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 03:06 - 2014-07-31 05:19 - 00001878 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 03:06 - 2009-12-17 17:31 - 00000000 ___RD () C:\Program Files\Skype
2015-04-12 11:33 - 2009-12-15 06:34 - 00000000 ____D () C:\Windows\Minidump
2015-04-11 16:32 - 2009-07-31 06:36 - 00052224 _____ () C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-09 17:48 - 2014-05-09 19:18 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-03 20:44 - 2009-05-31 12:53 - 00000318 _____ () C:\Windows\Tasks\HPCeeScheduleForGary.job

==================== Files in the root of some directories =======

2015-04-03 06:07 - 2015-04-03 06:07 - 0000093 _____ () C:\Users\Gary\AppData\Roaming\ARCompanion.log
2009-08-09 08:40 - 2011-03-12 08:43 - 0000105 _____ () C:\Users\Gary\AppData\Roaming\default.pls
2011-01-02 15:16 - 2011-05-22 14:50 - 0000208 _____ () C:\Users\Gary\AppData\Roaming\default.rss
2011-05-22 14:48 - 2011-05-22 14:48 - 0000000 _____ () C:\Users\Gary\AppData\Roaming\downloads.m3u
2011-11-28 07:18 - 2013-12-29 08:47 - 0000084 _____ () C:\Users\Gary\AppData\Roaming\wklnhst.dat
2009-06-24 16:21 - 2015-03-10 05:34 - 0007620 _____ () C:\Users\Gary\AppData\Local\d3d9caps.dat
2009-07-31 06:36 - 2015-04-11 16:32 - 0052224 _____ () C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-22 08:46 - 2013-11-22 08:46 - 0004096 ____H () C:\Users\Gary\AppData\Local\keyfile3.drm
2010-02-21 07:25 - 2012-01-28 13:40 - 0000000 _____ () C:\Users\Gary\AppData\Local\prvlcl.dat
2009-08-05 06:40 - 2009-08-05 06:41 - 0016291 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.0
2009-08-05 06:40 - 2009-08-05 06:41 - 0018255 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.JPG
2010-03-27 15:19 - 2010-03-27 15:19 - 0003090 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.0
2010-03-27 15:19 - 2010-03-27 15:19 - 0001317 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.JPG
2012-03-31 13:19 - 2012-03-31 13:19 - 0004481 _____ () C:\ProgramData\buynow.html
2009-12-17 17:34 - 2009-12-17 17:34 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2012-03-31 11:57 - 2012-03-31 18:13 - 0008321 _____ () C:\ProgramData\ITFW.log
2012-03-31 11:34 - 2012-03-31 11:35 - 0074162 _____ () C:\ProgramData\LibraryToolkit.log

Some content of TEMP:
====================
C:\Users\Gary\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb3rwn.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-01 16:31

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2015 01
Ran by Gary at 2015-05-01 17:07:12
Running from C:\Users\Gary\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2060793998-228504606-3227568861-500 - Administrator - Enabled) => C:\Users\Administrator
Gary (S-1-5-21-2060793998-228504606-3227568861-1000 - Administrator - Enabled) => C:\Users\Gary
Guest (S-1-5-21-2060793998-228504606-3227568861-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2060793998-228504606-3227568861-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
4Media iPod to PC Transfer (HKLM\...\4Media iPod to PC Transfer) (Version: 5.2.1.20120308 - 4Media)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
AIM 7 (HKLM\...\AIM_7) (Version: - )
Any Video Converter 5.5.9 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AusLogics BoostSpeed 6.3.0.0 (HKLM\...\AusLogics BoostSpeed) (Version: - )
Auslogics BoostSpeed 7 (HKLM\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.6.0.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag Professional (HKLM\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.5.0.0 - Auslogics Software Pty Ltd)
Auslogics File Recovery (HKLM\...\{D8F33108-139F-409A-A160-B9510DE736B3}_is1) (Version: 5.0.3.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.2 - Belkin International, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.4.300.10 - Citrix Systems, Inc.)
Clone Tools version 2.0.2.0 (HKLM\...\{44CD39FC-AC58-4F03-AA32-331BA086B49D}_is1) (Version: 2.0.2.0 - Control Engineering Sweden AB)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp AAC Encoder (HKLM\...\dBpoweramp AAC Encoder) (Version: - )
dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 10 - Illustrate)
dBpoweramp FLAC Codec (HKLM\...\dBpoweramp FLAC Codec) (Version: Release 13.1 (FLAC 1.2.1) - Illustrate)
dBpoweramp m4a Codec (HKLM\...\dBpoweramp m4a Codec) (Version: Release 8 - Illustrate)
dBpoweramp m4a FDK (AAC) Encoder (HKLM\...\dBpoweramp m4a FDK (AAC) Encoder) (Version: Release 1 (FDK 3.3.3) - Illustrate)
dBpoweramp m4a Utilities (HKLM\...\dBpoweramp m4a Utilities) (Version: - )
dBpoweramp m4b Audio book Encoder (HKLM\...\dBpoweramp m4b Audio book Encoder) (Version: - )
dBpoweramp Monkeys Audio Codec (HKLM\...\dBpoweramp Monkeys Audio Codec) (Version: - )
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 15 - Illustrate)
dBpoweramp Shorten Codec (HKLM\...\dBpoweramp Shorten Codec) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.210 - ALPS ELECTRIC CO., LTD.)
DING! (HKLM\...\{84031A18-BA9A-4156-A74F-E05B52DDFCE2}) (Version: 1.05.005 - Southwest Airlines)
Dropbox (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DVDFab 8.2.2.0 (16/11/2012) Qt (HKLM\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.1.9 (18/12/2013) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EasyDuplicateFinder v4.3 (HKLM\...\Easy Duplicate Finder 4_is1) (Version: - WebMinds, Inc.)
Elements 12 Organizer (Version: 12.0 - Adobe Systems Incorporated) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC Frontend (HKLM\...\{B1615F2A-105F-48FD-AA3E-0BDF8B3EE644}) (Version: 2.0.6 - Xiph.org)
Free MKV to MP4 Converter (HKLM\...\Free MKV to MP4 Converter_is1) (Version: 1.0 - Freedom Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Demo (HKLM\...\{A2016015-8323-4AF8-8B3E-F56239D7D59D}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
iPod PC Transfer Suit 4.2 (HKLM\...\iPod PC Transfer Suit_is1) (Version: 4.2 - iPod PC Transfer)
iSEEK AnswerWorks English Runtime (HKLM\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
iTunes Library Toolkit (HKLM\...\{BE19A54F-8291-417A-82C1-B22B19339927}) (Version: 1.0.0702 - klarita.net)
iTunesFolderWatch (HKLM\...\{450C790A-8C60-4B3D-887E-2124AC823D6D}) (Version: 2.1.09 - JezSoft)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Juno Preloader (HKLM\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
K-Lite Codec Pack 8.1.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
LockHunter 3.0, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
M3U2iTunes (HKLM\...\{D9F58859-61BA-44A2-9E56-7DC7E8970AE3}) (Version: 1.0.0 - otherslikeyou.com Inc.)
magicJack (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
magicJack Recovery Tool 1.0 (HKLM\...\magicJack Recovery Tool_is1) (Version: - magicJack, L.P.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
mkw Audio Compression Toolkit (HKLM\...\mkwACT) (Version: - )
mkw Runtime Libraries (HKLM\...\mkwMFCRTL) (Version: - )
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{19506BDB-4EA7-491F-E8AB-E97109FDB296}) (Version: 7.0.35.7315 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero 12 (HKLM\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG)
Nero 8 Essentials (HKLM\...\{8651784F-123E-4E8F-A5AD-60B8BE121033}) (Version: 8.3.350 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Online Plug-in (Version: 13.4.300.10 - Citrix Systems, Inc.) Hidden
PictureMover (HKLM\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.7 - Hewlett-Packard Company)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (Version: 7.0.2202 - CyberLink Corp.) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 4.6 - PowerISO Computing, Inc.)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
PSE12 STI Installer (Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quicken 2011 (HKLM\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7285 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
R-Studio 4.2 (HKLM\...\R-Studio 4.2NSIS) (Version: 4.2.125063 - R-Tools Technology Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2410.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Dashboard 2.0 (HKLM\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.2.29.0 - Seagate)
Secunia PSI (2.0.0.4003) (HKLM\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Self-service Plug-in (Version: 3.4.300.43589 - Citrix Systems, Inc.) Hidden
Serial Key Generator version 5.0 (HKLM\...\{93E9D2A0-8C35-4E79-99F3-8325443EC10B}_is1) (Version: 5.0 - VCL Examples)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skypeâ„¢ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.0.0 - Conexant Systems)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version: - )
Trader's Little Helper 2.7.0 (HKLM\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Welcome App (Start-up experience) (Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Compal Electronics, INC. (LPCFilter) System (04/23/2008 1.0.50.9) (HKLM\...\03ABAE352E7DCF9F553460B4406B1ECDB37F263B) (Version: 04/23/2008 1.0.50.9 - Compal Electronics, INC.)
Windows Driver Package - Creaform Inc (PGR1394b) PGR1394b (12/19/2007 9001.9007.9000.9502) (HKLM\...\FFF14F09EAD22959832A0BD8D99BE2292F7DCB84) (Version: 12/19/2007 9001.9007.9000.9502 - Creaform Inc)
Windows Driver Package - NVIDIA (NVNET) Net (03/04/2010 73.3.0) (HKLM\...\B709EB897A3BE23577BD34081799BAAF3A0DB399) (Version: 03/04/2010 73.3.0 - NVIDIA)
Windows Driver Package - Realtek Semiconduct Corp. (RTSUER) USB (12/26/2014 6.3.9600.31208) (HKLM\...\8222660D203BBB2FEA6DE5C52A99E42AEBF9D52B) (Version: 12/26/2014 6.3.9600.31208 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/03/2014 6.0.1.7285) (HKLM\...\6B74C80D28593EDE31FFA44376D812CA71B247D3) (Version: 07/03/2014 6.0.1.7285 - Realtek Semiconductor Corp.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Xilisoft AVI to DVD Converter (HKLM\...\Xilisoft AVI to DVD Converter) (Version: 3.0.45.0807 - Xilisoft)
Xilisoft FLAC Converter (HKLM\...\Xilisoft FLAC Converter) (Version: 6.3.0.0805 - Xilisoft)
Xilisoft ISO Pro (HKLM\...\Xilisoft ISO Pro) (Version: 1.0.8.0724 - Xilisoft)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 5.1.26.0624 - Xilisoft)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

22-04-2015 03:00:13 Windows Update
22-04-2015 18:41:08 avast! antivirus system restore point
23-04-2015 03:00:13 Windows Update
23-04-2015 21:19:49 Scheduled Checkpoint
24-04-2015 03:00:13 Windows Update
25-04-2015 00:00:03 Scheduled Checkpoint
25-04-2015 03:00:13 Windows Update
26-04-2015 00:00:07 Scheduled Checkpoint
26-04-2015 03:00:14 Windows Update
27-04-2015 03:00:16 Windows Update
28-04-2015 03:00:12 Windows Update
29-04-2015 00:00:09 Scheduled Checkpoint
29-04-2015 03:00:14 Windows Update
30-04-2015 00:00:06 Scheduled Checkpoint
30-04-2015 03:00:13 Windows Update
01-05-2015 16:28:39 avast! antivirus system restore point
01-05-2015 16:35:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2014-11-04 21:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AF67F-94A9-4644-B962-CFD693E5E8FA} - System32\Tasks\{805DA6D6-FE62-40BF-8C26-A2AF470BA4C9} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {1B14DE28-4A0F-45E9-A86F-EA47FA00CFBA} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1B413D5A-BBD8-47E0-8357-BC314B5BB47A} - System32\Tasks\avastBCLRestartS-1-5-21-2060793998-228504606-3227568861-1000 => Firefox.exe
Task: {2C68BFA9-5B21-4C77-A6D6-FB6030BDF813} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {3642A99C-D4A5-4E0D-AA01-D118DB54E63E} - System32\Tasks\ASC8_SkipUac_Gary => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {3873601B-6120-410B-B060-5137E2599E18} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Gary => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {3DAC952C-346E-4E3D-9D81-57516B232C1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {3F7FAF9E-3E98-4C5D-836A-8F46A7E02EBE} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10] (PC-Doctor, Inc.)
Task: {41E915B2-3B57-4F93-8BC6-31619F7BEF9B} - System32\Tasks\HPCeeScheduleForGary => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-16] (Hewlett-Packard)
Task: {479C3E6C-F2A7-4116-8D57-1ED179BB7256} - System32\Tasks\{C8C10CCB-0030-4032-8487-25DA3A6E66C8} => Firefox.exe http://ui.skype.com/ui/0/4.1.0.179....google-chrome:notoffered;ienotdefaultbrowser2
Task: {53EB8A2D-C558-4AAB-8D38-A72A264DA013} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {5C02E0D2-7A87-4BB8-919F-1D19257790B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {5F660949-7497-40C0-8872-9DDB0B94DEEF} - System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon => C:\Program Files\TweakBit\Driver Updater\DriverUpdater.exe
Task: {6E29462E-95A8-47B2-B25D-6085CE160BDC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {72B2A310-0524-4A1D-BE4C-53E8885EDEAC} - System32\Tasks\Gary DBAgent 2 0 => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30] (Seagate Technology LLC)
Task: {80E6E6FB-6D92-4311-84DB-776BF10442E8} - System32\Tasks\AdobeAAMUpdater-1.0-Gary-PC-Gary => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {87EEF49C-D0E4-4D37-A31A-F572AC47AD0C} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-27BA-4598-860A-C4EF54FDBDA8} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {A977B131-2FB3-410D-8FAE-6897A2A5C7F3} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-E07C-4FF0-B588-C334CE92C144} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {D9FB473F-4550-4879-B9C2-5B26758B794E} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-20] ()
Task: {E28CDFA5-79D3-48B4-93F8-95F5DF69BDDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {E3E3E9EC-C218-4A80-829E-E48E1B7E8681} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {EC27CE74-B2E7-4B5B-B317-7FA7BD5E7B7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FA4B662B-E7CC-46DA-81DE-4A0442D78194} - System32\Tasks\Driver Booster SkipUAC (Gary) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {FBDA3259-8E7C-4B4B-AD5B-DCCEC6D5AD11} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-9D1A-484A-82AF-0846D8C7E5F4} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {FF4294B7-E448-4B2B-89AD-F2E739585972} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2013-05-30] (Seagate Technology LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGary.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml

==================== Loaded Modules (whitelisted) ==============

2015-04-22 18:43 - 2015-04-22 18:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 18:43 - 2015-04-22 18:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-24 13:38 - 2015-04-24 13:38 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042401\algo.dll
2015-05-01 16:35 - 2015-05-01 16:35 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050101\algo.dll
2012-05-20 12:44 - 2011-02-24 21:08 - 00022944 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-20 12:46 - 2010-02-17 18:25 - 00152064 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-05-20 12:46 - 2010-02-09 15:55 - 00049152 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2009-12-10 09:27 - 2009-12-10 09:27 - 00045056 _____ () C:\Windows\system32\UTSCSI.EXE
2012-05-20 12:44 - 2011-02-15 13:15 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2012-05-20 12:44 - 2011-02-15 13:15 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2012-05-20 12:44 - 2011-02-15 13:16 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2012-05-20 12:44 - 2011-02-15 13:15 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-05-20 12:44 - 2011-02-15 12:25 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2015-03-13 16:55 - 2015-04-22 18:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-01 16:29 - 2015-05-01 16:29 - 00043008 _____ () c:\users\gary\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprb3rwn.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00750080 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00047616 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00865280 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00200704 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-05-20 12:46 - 2010-02-17 18:25 - 00132096 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2012-05-20 12:44 - 2011-02-24 20:39 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2015-05-01 16:38 - 2015-04-28 10:23 - 01089104 _____ () C:\Program Files\Google\Update\Install\{8FA96F45-C46A-4134-ACF1-E76207C32A5A}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2013-12-04 00:03 - 2013-12-04 00:03 - 00012168 _____ () C:\Program Files\Citrix\SelfServicePlugin\ExtensionSDK.dll

 

= Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => " "= "Driver "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => " "= "Driver "

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\va.gov -> hxxps://va.gov


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\awave.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox (1).lnk => C:\Windows\pss\Dropbox (1).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
MSCONFIG\startupreg: AOL => C:\PROGRA~1\AOLDES~1.7A\aol.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files\AOL Desktop 9.7a\AOL.EXE" -b
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe "
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: cdloader => "C:\Users\Gary\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
MSCONFIG\startupreg: DBAgent => "C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: DVDAgent => "c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe "
MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1325011021\ee\AOLSoftware.exe
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe "
MSCONFIG\startupreg: KBD => C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe "
MSCONFIG\startupreg: Uploader => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B57B8239-FC5C-48EE-A745-126A94CCF75E}] => (Allow) c:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A50A96B4-0900-48DF-A302-41D2472F453E}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{6914C447-EC39-4B62-833E-CF8DF72746C8}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{1162D46D-943B-4A68-A638-7FD699C8B460}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{61A05C15-58FD-4CFA-9540-880FDA70E189}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{A1647596-1F99-446E-8E60-8B9B6DA1D09F}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0D23A54B-92C9-4428-8366-5B1ECDD07BB9}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{E99C13E7-5A4E-4508-B6EA-107DFE40D231}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{2A87A404-DBA0-4601-8889-78048074746E}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{CF16FA3C-8C76-401C-AC1B-49453B922EDA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CB0E7EED-7C06-499B-9CED-DBB1DECB124A}C:\program files\utorrent\utorrent.exe] => (Block) C:\program files\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C590052D-3CE9-44CE-B9F8-F15F802E44CE}C:\program files\utorrent\utorrent.exe] => (Block) C:\program files\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F5B019A2-660D-4B0B-9245-3DC844F53D56}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{58080C79-591C-4C65-80E3-E118A8766E4A}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{73906AE9-FC81-4B92-AB08-F8B159B6C4ED}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{BD3523E9-3112-41FB-8206-5C3E1BB3EE55}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{777AAA81-AC31-40F6-96BC-57D71E539D48}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{71167DFB-F6EF-41E7-AEEA-CBD4BE17DD71}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{F7691ABB-E87E-45D4-98C6-BE2620F2DF6C}] => (Allow) svchost.exe
FirewallRules: [{7C4A6087-69BD-4B6E-B1E0-A5C70D26B7D9}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{25D404F9-801D-448B-BF5B-B95627F5072D}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C31BE99A-3D45-48F8-8DDF-E0C2D34AD01B}] => (Allow) LPort=2869
FirewallRules: [{4383EAA4-CED9-4732-98AD-D3A3946849FE}] => (Allow) LPort=1900
FirewallRules: [{A9FA898B-09D4-4A0C-B400-0D604BEC9F04}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{E1F8B6D3-E7F1-4D3C-9025-80BD6CF709EA}] => (Allow) LPort=80
FirewallRules: [{2263BE98-9386-451B-B484-F6B5232DFDFE}] => (Allow) LPort=80
FirewallRules: [{C6AF61BD-E0DF-4643-81D3-D0AF67FD75CE}] => (Allow) LPort=80
FirewallRules: [{E80C776E-DFAE-4203-A75C-A633F0E4EFB4}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{184E5BA5-36CB-41D7-A190-657D929249B7}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{F8EB50DE-324D-4D7B-837E-89B54AF19E94}] => (Allow) C:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{3BF90591-600D-4D60-BB80-938F89D8A95D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE35A9B6-3245-4DD6-B3C8-217565FB833E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{F053C8DB-BC9D-4A63-91B4-3B253E72E5E0}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [UDP Query User{70EC51D9-BFDC-424B-ADD3-E1D64C57570E}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [TCP Query User{BBC24516-4D99-4CE3-946C-2AF658399DC0}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{33C86F0A-F3BC-4FA3-93FA-26FF1B08E49D}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{E25935CB-5541-4E5C-A688-B8B451C11193}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{C38B636D-B8F1-4B8F-BDCD-46E1BB16B741}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{60573F47-CA7A-4A1A-B02F-6DA13C324655}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{14D978EF-B873-442D-9BC8-3E948D31B1EE}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{C2D9F2F0-6783-4C8B-8120-FF11DBF27822}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{724DF8AF-EA1D-4C3A-87E8-65848C6EC683}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{96A08668-0746-46C0-A66F-EFBD8108A808}] => (Allow) C:\Program Files\AOL Desktop 9.7\waol.exe
FirewallRules: [{67E356FE-CAAA-4FBF-A330-D937663CA346}] => (Allow) C:\Program Files\AOL Desktop 9.7\waol.exe
FirewallRules: [{9DB4202B-2AA2-43F5-8E7A-7DB1EF001193}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{142BB313-C40A-4F64-8015-2F7C9F5116B3}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{AF512894-FFAD-45E2-BFBB-82EF34F073BA}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{99220750-D168-4683-A160-422CDD039EFD}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{6221F87B-8B12-4695-BA59-D40987D6FB2D}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{E587F934-C901-41CC-A181-62E255908EE1}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{5DB8BB5C-60C5-4614-A054-FEB02042DF89}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{BC739A46-FB13-4859-95DE-3A21BF4ACCF4}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{84BE36FE-86EE-4DF5-AEB3-737B42BB6C63}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{44125E51-E826-47FC-A2EE-90E57A27AD8C}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{50537361-344A-45EA-B444-F3ADA024C489}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A0A47F44-B3BF-437F-B27F-482C433B97F1}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{AA354F1C-EA9E-4B5C-88CB-04D5ACB25F92}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{091A25DC-B5F9-42F5-AD2A-0AE3C8FE60AF}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{D7620934-0018-4696-85CC-B36E7C9BED84}] => (Allow) LPort=19540
FirewallRules: [{32751A38-2E99-41D4-9E2D-109EC1E5BD6B}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{E7E2B14A-1EB3-4761-ACEE-DA3A8618E57C}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{F313D53D-23AD-4A39-928B-892672603FBE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{26441B09-92A7-4567-BE04-C01056386FE0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{EFD52531-3D88-424E-B068-47879B49291F}] => (Allow) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1528F6F9-296B-4535-A2E5-FD3C539042CA}] => (Allow) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4292515C-9FE5-4806-8DE9-D6E8360AF4D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{403E0A71-9623-4885-AD08-9FE8F501941D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{525EE50C-BA5D-4088-A8B1-07E6E97DB833}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{4B0C80C2-1A73-4E5F-AF69-335E72188920}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{CD346570-266E-4A4D-9DB0-920375DD108F}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{D7EAB150-FA7F-4C94-AE96-2C327688EAB0}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{B5122609-39F5-474C-816A-C262439F3C07}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C2A4BE70-02E6-4C59-A9F2-1DECF5B24794}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{BC18290F-BB19-47EE-BA65-E217795C77EA}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{9408C98C-CCC6-4F55-8E2E-BC30F50348DA}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{73F406DF-DF52-4B5A-9D78-16F4723066CC}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{FC8352F8-1052-4333-99AB-FAFBCA2B4C8D}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{5BAADE07-1A67-4FCB-B3F1-C5DFE57C12A5}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{5CF81B04-0390-436F-977C-93A487962C65}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{91333215-3DBC-45E0-870D-051D08CF7B86}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{73F24D21-768F-4E1D-B1E7-13F06428639D}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{00DFEC83-902B-48C0-B4D1-243B6C940FBC}] => (Allow) C:\Program Files\AOL Desktop 9.7a\waol.exe
FirewallRules: [{6EB0B4A4-CDAC-4864-912E-AFE0C044A194}] => (Allow) C:\Program Files\AOL Desktop 9.7a\waol.exe
FirewallRules: [{8D5C2A19-5D7F-48C4-8E19-E7229B75C44B}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{681A82A5-4A89-4632-967E-51CCAC50C3A4}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{C815C95B-C62C-4336-8ADA-5712C3D3857C}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{723B4D0A-7FBD-407F-9618-6457A8949D91}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{09B44A34-B020-4F66-BBEA-3B5561C49401}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{F8B16C52-53E5-4E03-A306-EEC8EA15865C}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{E8D34307-7419-4A55-A21C-CE54BEF3C624}] => (Allow) C:\Program Files\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [{2195A72B-7866-47DF-BCF0-B0844B85E442}] => (Allow) C:\Program Files\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [TCP Query User{0D5D8548-855D-467F-B04C-BB21E25274A2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{88A0C4AC-CBDF-46BA-B2B6-F775D2B5025C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E70E52F6-8154-4FBB-B03E-A45E1E7B3BDC}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{5A80BCA2-5892-4E8B-B7D7-AD9E8A3F3405}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{9E411F01-728B-4B7F-8C59-9171DDFF17A6}] => (Allow) C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{465CC5A5-4381-4BBE-B4B1-3C4D43CBC5C5}C:\users\gary\documents\documents\utorrent(1).exe] => (Allow) C:\users\gary\documents\documents\utorrent(1).exe
FirewallRules: [UDP Query User{101FAA3E-001F-436D-A1E9-58CBDC0E1D7D}C:\users\gary\documents\documents\utorrent(1).exe] => (Allow) C:\users\gary\documents\documents\utorrent(1).exe
FirewallRules: [TCP Query User{FE557EC1-68C9-4A45-875A-F00BF6737370}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DFB92507-3405-4B51-B2E9-252AD76D26C1}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{83C30F5D-ECB0-45D5-8426-3201B5D41E26}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7CBE7E5D-76EA-4545-8FE3-A93234F66F86}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{536E1EE9-A8F3-422D-B489-DA7CFABA4D77}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{AAA426ED-39A3-4173-A1E1-85A63543046B}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{20BBDF95-32E4-45DF-AADE-EF3257263290}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{EA04D129-23B5-4890-8B74-BB69BB1C359B}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{3C17A86F-FE70-46E7-9E2C-31D17D5E93B4}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{921A02F1-3C8B-4CDA-80F0-4A3E7393C996}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{EB9280A4-CE6A-427D-B988-4D2F312EC5C7}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [{42839A63-CBBD-484C-B9D1-2D4B94772358}] => (Allow) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B7D1DBD7-56B7-4ECB-9081-3491AA854AAD}] => (Allow) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D5425CC-4F2C-4E81-8863-B76B46C666AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8B3FF2C0-B738-4DB7-8D33-C1A366338602}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{34540DDC-E294-4DB2-A1AD-11AB3ECCE531}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{84A4F884-F3CF-4022-A775-B7AC34B3D56A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5D7FC98C-23C8-4F3A-8A22-80D099B034D6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D1D15C4D-591B-45B2-AA89-5BC6B03194A9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Works - Update 'Security Update for Microsoft Works 9 (KB2754670)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.

Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.

Error: (05/01/2015 04:28:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b544f73f-0d9e-4d97-b842-4ac430b7c412}

Error: (05/01/2015 04:26:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/01/2015 05:07:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Security Update for Microsoft Works 9 (KB2754670){DB28D469-D96E-4ECF-924C-BC805754DED1}202

Error: (05/01/2015 04:26:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft WorksSecurity Update for Microsoft Works 9 (KB2754670)1603(NULL)(NULL)

Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (05/01/2015 05:02:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (05/01/2015 04:28:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b544f73f-0d9e-4d97-b842-4ac430b7c412}

Error: (05/01/2015 04:26:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2015-05-01 17:05:31.512
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:30.514
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:29.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:28.454
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:22.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:21.262
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:20.248
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:19.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:04:19.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:04:18.965
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 65%
Total physical RAM: 2941.83 MB
Available physical RAM: 1000.55 MB
Total Pagefile: 5954.24 MB
Available Pagefile: 3846.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.07 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:286.43 GB) (Free:23.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.66 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:227.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=286.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EB3631AB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

RogueKiller V10.6.1.0 [Apr 24 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Gary [Administrator]
Started from : C:\Users\Gary\Desktop\RogueKiller.exe
Mode : Delete -- Date : 05/02/2015 12:30:43

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00AAJS-65M0A SCSI Disk Device +++++
--- User ---
[MBR] 015dad17540dd8e88d802c3ff600815b
[BSP] cbe1a3892920c024e3e7b9efc684338e : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 293303 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 600686415 | Size: 11938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive1: Seagate Backup+ BK USB Device +++++
--- User ---
[MBR] fdfdae42b2b88a5f195ba8fa967c96ae
[BSP] 872d49b3cd04d36de14da8caf4b829b2 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_11042014_182656.log - RKreport_DEL_11042014_182731.log - RKreport_SCN_05022015_122536.log

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/2/2015
Scan Time: 12:43:08 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.02.04
Rootkit Database: v2015.04.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Gary

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 458126
Time Elapsed: 26 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

# AdwCleaner v4.203 - Logfile created 02/05/2015 at 13:26:48
# Updated 30/04/2015 by Xplode
# Database : 2015-04-30.2 [Local]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Gary - GARY-PC
# Running from : C:\Users\Gary\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Gary\AppData\Local\PackageAware
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
Key Deleted : HKU\.DEFAULT\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Performer_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WinZip Registry Optimizer_is1

***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16636


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


-\\ Google Chrome v42.0.2311.135

[C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [934 bytes] - [06/12/2014 13:10:27]
AdwCleaner[R1].txt - [3001 bytes] - [25/01/2015 11:24:15]
AdwCleaner[R2].txt - [1352 bytes] - [30/01/2015 08:12:05]
AdwCleaner[R3].txt - [1523 bytes] - [15/02/2015 17:52:34]
AdwCleaner[R4].txt - [3657 bytes] - [02/05/2015 13:17:42]
AdwCleaner[S0].txt - [1053 bytes] - [06/12/2014 13:16:32]
AdwCleaner[S1].txt - [3050 bytes] - [25/01/2015 11:52:29]
AdwCleaner[S2].txt - [1370 bytes] - [30/01/2015 08:34:06]
AdwCleaner[S3].txt - [1548 bytes] - [15/02/2015 18:03:29]
AdwCleaner[S4].txt - [3612 bytes] - [02/05/2015 13:26:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [3671 bytes] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Gary on Sat 05/02/2015 at 13:39:12.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\System32\tasks\Driver Booster SkipUAC (Gary)



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Gary\appdata\local\{0C7662B2-F0D9-4E37-9794-506009BA1804}
Successfully deleted: [Empty Folder] C:\Users\Gary\appdata\local\{63140F8F-21A9-4CF5-8067-1953F6D9CB51}
Successfully deleted: [Empty Folder] C:\Users\Gary\appdata\local\{9F484BDE-5D1B-43E2-8A3E-485C55979BD5}
Successfully deleted: [Empty Folder] C:\Users\Gary\appdata\local\{C9D4DEDA-C527-4A4D-994F-13FF9EC30665}
Successfully deleted: [Empty Folder] C:\Users\Gary\appdata\local\{D4626B2A-D321-4DDA-AD78-1B0457514745}



~~~ FireFox

Emptied folder: C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\3oreo0z6.default-1426290737187\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/02/2015 at 13:43:08.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Combo fix has been running for about 3 hours, its at the prompt that says, however, scan times for badly infected machines may easily double, should I wait?

 

Still running at same spot

 

No change

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01
Ran by Gary (administrator) on GARY-PC on 03-05-2015 10:52:35
Running from C:\Users\Gary\Downloads
Loaded Profiles: Gary (Available profiles: Gary & UpdatusUser & Administrator)
Platform: Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
() C:\Windows\System32\UTSCSI.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(Dropbox, Inc.) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-04-22] (Avast Software s.r.o.)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [383368 2014-01-08] (Citrix Systems, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Run: [Uploader] => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122984 2013-05-30] (Seagate Technology LLC)
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Run: [CAHeadless] => C:\Program Files\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1046944 2013-09-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssBranded.scr [8139264 2008-01-20] (Microsoft Corporation)
Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-22] (Avast Software s.r.o.)
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {63140ECF-C629-BE59-8F0E-90B4FF340C03} URL = http://www.bing.com/search?q={searchTerms}&pc=Z128&form=ZGAIDF&install_date=20111231&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {CA051B20-F0FC-4230-AA0A-688B1E122C1B} URL = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {E97A97C3-CBB5-40E7-A974-C7A64B1AB365} URL =
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-17] (Oracle Corporation)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2014-01-08] (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2014-01-08] (Citrix Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3oreo0z6.default-1426290737187\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-30]

Chrome:
=======
CHR HomePage: Default -> https://search.yahoo.com/?type=523482&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://search.yahoo.com/?type=523482&fr=yo-yhp-ch ", "https://www.yahoo.com?fr=hp-avast&type=avastbcl "
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=523482&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-01]
CHR Extension: (No Name) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2015-05-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - No Path Or update_url value

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)
S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-22] (Avast Software)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-01-08] (Realtek Semiconductor)
R2 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2013-05-30] (Seagate Technology LLC)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-10-13] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-10-13] (Secunia)
R2 UTSCSI; C:\Windows\system32\UTSCSI.EXE [45056 2009-12-10] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-22] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-22] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-20] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-03-08] (REALiX(tm))
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-08-20] (COMPAL ELECTRONIC INC.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2015-03-17] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 PGR1394b; C:\Windows\System32\DRIVERS\HS3dSensor1394.sys [72704 2008-02-19] (Point Grey Research)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 pwftap; C:\Windows\System32\DRIVERS\pwftap.sys [31360 2014-07-24] (The OpenVPN Project)
R0 PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [46096 2013-07-19] (Corel Corporation)
S3 QCDonner; C:\Windows\System32\DRIVERS\LVCD.sys [474304 2004-04-27] (Logitech Inc.)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [273624 2015-02-10] (Realsil Semiconductor Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2009-11-08] (PowerISO Computing, Inc.) [File not signed]
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-05-02] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-22] (Avast Software)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
S3 PcdrNdisuio; system32\DRIVERS\pcdrndisuio.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 14:10 - 2015-05-02 14:12 - 00000000 ___SD () C:\ComboFix
2015-05-02 14:10 - 2015-05-02 14:10 - 00000000 ____D () C:\Qoobox
2015-05-02 14:10 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-02 14:10 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-02 14:10 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-02 14:10 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-02 14:10 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-02 14:10 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-02 14:10 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-02 14:10 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-02 14:07 - 2015-05-02 14:07 - 05619691 ____R (Swearware) C:\Users\Gary\Desktop\ComboFix.exe
2015-05-02 13:43 - 2015-05-02 13:43 - 00001375 _____ () C:\Users\Gary\Desktop\JRT.txt
2015-05-02 13:39 - 2015-05-02 13:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-GARY-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-05-02 13:39 - 2015-05-02 13:39 - 00000000 ____D () C:\RegBackup
2015-05-02 13:37 - 2015-05-02 13:37 - 02716306 _____ (Thisisu) C:\Users\Gary\Downloads\JRT.exe
2015-05-02 13:16 - 2015-05-02 13:16 - 02204160 _____ () C:\Users\Gary\Downloads\adwcleaner_4.203.exe
2015-05-02 13:13 - 2015-05-02 13:13 - 00001058 _____ () C:\Users\Gary\Desktop\MW.TXT
2015-05-02 12:34 - 2015-05-03 10:45 - 00000872 _____ () C:\Windows\PFRO.log
2015-05-02 12:34 - 2015-05-02 12:34 - 299716912 _____ () C:\Windows\MEMORY.DMP
2015-05-02 12:34 - 2015-05-02 12:34 - 00149824 _____ () C:\Windows\Minidump\Mini050215-01.dmp
2015-05-02 12:13 - 2015-05-02 12:14 - 16873560 _____ () C:\Users\Gary\Desktop\RogueKiller.exe
2015-05-01 17:07 - 2015-05-01 17:08 - 00061121 _____ () C:\Users\Gary\Downloads\Addition.txt
2015-05-01 16:57 - 2015-05-03 10:53 - 00022640 _____ () C:\Users\Gary\Downloads\FRST.txt
2015-05-01 16:45 - 2015-05-03 10:52 - 00000000 ____D () C:\FRST
2015-05-01 16:42 - 2015-05-01 16:43 - 01140736 _____ (Farbar) C:\Users\Gary\Downloads\FRST.exe
2015-05-01 16:34 - 2015-05-03 10:53 - 00153381 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 16:34 - 2015-05-01 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-01 16:33 - 2015-04-22 18:43 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-23 17:38 - 2015-04-23 17:38 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-22 18:43 - 2015-04-22 18:43 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-21 06:05 - 2015-04-21 06:05 - 00001626 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-21 06:05 - 2015-04-21 06:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-21 06:04 - 2015-04-21 06:05 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-04-21 06:04 - 2015-04-21 06:04 - 00000000 ____D () C:\Program Files\iPod
2015-04-20 21:09 - 2015-04-20 21:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-15 03:25 - 2015-03-08 18:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 03:10 - 2015-03-04 19:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 03:10 - 2015-03-04 19:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 03:10 - 2015-03-04 19:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 03:09 - 2015-03-13 19:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 03:09 - 2015-03-12 18:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 03:09 - 2015-03-12 18:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 03:06 - 2015-04-15 03:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 03:06 - 2015-04-15 03:06 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-14 18:21 - 2015-03-09 16:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 18:21 - 2015-03-09 16:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 18:21 - 2015-03-09 16:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 18:21 - 2015-03-09 16:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 18:21 - 2015-03-09 15:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 18:21 - 2015-03-09 15:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 18:21 - 2015-03-09 15:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-14 18:21 - 2015-03-09 15:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 18:21 - 2015-03-09 15:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 18:21 - 2015-03-09 15:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-14 18:21 - 2015-03-09 15:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-14 18:21 - 2015-03-09 15:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-03 06:07 - 2015-04-03 06:07 - 00000093 _____ () C:\Users\Gary\AppData\Roaming\ARCompanion.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 10:51 - 2013-03-06 17:41 - 00000000 ___RD () C:\Users\Gary\Dropbox
2015-05-03 10:51 - 2013-03-06 17:38 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Dropbox
2015-05-03 10:46 - 2014-05-09 16:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-05-03 10:45 - 2011-09-28 05:34 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-03 10:45 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-03 10:45 - 2006-11-02 05:47 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-03 10:45 - 2006-11-02 05:47 - 00003616 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-03 10:43 - 2006-11-02 06:01 - 00032588 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-03 10:37 - 2011-09-28 05:34 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-03 10:02 - 2012-05-06 13:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-03 02:00 - 2009-06-06 10:48 - 00000000 ____D () C:\Users\Gary\AppData\Local\Adobe
2015-05-02 13:36 - 2014-07-20 07:35 - 00000000 ____D () C:\Users\Gary\AppData\Local\CrashDumps
2015-05-02 13:27 - 2014-12-06 13:10 - 00000000 ____D () C:\AdwCleaner
2015-05-02 12:34 - 2009-12-15 06:34 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 12:14 - 2014-11-04 19:12 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-02 08:30 - 2009-07-31 06:36 - 00052224 _____ () C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 17:23 - 2012-01-14 17:10 - 00000000 ____D () C:\Users\Administrator
2015-05-01 17:23 - 2009-05-31 12:40 - 00000000 ____D () C:\Users\Gary
2015-05-01 17:23 - 2006-11-02 03:22 - 63176704 _____ () C:\Windows\system32\config\software_previous
2015-05-01 17:23 - 2006-11-02 03:22 - 38010880 _____ () C:\Windows\system32\config\system_previous
2015-05-01 17:22 - 2015-03-08 18:45 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\ProductData
2015-05-01 17:22 - 2015-03-08 17:15 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\IObit
2015-05-01 17:22 - 2015-02-26 06:19 - 00000000 ____D () C:\Users\Gary\Desktop\Submit a claim_files
2015-05-01 17:22 - 2015-02-21 09:56 - 00000000 ____D () C:\Users\Gary\Desktop\Citibank Card Application - Final Summary_files
2015-05-01 17:22 - 2014-08-25 18:09 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\ICAClient
2015-05-01 17:22 - 2014-05-09 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-01 17:22 - 2014-05-09 19:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-01 17:22 - 2014-02-17 16:52 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Winamp
2015-05-01 17:22 - 2013-12-15 12:32 - 00000000 ___RD () C:\Users\Gary\SkyDrive
2015-05-01 17:22 - 2013-09-30 05:50 - 00000000 ____D () C:\Users\Gary\Desktop\Nero
2015-05-01 17:22 - 2013-03-06 17:39 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-01 17:22 - 2013-01-13 08:28 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\dvdcss
2015-05-01 17:22 - 2013-01-13 08:16 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\vlc
2015-05-01 17:22 - 2013-01-05 09:07 - 00000000 ____D () C:\Users\Gary\Downloads\M3U2iTunes_SetupWin
2015-05-01 17:22 - 2012-12-01 09:22 - 00000000 ____D () C:\Users\Gary\Desktop\miscellaneous items
2015-05-01 17:22 - 2012-11-17 09:36 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Azureus
2015-05-01 17:22 - 2012-05-12 06:22 - 00000000 ____D () C:\Users\Gary\Desktop\iTunes stuff
2015-05-01 17:22 - 2012-03-21 17:12 - 00000000 ____D () C:\Users\Gary\Downloads\JavaRa
2015-05-01 17:22 - 2012-03-21 16:50 - 00000000 ____D () C:\Users\Gary\Documents\JavaRa-2.0-beta
2015-05-01 17:22 - 2011-12-10 08:29 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp
2015-05-01 17:22 - 2011-12-10 08:29 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Catalina Marketing Corp
2015-05-01 17:22 - 2011-10-20 11:40 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Southwest Airlines
2015-05-01 17:22 - 2009-12-17 17:32 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Skype
2015-05-01 17:22 - 2009-11-01 18:09 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\mjusbsp
2015-05-01 17:22 - 2009-09-27 07:09 - 00000000 ____D () C:\Users\Gary\Desktop\audio and video converters
2015-05-01 17:22 - 2009-06-13 10:02 - 00000000 ____D () C:\Users\Gary\Documents\Microsoft office 2003
2015-05-01 17:22 - 2009-06-06 20:20 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-01 17:22 - 2009-05-31 15:26 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\uTorrent
2015-05-01 17:22 - 2009-05-31 13:40 - 00000000 ____D () C:\Users\Gary\etpro
2015-05-01 17:22 - 2009-05-31 12:40 - 00000000 ___RD () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-01 17:22 - 2009-05-31 12:40 - 00000000 ___RD () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-01 17:22 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\spool
2015-05-01 17:22 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-05-01 17:20 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\registration
2015-05-01 17:09 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-05-01 17:09 - 2006-11-02 03:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-05-01 17:09 - 2006-11-02 03:22 - 00057344 _____ () C:\Windows\system32\config\sam_previous
2015-05-01 16:34 - 2014-12-04 08:32 - 00001747 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-01 15:50 - 2006-11-02 03:22 - 42205184 _____ () C:\Windows\system32\config\components_previous
2015-05-01 15:50 - 2006-11-02 03:22 - 00561152 _____ () C:\Windows\system32\config\default_previous
2015-04-30 05:39 - 2012-07-31 05:52 - 00000000 ____D () C:\Users\Gary\bali
2015-04-24 05:19 - 2009-05-31 13:40 - 00002000 _____ () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-TRADE MarketTrader.lnk
2015-04-23 19:20 - 2006-11-02 03:33 - 00763586 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 17:38 - 2013-03-06 17:41 - 00000918 _____ () C:\Users\Gary\Desktop\Dropbox.lnk
2015-04-22 18:43 - 2014-04-26 07:13 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-22 18:43 - 2013-03-06 07:20 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-22 18:43 - 2013-03-06 07:20 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-04-22 18:43 - 2012-01-30 21:56 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-04-22 18:42 - 2012-01-30 21:56 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-21 17:52 - 2012-04-25 16:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-21 06:05 - 2011-08-28 06:55 - 00000000 ____D () C:\Program Files\iTunes
2015-04-21 06:04 - 2011-04-10 17:49 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-18 16:30 - 2009-08-09 18:03 - 00000000 ____D () C:\Users\Gary\Documents\dvd
2015-04-15 07:02 - 2012-05-06 13:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 07:02 - 2011-07-25 05:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 03:25 - 2013-08-14 03:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 03:15 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 03:11 - 2006-11-02 03:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 03:07 - 2009-12-17 17:31 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 03:06 - 2014-07-31 05:19 - 00001878 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 03:06 - 2009-12-17 17:31 - 00000000 ___RD () C:\Program Files\Skype
2015-04-09 17:48 - 2014-05-09 19:18 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-03 20:44 - 2009-05-31 12:53 - 00000318 _____ () C:\Windows\Tasks\HPCeeScheduleForGary.job

==================== Files in the root of some directories =======

2015-04-03 06:07 - 2015-04-03 06:07 - 0000093 _____ () C:\Users\Gary\AppData\Roaming\ARCompanion.log
2009-08-09 08:40 - 2011-03-12 08:43 - 0000105 _____ () C:\Users\Gary\AppData\Roaming\default.pls
2011-01-02 15:16 - 2011-05-22 14:50 - 0000208 _____ () C:\Users\Gary\AppData\Roaming\default.rss
2011-05-22 14:48 - 2011-05-22 14:48 - 0000000 _____ () C:\Users\Gary\AppData\Roaming\downloads.m3u
2011-11-28 07:18 - 2013-12-29 08:47 - 0000084 _____ () C:\Users\Gary\AppData\Roaming\wklnhst.dat
2009-06-24 16:21 - 2015-03-10 05:34 - 0007620 _____ () C:\Users\Gary\AppData\Local\d3d9caps.dat
2009-07-31 06:36 - 2015-05-02 08:30 - 0052224 _____ () C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-22 08:46 - 2013-11-22 08:46 - 0004096 ____H () C:\Users\Gary\AppData\Local\keyfile3.drm
2010-02-21 07:25 - 2012-01-28 13:40 - 0000000 _____ () C:\Users\Gary\AppData\Local\prvlcl.dat
2009-08-05 06:40 - 2009-08-05 06:41 - 0016291 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.0
2009-08-05 06:40 - 2009-08-05 06:41 - 0018255 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.JPG
2010-03-27 15:19 - 2010-03-27 15:19 - 0003090 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.0
2010-03-27 15:19 - 2010-03-27 15:19 - 0001317 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.JPG
2012-03-31 13:19 - 2012-03-31 13:19 - 0004481 _____ () C:\ProgramData\buynow.html
2009-12-17 17:34 - 2009-12-17 17:34 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2012-03-31 11:57 - 2012-03-31 18:13 - 0008321 _____ () C:\ProgramData\ITFW.log
2012-03-31 11:34 - 2012-03-31 11:35 - 0074162 _____ () C:\ProgramData\LibraryToolkit.log

Some content of TEMP:
====================
C:\Users\Gary\AppData\Local\temp\dllnt_dump.dll
C:\Users\Gary\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixvbxa.dll
C:\Users\Gary\AppData\Local\temp\Quarantine.exe
C:\Users\Gary\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-03 10:52

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2015 01
Ran by Gary at 2015-05-03 10:54:56
Running from C:\Users\Gary\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2060793998-228504606-3227568861-500 - Administrator - Enabled) => C:\Users\Administrator
Gary (S-1-5-21-2060793998-228504606-3227568861-1000 - Administrator - Enabled) => C:\Users\Gary
Guest (S-1-5-21-2060793998-228504606-3227568861-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2060793998-228504606-3227568861-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
4Media iPod to PC Transfer (HKLM\...\4Media iPod to PC Transfer) (Version: 5.2.1.20120308 - 4Media)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
AIM 7 (HKLM\...\AIM_7) (Version: - )
Any Video Converter 5.5.9 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AusLogics BoostSpeed 6.3.0.0 (HKLM\...\AusLogics BoostSpeed) (Version: - )
Auslogics BoostSpeed 7 (HKLM\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.6.0.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag Professional (HKLM\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.5.0.0 - Auslogics Software Pty Ltd)
Auslogics File Recovery (HKLM\...\{D8F33108-139F-409A-A160-B9510DE736B3}_is1) (Version: 5.0.3.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.2 - Belkin International, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.4.300.10 - Citrix Systems, Inc.)
Clone Tools version 2.0.2.0 (HKLM\...\{44CD39FC-AC58-4F03-AA32-331BA086B49D}_is1) (Version: 2.0.2.0 - Control Engineering Sweden AB)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp AAC Encoder (HKLM\...\dBpoweramp AAC Encoder) (Version: - )
dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 10 - Illustrate)
dBpoweramp FLAC Codec (HKLM\...\dBpoweramp FLAC Codec) (Version: Release 13.1 (FLAC 1.2.1) - Illustrate)
dBpoweramp m4a Codec (HKLM\...\dBpoweramp m4a Codec) (Version: Release 8 - Illustrate)
dBpoweramp m4a FDK (AAC) Encoder (HKLM\...\dBpoweramp m4a FDK (AAC) Encoder) (Version: Release 1 (FDK 3.3.3) - Illustrate)
dBpoweramp m4a Utilities (HKLM\...\dBpoweramp m4a Utilities) (Version: - )
dBpoweramp m4b Audio book Encoder (HKLM\...\dBpoweramp m4b Audio book Encoder) (Version: - )
dBpoweramp Monkeys Audio Codec (HKLM\...\dBpoweramp Monkeys Audio Codec) (Version: - )
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 15 - Illustrate)
dBpoweramp Shorten Codec (HKLM\...\dBpoweramp Shorten Codec) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.210 - ALPS ELECTRIC CO., LTD.)
DING! (HKLM\...\{84031A18-BA9A-4156-A74F-E05B52DDFCE2}) (Version: 1.05.005 - Southwest Airlines)
Dropbox (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DVDFab 8.2.2.0 (16/11/2012) Qt (HKLM\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.1.9 (18/12/2013) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EasyDuplicateFinder v4.3 (HKLM\...\Easy Duplicate Finder 4_is1) (Version: - WebMinds, Inc.)
Elements 12 Organizer (Version: 12.0 - Adobe Systems Incorporated) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC Frontend (HKLM\...\{B1615F2A-105F-48FD-AA3E-0BDF8B3EE644}) (Version: 2.0.6 - Xiph.org)
Free MKV to MP4 Converter (HKLM\...\Free MKV to MP4 Converter_is1) (Version: 1.0 - Freedom Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Demo (HKLM\...\{A2016015-8323-4AF8-8B3E-F56239D7D59D}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP Support Solutions Framework (HKLM\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
iPod PC Transfer Suit 4.2 (HKLM\...\iPod PC Transfer Suit_is1) (Version: 4.2 - iPod PC Transfer)
iSEEK AnswerWorks English Runtime (HKLM\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
iTunes Library Toolkit (HKLM\...\{BE19A54F-8291-417A-82C1-B22B19339927}) (Version: 1.0.0702 - klarita.net)
iTunesFolderWatch (HKLM\...\{450C790A-8C60-4B3D-887E-2124AC823D6D}) (Version: 2.1.09 - JezSoft)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Juno Preloader (HKLM\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
K-Lite Codec Pack 8.1.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
LockHunter 3.0, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
M3U2iTunes (HKLM\...\{D9F58859-61BA-44A2-9E56-7DC7E8970AE3}) (Version: 1.0.0 - otherslikeyou.com Inc.)
magicJack (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
magicJack Recovery Tool 1.0 (HKLM\...\magicJack Recovery Tool_is1) (Version: - magicJack, L.P.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
mkw Audio Compression Toolkit (HKLM\...\mkwACT) (Version: - )
mkw Runtime Libraries (HKLM\...\mkwMFCRTL) (Version: - )
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{19506BDB-4EA7-491F-E8AB-E97109FDB296}) (Version: 7.0.35.7315 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero 12 (HKLM\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG)
Nero 8 Essentials (HKLM\...\{8651784F-123E-4E8F-A5AD-60B8BE121033}) (Version: 8.3.350 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Online Plug-in (Version: 13.4.300.10 - Citrix Systems, Inc.) Hidden
PictureMover (HKLM\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.7 - Hewlett-Packard Company)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (Version: 7.0.2202 - CyberLink Corp.) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 4.6 - PowerISO Computing, Inc.)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
PSE12 STI Installer (Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quicken 2011 (HKLM\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7285 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
R-Studio 4.2 (HKLM\...\R-Studio 4.2NSIS) (Version: 4.2.125063 - R-Tools Technology Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2410.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Dashboard 2.0 (HKLM\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.2.29.0 - Seagate)
Secunia PSI (2.0.0.4003) (HKLM\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Self-service Plug-in (Version: 3.4.300.43589 - Citrix Systems, Inc.) Hidden
Serial Key Generator version 5.0 (HKLM\...\{93E9D2A0-8C35-4E79-99F3-8325443EC10B}_is1) (Version: 5.0 - VCL Examples)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skypeâ„¢ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.0.0 - Conexant Systems)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version: - )
Trader's Little Helper 2.7.0 (HKLM\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Welcome App (Start-up experience) (Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Compal Electronics, INC. (LPCFilter) System (04/23/2008 1.0.50.9) (HKLM\...\03ABAE352E7DCF9F553460B4406B1ECDB37F263B) (Version: 04/23/2008 1.0.50.9 - Compal Electronics, INC.)
Windows Driver Package - Creaform Inc (PGR1394b) PGR1394b (12/19/2007 9001.9007.9000.9502) (HKLM\...\FFF14F09EAD22959832A0BD8D99BE2292F7DCB84) (Version: 12/19/2007 9001.9007.9000.9502 - Creaform Inc)
Windows Driver Package - NVIDIA (NVNET) Net (03/04/2010 73.3.0) (HKLM\...\B709EB897A3BE23577BD34081799BAAF3A0DB399) (Version: 03/04/2010 73.3.0 - NVIDIA)
Windows Driver Package - Realtek Semiconduct Corp. (RTSUER) USB (12/26/2014 6.3.9600.31208) (HKLM\...\8222660D203BBB2FEA6DE5C52A99E42AEBF9D52B) (Version: 12/26/2014 6.3.9600.31208 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/03/2014 6.0.1.7285) (HKLM\...\6B74C80D28593EDE31FFA44376D812CA71B247D3) (Version: 07/03/2014 6.0.1.7285 - Realtek Semiconductor Corp.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Xilisoft AVI to DVD Converter (HKLM\...\Xilisoft AVI to DVD Converter) (Version: 3.0.45.0807 - Xilisoft)
Xilisoft FLAC Converter (HKLM\...\Xilisoft FLAC Converter) (Version: 6.3.0.0805 - Xilisoft)
Xilisoft ISO Pro (HKLM\...\Xilisoft ISO Pro) (Version: 1.0.8.0724 - Xilisoft)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 5.1.26.0624 - Xilisoft)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7a\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2060793998-228504606-3227568861-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gary\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

25-04-2015 03:00:13 Windows Update
26-04-2015 00:00:07 Scheduled Checkpoint
26-04-2015 03:00:14 Windows Update
27-04-2015 03:00:16 Windows Update
28-04-2015 03:00:12 Windows Update
29-04-2015 00:00:09 Scheduled Checkpoint
29-04-2015 03:00:14 Windows Update
30-04-2015 00:00:06 Scheduled Checkpoint
30-04-2015 03:00:13 Windows Update
01-05-2015 16:28:39 avast! antivirus system restore point
01-05-2015 16:35:35 Windows Update
02-05-2015 03:00:12 Windows Update
03-05-2015 03:00:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2014-11-04 21:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AF67F-94A9-4644-B962-CFD693E5E8FA} - System32\Tasks\{805DA6D6-FE62-40BF-8C26-A2AF470BA4C9} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {1B14DE28-4A0F-45E9-A86F-EA47FA00CFBA} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1B413D5A-BBD8-47E0-8357-BC314B5BB47A} - System32\Tasks\avastBCLRestartS-1-5-21-2060793998-228504606-3227568861-1000 => Firefox.exe
Task: {2C68BFA9-5B21-4C77-A6D6-FB6030BDF813} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {3642A99C-D4A5-4E0D-AA01-D118DB54E63E} - System32\Tasks\ASC8_SkipUac_Gary => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {3DAC952C-346E-4E3D-9D81-57516B232C1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {3F7FAF9E-3E98-4C5D-836A-8F46A7E02EBE} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10] (PC-Doctor, Inc.)
Task: {41E915B2-3B57-4F93-8BC6-31619F7BEF9B} - System32\Tasks\HPCeeScheduleForGary => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-16] (Hewlett-Packard)
Task: {479C3E6C-F2A7-4116-8D57-1ED179BB7256} - System32\Tasks\{C8C10CCB-0030-4032-8487-25DA3A6E66C8} => Firefox.exe http://ui.skype.com/ui/0/4.1.0.179....google-chrome:notoffered;ienotdefaultbrowser2
Task: {53EB8A2D-C558-4AAB-8D38-A72A264DA013} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {5C02E0D2-7A87-4BB8-919F-1D19257790B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {5F660949-7497-40C0-8872-9DDB0B94DEEF} - System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon => C:\Program Files\TweakBit\Driver Updater\DriverUpdater.exe
Task: {6E29462E-95A8-47B2-B25D-6085CE160BDC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {72B2A310-0524-4A1D-BE4C-53E8885EDEAC} - System32\Tasks\Gary DBAgent 2 0 => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30] (Seagate Technology LLC)
Task: {80E6E6FB-6D92-4311-84DB-776BF10442E8} - System32\Tasks\AdobeAAMUpdater-1.0-Gary-PC-Gary => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {87EEF49C-D0E4-4D37-A31A-F572AC47AD0C} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-27BA-4598-860A-C4EF54FDBDA8} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {A977B131-2FB3-410D-8FAE-6897A2A5C7F3} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-E07C-4FF0-B588-C334CE92C144} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {D9FB473F-4550-4879-B9C2-5B26758B794E} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-20] ()
Task: {E269741F-825D-4643-91F5-70C351422C72} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Gary => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {E28CDFA5-79D3-48B4-93F8-95F5DF69BDDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {E3E3E9EC-C218-4A80-829E-E48E1B7E8681} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {EC27CE74-B2E7-4B5B-B317-7FA7BD5E7B7D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FA4B662B-E7CC-46DA-81DE-4A0442D78194} - \Driver Booster SkipUAC (Gary) No Task File <==== ATTENTION
Task: {FBDA3259-8E7C-4B4B-AD5B-DCCEC6D5AD11} - System32\Tasks\Auslogics\Disk Defrag Prof\Task {00000001-9D1A-484A-82AF-0846D8C7E5F4} for Gary => C:\Program Files\Auslogics\Disk Defrag Professional\DiskDefragPro.exe [2015-02-14] (Auslogics)
Task: {FF4294B7-E448-4B2B-89AD-F2E739585972} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2013-05-30] (Seagate Technology LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGary.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml

 

==================== Loaded Modules (whitelisted) ==============

2015-04-22 18:43 - 2015-04-22 18:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 18:43 - 2015-04-22 18:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-02 12:38 - 2015-05-02 12:38 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050202\algo.dll
2015-05-03 10:49 - 2015-05-03 10:49 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050300\algo.dll
2012-05-20 12:44 - 2011-02-24 21:08 - 00022944 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-20 12:46 - 2010-02-17 18:25 - 00152064 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-05-20 12:46 - 2010-02-09 15:55 - 00049152 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2009-12-10 09:27 - 2009-12-10 09:27 - 00045056 _____ () C:\Windows\system32\UTSCSI.EXE
2012-05-20 12:44 - 2011-02-15 13:15 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2012-05-20 12:44 - 2011-02-15 13:15 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2012-05-20 12:44 - 2011-02-15 13:16 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2012-05-20 12:44 - 2011-02-15 13:15 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-05-20 12:44 - 2011-02-15 12:25 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2015-03-13 16:55 - 2015-04-22 18:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-25 07:37 - 2013-09-25 07:37 - 03577760 _____ () C:\Program Files\Adobe\Elements 12 Organizer\CAHeadless\AMocWrapper.dll
2015-05-03 10:50 - 2015-05-03 10:50 - 00043008 _____ () c:\users\gary\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixvbxa.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00750080 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00047616 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00865280 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 14:45 - 2015-03-04 14:45 - 00200704 _____ () C:\Users\Gary\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-05-20 12:46 - 2010-02-17 18:25 - 00132096 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2012-05-20 12:44 - 2011-02-24 20:39 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => " "= "Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => " "= "Driver "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => " "= "Driver "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => " "= "Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => " "= "Driver "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => " "= "Driver "

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2060793998-228504606-3227568861-1000\...\va.gov -> hxxps://va.gov


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2060793998-228504606-3227568861-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\awave.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox (1).lnk => C:\Windows\pss\Dropbox (1).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Gary^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
MSCONFIG\startupreg: AOL => C:\PROGRA~1\AOLDES~1.7A\aol.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files\AOL Desktop 9.7a\AOL.EXE" -b
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe "
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: cdloader => "C:\Users\Gary\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
MSCONFIG\startupreg: DBAgent => "C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: DVDAgent => "c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe "
MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1325011021\ee\AOLSoftware.exe
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe "
MSCONFIG\startupreg: KBD => C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe "
MSCONFIG\startupreg: Uploader => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B57B8239-FC5C-48EE-A745-126A94CCF75E}] => (Allow) c:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A50A96B4-0900-48DF-A302-41D2472F453E}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{6914C447-EC39-4B62-833E-CF8DF72746C8}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{1162D46D-943B-4A68-A638-7FD699C8B460}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{61A05C15-58FD-4CFA-9540-880FDA70E189}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{A1647596-1F99-446E-8E60-8B9B6DA1D09F}] => (Allow) c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0D23A54B-92C9-4428-8366-5B1ECDD07BB9}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{E99C13E7-5A4E-4508-B6EA-107DFE40D231}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{2A87A404-DBA0-4601-8889-78048074746E}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{CF16FA3C-8C76-401C-AC1B-49453B922EDA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CB0E7EED-7C06-499B-9CED-DBB1DECB124A}C:\program files\utorrent\utorrent.exe] => (Block) C:\program files\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C590052D-3CE9-44CE-B9F8-F15F802E44CE}C:\program files\utorrent\utorrent.exe] => (Block) C:\program files\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F5B019A2-660D-4B0B-9245-3DC844F53D56}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{58080C79-591C-4C65-80E3-E118A8766E4A}C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\gary\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{73906AE9-FC81-4B92-AB08-F8B159B6C4ED}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{BD3523E9-3112-41FB-8206-5C3E1BB3EE55}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{777AAA81-AC31-40F6-96BC-57D71E539D48}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{71167DFB-F6EF-41E7-AEEA-CBD4BE17DD71}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{F7691ABB-E87E-45D4-98C6-BE2620F2DF6C}] => (Allow) svchost.exe
FirewallRules: [{7C4A6087-69BD-4B6E-B1E0-A5C70D26B7D9}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{25D404F9-801D-448B-BF5B-B95627F5072D}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C31BE99A-3D45-48F8-8DDF-E0C2D34AD01B}] => (Allow) LPort=2869
FirewallRules: [{4383EAA4-CED9-4732-98AD-D3A3946849FE}] => (Allow) LPort=1900
FirewallRules: [{A9FA898B-09D4-4A0C-B400-0D604BEC9F04}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{E1F8B6D3-E7F1-4D3C-9025-80BD6CF709EA}] => (Allow) LPort=80
FirewallRules: [{2263BE98-9386-451B-B484-F6B5232DFDFE}] => (Allow) LPort=80
FirewallRules: [{C6AF61BD-E0DF-4643-81D3-D0AF67FD75CE}] => (Allow) LPort=80
FirewallRules: [{E80C776E-DFAE-4203-A75C-A633F0E4EFB4}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{184E5BA5-36CB-41D7-A190-657D929249B7}] => (Allow) C:\Program Files\AIM\aim.exe
FirewallRules: [{F8EB50DE-324D-4D7B-837E-89B54AF19E94}] => (Allow) C:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{3BF90591-600D-4D60-BB80-938F89D8A95D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE35A9B6-3245-4DD6-B3C8-217565FB833E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{F053C8DB-BC9D-4A63-91B4-3B253E72E5E0}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [UDP Query User{70EC51D9-BFDC-424B-ADD3-E1D64C57570E}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe
FirewallRules: [TCP Query User{BBC24516-4D99-4CE3-946C-2AF658399DC0}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{33C86F0A-F3BC-4FA3-93FA-26FF1B08E49D}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{E25935CB-5541-4E5C-A688-B8B451C11193}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{C38B636D-B8F1-4B8F-BDCD-46E1BB16B741}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{60573F47-CA7A-4A1A-B02F-6DA13C324655}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{14D978EF-B873-442D-9BC8-3E948D31B1EE}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{C2D9F2F0-6783-4C8B-8120-FF11DBF27822}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{724DF8AF-EA1D-4C3A-87E8-65848C6EC683}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{96A08668-0746-46C0-A66F-EFBD8108A808}] => (Allow) C:\Program Files\AOL Desktop 9.7\waol.exe
FirewallRules: [{67E356FE-CAAA-4FBF-A330-D937663CA346}] => (Allow) C:\Program Files\AOL Desktop 9.7\waol.exe
FirewallRules: [{9DB4202B-2AA2-43F5-8E7A-7DB1EF001193}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{142BB313-C40A-4F64-8015-2F7C9F5116B3}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{AF512894-FFAD-45E2-BFBB-82EF34F073BA}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{99220750-D168-4683-A160-422CDD039EFD}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{6221F87B-8B12-4695-BA59-D40987D6FB2D}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{E587F934-C901-41CC-A181-62E255908EE1}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{5DB8BB5C-60C5-4614-A054-FEB02042DF89}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{BC739A46-FB13-4859-95DE-3A21BF4ACCF4}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{84BE36FE-86EE-4DF5-AEB3-737B42BB6C63}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{44125E51-E826-47FC-A2EE-90E57A27AD8C}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{50537361-344A-45EA-B444-F3ADA024C489}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A0A47F44-B3BF-437F-B27F-482C433B97F1}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{AA354F1C-EA9E-4B5C-88CB-04D5ACB25F92}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{091A25DC-B5F9-42F5-AD2A-0AE3C8FE60AF}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{D7620934-0018-4696-85CC-B36E7C9BED84}] => (Allow) LPort=19540
FirewallRules: [{32751A38-2E99-41D4-9E2D-109EC1E5BD6B}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{E7E2B14A-1EB3-4761-ACEE-DA3A8618E57C}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{F313D53D-23AD-4A39-928B-892672603FBE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{26441B09-92A7-4567-BE04-C01056386FE0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{EFD52531-3D88-424E-B068-47879B49291F}] => (Allow) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1528F6F9-296B-4535-A2E5-FD3C539042CA}] => (Allow) C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4292515C-9FE5-4806-8DE9-D6E8360AF4D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{403E0A71-9623-4885-AD08-9FE8F501941D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{525EE50C-BA5D-4088-A8B1-07E6E97DB833}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{4B0C80C2-1A73-4E5F-AF69-335E72188920}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{CD346570-266E-4A4D-9DB0-920375DD108F}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{D7EAB150-FA7F-4C94-AE96-2C327688EAB0}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{B5122609-39F5-474C-816A-C262439F3C07}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C2A4BE70-02E6-4C59-A9F2-1DECF5B24794}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{BC18290F-BB19-47EE-BA65-E217795C77EA}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{9408C98C-CCC6-4F55-8E2E-BC30F50348DA}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{73F406DF-DF52-4B5A-9D78-16F4723066CC}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{FC8352F8-1052-4333-99AB-FAFBCA2B4C8D}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{5BAADE07-1A67-4FCB-B3F1-C5DFE57C12A5}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{5CF81B04-0390-436F-977C-93A487962C65}] => (Allow) C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{91333215-3DBC-45E0-870D-051D08CF7B86}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{73F24D21-768F-4E1D-B1E7-13F06428639D}] => (Allow) C:\Program Files\Common Files\AOL\1325011021\ee\aolsoftware.exe
FirewallRules: [{00DFEC83-902B-48C0-B4D1-243B6C940FBC}] => (Allow) C:\Program Files\AOL Desktop 9.7a\waol.exe
FirewallRules: [{6EB0B4A4-CDAC-4864-912E-AFE0C044A194}] => (Allow) C:\Program Files\AOL Desktop 9.7a\waol.exe
FirewallRules: [{8D5C2A19-5D7F-48C4-8E19-E7229B75C44B}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{681A82A5-4A89-4632-967E-51CCAC50C3A4}] => (Allow) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{C815C95B-C62C-4336-8ADA-5712C3D3857C}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{723B4D0A-7FBD-407F-9618-6457A8949D91}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{09B44A34-B020-4F66-BBEA-3B5561C49401}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{F8B16C52-53E5-4E03-A306-EEC8EA15865C}] => (Allow) C:\Program Files\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{E8D34307-7419-4A55-A21C-CE54BEF3C624}] => (Allow) C:\Program Files\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [{2195A72B-7866-47DF-BCF0-B0844B85E442}] => (Allow) C:\Program Files\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe
FirewallRules: [TCP Query User{0D5D8548-855D-467F-B04C-BB21E25274A2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{88A0C4AC-CBDF-46BA-B2B6-F775D2B5025C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E70E52F6-8154-4FBB-B03E-A45E1E7B3BDC}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{5A80BCA2-5892-4E8B-B7D7-AD9E8A3F3405}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{9E411F01-728B-4B7F-8C59-9171DDFF17A6}] => (Allow) C:\Users\Gary\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{465CC5A5-4381-4BBE-B4B1-3C4D43CBC5C5}C:\users\gary\documents\documents\utorrent(1).exe] => (Allow) C:\users\gary\documents\documents\utorrent(1).exe
FirewallRules: [UDP Query User{101FAA3E-001F-436D-A1E9-58CBDC0E1D7D}C:\users\gary\documents\documents\utorrent(1).exe] => (Allow) C:\users\gary\documents\documents\utorrent(1).exe
FirewallRules: [TCP Query User{FE557EC1-68C9-4A45-875A-F00BF6737370}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DFB92507-3405-4B51-B2E9-252AD76D26C1}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{83C30F5D-ECB0-45D5-8426-3201B5D41E26}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7CBE7E5D-76EA-4545-8FE3-A93234F66F86}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{536E1EE9-A8F3-422D-B489-DA7CFABA4D77}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{AAA426ED-39A3-4173-A1E1-85A63543046B}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{20BBDF95-32E4-45DF-AADE-EF3257263290}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{EA04D129-23B5-4890-8B74-BB69BB1C359B}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{3C17A86F-FE70-46E7-9E2C-31D17D5E93B4}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{921A02F1-3C8B-4CDA-80F0-4A3E7393C996}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [UDP Query User{EB9280A4-CE6A-427D-B988-4D2F312EC5C7}C:\program files\java\jre7\bin\jp2launcher.exe] => (Allow) C:\program files\java\jre7\bin\jp2launcher.exe
FirewallRules: [{42839A63-CBBD-484C-B9D1-2D4B94772358}] => (Allow) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B7D1DBD7-56B7-4ECB-9081-3491AA854AAD}] => (Allow) C:\Users\Gary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D5425CC-4F2C-4E81-8863-B76B46C666AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8B3FF2C0-B738-4DB7-8D33-C1A366338602}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{84A4F884-F3CF-4022-A775-B7AC34B3D56A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5D7FC98C-23C8-4F3A-8A22-80D099B034D6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D1D15C4D-591B-45B2-AA89-5BC6B03194A9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{54929A68-CEA8-4E61-B9CE-52797747AADB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 10:45:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Works - Update 'Security Update for Microsoft Works 9 (KB2754670)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.

Error: (05/02/2015 01:36:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application BelkinRouterMonitor.exe, version 4.0.5.22963, time stamp 0x4d6711f9, faulting module BelkinRouterMonitor.exe, version 4.0.5.22963, time stamp 0x4d6711f9, exception code 0xc0000005, fault offset 0x000324eb,
process id 0x1438, application start time 0xBelkinRouterMonitor.exe0.

Error: (05/02/2015 01:31:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 00:36:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Works - Update 'Security Update for Microsoft Works 9 (KB2754670)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.


System errors:
=============
Error: (05/03/2015 10:54:49 AM) (Source: nvstor32) (EventID: 5) (User: )
Description: A parity error was detected on \Device\RaidPort0.

Error: (05/03/2015 10:48:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/03/2015 10:46:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (05/03/2015 03:04:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Security Update for Microsoft Works 9 (KB2754670){DB28D469-D96E-4ECF-924C-BC805754DED1}202

Error: (05/02/2015 01:39:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: iPod Service1

Error: (05/02/2015 01:39:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: HP Health Check Service1600001Restart the service

Error: (05/02/2015 01:39:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: XAudioService1

Error: (05/02/2015 01:39:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Secunia Update Agent1

Error: (05/02/2015 01:39:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: PLFlash DeviceIoControl Service1

Error: (05/02/2015 01:39:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Nero BackItUp Scheduler 31


Microsoft Office Sessions:
=========================
Error: (05/03/2015 10:45:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft WorksSecurity Update for Microsoft Works 9 (KB2754670)1603(NULL)(NULL)

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (05/03/2015 03:02:45 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (05/02/2015 01:36:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BelkinRouterMonitor.exe4.0.5.229634d6711f9BelkinRouterMonitor.exe4.0.5.229634d6711f9c0000005000324eb143801d085177c0db552

Error: (05/02/2015 01:31:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 00:36:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Microsoft WorksSecurity Update for Microsoft Works 9 (KB2754670)1603(NULL)(NULL)

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (05/02/2015 03:02:26 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Microsoft Works -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
Date: 2015-05-03 10:50:27.571
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:09.438
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:08.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:07.595
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:06.628
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:05.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:46:04.880
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-02 12:43:28.072
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:31.512
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-05-01 17:05:30.514
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 68%
Total physical RAM: 2941.83 MB
Available physical RAM: 921.61 MB
Total Pagefile: 5954.32 MB
Available Pagefile: 3608.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.07 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:286.43 GB) (Free:27.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.66 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:227.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=286.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EB3631AB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-04-2015 01
Ran by Gary at 2015-05-03 11:23:21 Run:1
Running from C:\Users\Gary\Desktop
Loaded Profiles: Gary (Available profiles: Gary & UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL =
SearchScopes: HKU\S-1-5-21-2060793998-228504606-3227568861-1000 -> {E97A97C3-CBB5-40E7-A974-C7A64B1AB365} URL =
CHR Extension: (No Name) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2015-05-01]
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - No Path Or update_url value
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
S3 PcdrNdisuio; system32\DRIVERS\pcdrndisuio.sys [X]
2015-04-03 06:07 - 2015-04-03 06:07 - 0000093 _____ () C:\Users\Gary\AppData\Roaming\ARCompanion.log
2009-08-09 08:40 - 2011-03-12 08:43 - 0000105 _____ () C:\Users\Gary\AppData\Roaming\default.pls
2011-01-02 15:16 - 2011-05-22 14:50 - 0000208 _____ () C:\Users\Gary\AppData\Roaming\default.rss
2011-05-22 14:48 - 2011-05-22 14:48 - 0000000 _____ () C:\Users\Gary\AppData\Roaming\downloads.m3u
2011-11-28 07:18 - 2013-12-29 08:47 - 0000084 _____ () C:\Users\Gary\AppData\Roaming\wklnhst.dat
2009-06-24 16:21 - 2015-03-10 05:34 - 0007620 _____ () C:\Users\Gary\AppData\Local\d3d9caps.dat
2009-07-31 06:36 - 2015-05-02 08:30 - 0052224 _____ () C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-22 08:46 - 2013-11-22 08:46 - 0004096 ____H () C:\Users\Gary\AppData\Local\keyfile3.drm
2010-02-21 07:25 - 2012-01-28 13:40 - 0000000 _____ () C:\Users\Gary\AppData\Local\prvlcl.dat
2009-08-05 06:40 - 2009-08-05 06:41 - 0016291 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.0
2009-08-05 06:40 - 2009-08-05 06:41 - 0018255 _____ () C:\Users\Gary\AppData\Local\tmpSIRIN 2.JPG
2010-03-27 15:19 - 2010-03-27 15:19 - 0003090 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.0
2010-03-27 15:19 - 2010-03-27 15:19 - 0001317 _____ () C:\Users\Gary\AppData\Local\tmpTUDTOO.JPG
2012-03-31 13:19 - 2012-03-31 13:19 - 0004481 _____ () C:\ProgramData\buynow.html
2009-12-17 17:34 - 2009-12-17 17:34 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2012-03-31 11:57 - 2012-03-31 18:13 - 0008321 _____ () C:\ProgramData\ITFW.log
2012-03-31 11:34 - 2012-03-31 11:35 - 0074162 _____ () C:\ProgramData\LibraryToolkit.log
C:\Users\Gary\AppData\Local\temp\dllnt_dump.dll
C:\Users\Gary\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixvbxa.dll
C:\Users\Gary\AppData\Local\temp\Quarantine.exe
C:\Users\Gary\AppData\Local\temp\sqlite3.dll
Task: {3642A99C-D4A5-4E0D-AA01-D118DB54E63E} - System32\Tasks\ASC8_SkipUac_Gary => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
C:\Program Files\IObit
Task: {E3E3E9EC-C218-4A80-829E-E48E1B7E8681} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {FA4B662B-E7CC-46DA-81DE-4A0442D78194} - \Driver Booster SkipUAC (Gary) No Task File <==== ATTENTION

*****************

"HKU\S-1-5-21-2060793998-228504606-3227568861-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}" => Key deleted successfully.
HKCR\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => Key not found.
"HKU\S-1-5-21-2060793998-228504606-3227568861-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E97A97C3-CBB5-40E7-A974-C7A64B1AB365}" => Key deleted successfully.
HKCR\CLSID\{E97A97C3-CBB5-40E7-A974-C7A64B1AB365} => Key not found.
C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk => Moved successfully.
"C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => Key Deleted successfully.
PCD5SRVC{BD6912E3-AC9D80E8-05040000} => Service deleted successfully.
PcdrNdisuio => Service deleted successfully.
C:\Users\Gary\AppData\Roaming\ARCompanion.log => Moved successfully.
C:\Users\Gary\AppData\Roaming\default.pls => Moved successfully.
C:\Users\Gary\AppData\Roaming\default.rss => Moved successfully.
C:\Users\Gary\AppData\Roaming\downloads.m3u => Moved successfully.
C:\Users\Gary\AppData\Roaming\wklnhst.dat => Moved successfully.
C:\Users\Gary\AppData\Local\d3d9caps.dat => Moved successfully.
C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Users\Gary\AppData\Local\keyfile3.drm => Moved successfully.
C:\Users\Gary\AppData\Local\prvlcl.dat => Moved successfully.
C:\Users\Gary\AppData\Local\tmpSIRIN 2.0 => Moved successfully.
C:\Users\Gary\AppData\Local\tmpSIRIN 2.JPG => Moved successfully.
C:\Users\Gary\AppData\Local\tmpTUDTOO.0 => Moved successfully.
C:\Users\Gary\AppData\Local\tmpTUDTOO.JPG => Moved successfully.
C:\ProgramData\buynow.html => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.
C:\ProgramData\ITFW.log => Moved successfully.
C:\ProgramData\LibraryToolkit.log => Moved successfully.
C:\Users\Gary\AppData\Local\temp\dllnt_dump.dll => Moved successfully.
C:\Users\Gary\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixvbxa.dll => Moved successfully.
C:\Users\Gary\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Gary\AppData\Local\temp\sqlite3.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3642A99C-D4A5-4E0D-AA01-D118DB54E63E}" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3642A99C-D4A5-4E0D-AA01-D118DB54E63E}" => Key Deleted successfully.
C:\Windows\System32\Tasks\ASC8_SkipUac_Gary => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_Gary" => Key Deleted successfully.
C:\Program Files\IObit => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3E3E9EC-C218-4A80-829E-E48E1B7E8681}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3E3E9EC-C218-4A80-829E-E48E1B7E8681}" => Key Deleted successfully.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA4B662B-E7CC-46DA-81DE-4A0442D78194}" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA4B662B-E7CC-46DA-81DE-4A0442D78194}" => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Gary)" => Key Deleted successfully.

==== End of Fixlog 11:23:22 ====