Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spyder3Pro
Duplicate Cleaner Free 3.1.4
Adobe Flash Player 14.0.0.179
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 47% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
==================================================================================
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-05 20:19:23
-----------------------------
20:19:23.228 OS Version: Windows x64 6.1.7601 Service Pack 1
20:19:23.228 Number of processors: 8 586 0x2A07
20:19:23.228 ComputerName: T23839 UserName:
20:19:23.664 Initialize success
20:19:23.664 VM: initialized successfully
20:19:23.680 VM: Intel CPU supported
20:19:31.887 VM: supported disk I/O iaStor.sys
20:19:35.335 AVAST engine defs: 14090502
20:19:53.431 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:19:53.431 Disk 0 Vendor: Hitachi_ JF4O Size: 715404MB BusType: 8
20:19:53.431 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:19:53.447 Disk 1 Vendor: SAMSUNG_ CXM1 Size: 122104MB BusType: 8
20:19:53.447 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2
20:19:53.462 Disk 2 Vendor: ST1000LM SM11 Size: 953869MB BusType: 8
20:19:53.462 VM: Disk 1 MBR read successfully
20:19:53.462 Disk 1 MBR scan
20:19:53.478 Disk 1 Windows VISTA default MBR code
20:19:53.478 Disk 1 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
20:19:53.478 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 752 MB offset 81920
20:19:53.556 Disk 1 default boot code
20:19:53.571 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 121308 MB offset 1622016
20:19:53.618 Disk 1 scanning C:\Windows\system32\drivers
20:19:56.473 Service scanning
20:20:02.089 Modules scanning
20:20:02.105 Disk 1 trace - called modules:
20:20:02.105 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll
20:20:02.120 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800eb70790]
20:20:02.120 3 CLASSPNP.SYS[fffff880015cd43f] -> nt!IofCallDriver -> [0xfffffa800ea80900]
20:20:02.120 5 stdcfltn.sys[fffff8800164ad12] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800cc8a050]
20:20:02.541 AVAST engine scan C:\Windows
20:20:03.243 AVAST engine scan C:\Windows\system32
20:20:44.287 AVAST engine scan C:\Windows\system32\drivers
20:20:48.561 AVAST engine scan C:\Users\
20:21:12.570 AVAST engine scan C:\ProgramData
20:21:25.980 Scan finished successfully
20:23:44.283 Disk 1 MBR has been saved successfully to "C:\Users\\Desktop\AV help\MBR.dat"
20:23:44.283 The log file has been saved successfully to "C:\Users\\Desktop\AV help\aswMBR.txt"
===============================================================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by georgbarth (administrator) on T23839 on 05-09-2014 20:31:43
Running from C:\Users\georgbarth\Desktop\AV help
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Adobe Systems Inc.) D:\Adobe Programs\Acrobat 10.0\Acrobat\acrotray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [381296 2011-12-08] (Wave Systems Corp.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2013-03-13] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-06] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-15] (Dell Inc.)
HKLM\...\Run: [DFEPApplication] => c:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077272 2011-08-24] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112408 2012-01-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Adobe Programs\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Adobe Programs\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-3316287548-3560443074-3055436224-1000\...\Run: [AdobeBridge] => [X]
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\georgbarth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vs180/Citrix/...auth/login.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} http://192.168.15.124/activex/AMC.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default
FF Homepage: hxxp://www.weather.com/weather/today/Chester+NY+10918?lswe=10918&lwsa=WeatherLocalUndeclared
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 3333
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeExManDetect -> D:\Adobe Programs\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> D:\Adobe Programs\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\Adobe Programs\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: Xmarks - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\foxmarks@kei.com [2014-07-17]
FF Extension: LastPass - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\support@lastpass.com [2014-04-11]
FF Extension: Proxy Selector - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\proxyselector@mozilla.org.xpi [2012-08-14]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2012-08-14]
FF Extension: Gmail Manager - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2013-04-15]
FF Extension: NoScript - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-08-14]
FF Extension: Adblock Plus - C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Adobe Programs\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - D:\Adobe Programs\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-04-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-21]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR RestoreOnStartup: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-22]
CHR Extension: (YouTube) - C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-22]
CHR Extension: (Google Search) - C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-22]
CHR Extension: (avast! WebRep) - C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-12-22]
CHR Extension: (Gmail) - C:\Users\georgbarth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2279320 2011-08-24] (Dell Inc.)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [137552 2013-04-08] (Portrait Displays, Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [218504 2012-01-17] ()
S4 HarlequinLicenceServer; C:\Program Files\Common Files\Global Graphics Software\Harlequin License Server\bin\hqn_lsd.exe [494656 2011-07-19] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1679872 2012-01-05] (Wave Systems Corp.) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-15] (Dell Inc.) [File not signed]
S3 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [198144 2012-01-16] (Wave Systems Corp.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-17] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider)
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-19] (Dell Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2010-03-30] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S3 SbieDrv; \??\D:\program files\SbieDrv.sys [X]
U3 aswMBR; \??\C:\Users\GEORGB~1\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-05 20:31 - 2014-09-05 20:31 - 00000000 ____D () C:\FRST
2014-09-05 20:09 - 2014-09-05 20:09 - 05185536 _____ (AVAST Software) C:\Users\georgbarth\Downloads\aswMBR.exe
2014-09-05 20:09 - 2014-09-05 20:09 - 05185536 _____ (AVAST Software) C:\Users\georgbarth\Downloads\aswMBR(1).exe
2014-09-05 20:09 - 2014-09-05 20:09 - 02104832 _____ (Farbar) C:\Users\georgbarth\Downloads\FRST64.exe
2014-09-05 20:08 - 2014-09-05 20:08 - 00854417 _____ () C:\Users\georgbarth\Downloads\SecurityCheck.exe
2014-09-05 20:01 - 2014-09-05 20:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2014-09-03 22:51 - 2014-09-03 23:01 - 00000000 ____D () C:\AdwCleaner
2014-09-03 22:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 22:50 - 2014-09-03 22:50 - 01370467 _____ () C:\Users\georgbarth\Downloads\adwcleaner_3.309.exe
2014-09-03 22:33 - 2014-09-05 20:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 22:32 - 2014-09-03 22:32 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 22:32 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 22:32 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 22:32 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 22:31 - 2014-09-03 22:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\georgbarth\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:43 - 2014-09-03 21:43 - 01925401 _____ () C:\Users\georgbarth\Desktop\T23839-Wed_09_03_2014_213910_86.zip
2014-09-03 21:39 - 2014-09-03 21:43 - 00000000 ____D () C:\Users\georgbarth\Desktop\SFdebugFiles
2014-09-03 21:39 - 2014-09-03 21:39 - 00314008 _____ () C:\Users\georgbarth\Downloads\dm log collector.exe
2014-09-03 21:01 - 2014-09-05 20:31 - 00000000 ____D () C:\Users\georgbarth\Desktop\AV help
2014-08-29 21:19 - 2014-08-29 21:20 - 16410120 _____ (Portrait Displays, Inc.) C:\Users\georgbarth\Downloads\Dell_PremierColor_Setup.exe
2014-08-29 21:02 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-29 21:02 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-29 21:02 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-29 21:02 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-29 21:02 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-29 21:02 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-29 21:02 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-29 21:02 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-29 21:02 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-29 21:02 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-29 21:02 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 21:02 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 21:02 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 21:02 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-27 19:32 - 2014-08-27 19:32 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
2014-08-27 19:31 - 2014-08-27 19:38 - 976158128 _____ (Adobe Systems Incorporated) C:\Users\georgbarth\Downloads\Lightroom_5_LS11_win_5_6.exe
2014-08-27 19:23 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:23 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 19:23 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 19:20 - 2014-08-27 19:20 - 00003056 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00003044 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00003042 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____D () C:\Program Files\Microsoft Device Center
2014-08-22 22:00 - 2014-09-05 20:23 - 00000000 ____D () C:\Users\georgbarth\AppData\Local\Adobe
2014-08-22 21:45 - 2014-08-22 21:45 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-22 21:45 - 2014-08-22 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 21:34 - 2014-08-17 21:34 - 00000000 ____D () C:\Users\georgbarth\AppData\Roaming\Nik Software
2014-08-16 12:42 - 2014-08-16 12:42 - 01664341 _____ () C:\Users\georgbarth\Downloads\magiclantern-Nightly.2014Aug08.6D113.zip
2014-08-15 22:16 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 22:16 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 22:16 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 22:16 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 22:16 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 22:16 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 22:16 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 22:16 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 22:05 - 2014-08-15 22:06 - 10286007 _____ () C:\Users\georgbarth\Downloads\book896_pdf.zip
2014-08-15 20:29 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 20:29 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 20:29 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 20:29 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 20:29 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 20:29 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 20:29 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 20:29 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 20:29 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 20:29 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 20:29 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 20:29 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 20:29 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 20:29 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 20:29 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 20:29 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 20:29 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 20:29 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 20:29 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 20:29 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 20:29 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 20:29 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 20:29 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 20:29 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 20:29 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 20:29 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 20:29 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 20:29 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 20:29 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 20:29 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 20:29 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 20:29 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 20:29 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 20:29 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 20:29 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 20:29 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 20:29 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 20:29 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 20:29 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 20:29 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 20:29 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 20:29 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 20:29 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 20:29 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 20:29 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 20:29 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 20:29 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 20:29 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 20:29 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 20:29 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 20:29 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 20:29 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 20:29 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 20:29 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 20:29 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 20:29 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 20:29 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 20:29 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 20:29 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 20:29 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 20:29 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 20:29 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 20:29 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 20:29 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 20:29 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 20:29 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 20:29 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 20:29 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 20:27 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 20:27 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:01 - 2014-08-09 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-09 19:59 - 2014-08-09 19:59 - 24743106 _____ () C:\Users\georgbarth\Downloads\vlc-2.1.5-win32.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-05 20:31 - 2014-09-05 20:31 - 00000000 ____D () C:\FRST
2014-09-05 20:31 - 2014-09-03 21:01 - 00000000 ____D () C:\Users\georgbarth\Desktop\AV help
2014-09-05 20:27 - 2012-08-01 06:29 - 01391523 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 20:23 - 2014-08-22 22:00 - 00000000 ____D () C:\Users\georgbarth\AppData\Local\Adobe
2014-09-05 20:09 - 2014-09-05 20:09 - 05185536 _____ (AVAST Software) C:\Users\georgbarth\Downloads\aswMBR.exe
2014-09-05 20:09 - 2014-09-05 20:09 - 05185536 _____ (AVAST Software) C:\Users\georgbarth\Downloads\aswMBR(1).exe
2014-09-05 20:09 - 2014-09-05 20:09 - 02104832 _____ (Farbar) C:\Users\georgbarth\Downloads\FRST64.exe
2014-09-05 20:08 - 2014-09-05 20:08 - 00854417 _____ () C:\Users\georgbarth\Downloads\SecurityCheck.exe
2014-09-05 20:08 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 20:08 - 2009-07-14 00:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 20:06 - 2014-09-03 22:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 20:05 - 2014-04-09 21:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-05 20:05 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-05 20:01 - 2014-09-05 20:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2014-09-05 20:01 - 2014-05-22 20:59 - 00005540 _____ () C:\Windows\setupact.log
2014-09-05 20:01 - 2012-08-01 08:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-05 20:01 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 17:37 - 2012-08-01 07:03 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-04 17:36 - 2013-12-07 20:57 - 00000000 ____D () C:\Windows\pss
2014-09-03 23:02 - 2014-05-22 20:59 - 00195434 _____ () C:\Windows\PFRO.log
2014-09-03 23:01 - 2014-09-03 22:51 - 00000000 ____D () C:\AdwCleaner
2014-09-03 22:50 - 2014-09-03 22:50 - 01370467 _____ () C:\Users\georgbarth\Downloads\adwcleaner_3.309.exe
2014-09-03 22:32 - 2014-09-03 22:32 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 22:32 - 2014-09-03 22:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 22:31 - 2014-09-03 22:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\georgbarth\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:43 - 2014-09-03 21:43 - 01925401 _____ () C:\Users\georgbarth\Desktop\T23839-Wed_09_03_2014_213910_86.zip
2014-09-03 21:43 - 2014-09-03 21:39 - 00000000 ____D () C:\Users\georgbarth\Desktop\SFdebugFiles
2014-09-03 21:39 - 2014-09-03 21:39 - 00314008 _____ () C:\Users\georgbarth\Downloads\dm log collector.exe
2014-08-31 21:39 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-29 21:20 - 2014-08-29 21:19 - 16410120 _____ (Portrait Displays, Inc.) C:\Users\georgbarth\Downloads\Dell_PremierColor_Setup.exe
2014-08-29 20:57 - 2009-07-14 00:45 - 05129720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 19:38 - 2014-08-27 19:31 - 976158128 _____ (Adobe Systems Incorporated) C:\Users\georgbarth\Downloads\Lightroom_5_LS11_win_5_6.exe
2014-08-27 19:32 - 2014-08-27 19:32 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
2014-08-27 19:32 - 2012-08-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-27 19:20 - 2014-08-27 19:20 - 00003056 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00003044 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00003042 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-08-27 19:20 - 2014-08-27 19:20 - 00000000 ____D () C:\Program Files\Microsoft Device Center
2014-08-27 19:20 - 2012-08-14 11:24 - 00076328 _____ () C:\Users\georgbarth\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-22 22:07 - 2014-08-27 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-27 19:23 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 21:45 - 2014-08-22 21:45 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-22 21:45 - 2014-08-22 21:45 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-22 21:45 - 2014-08-22 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 21:15 - 2014-04-09 21:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-22 21:15 - 2012-08-01 06:30 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-22 21:15 - 2012-08-01 06:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-22 20:59 - 2014-08-27 19:23 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 20:44 - 2014-01-04 23:41 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-22 20:44 - 2014-01-04 23:41 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-22 20:44 - 2014-01-04 23:41 - 00001680 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-08-22 20:44 - 2014-01-04 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-17 21:34 - 2014-08-17 21:34 - 00000000 ____D () C:\Users\georgbarth\AppData\Roaming\Nik Software
2014-08-16 12:42 - 2014-08-16 12:42 - 01664341 _____ () C:\Users\georgbarth\Downloads\magiclantern-Nightly.2014Aug08.6D113.zip
2014-08-16 12:17 - 2012-08-20 18:53 - 00000000 ___RD () C:\Users\georgbarth\Podcasts
2014-08-16 12:17 - 2012-08-14 11:24 - 00000000 ___RD () C:\Users\georgbarth\Virtual Machines
2014-08-16 12:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 22:19 - 2013-09-13 23:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 22:17 - 2012-08-18 23:15 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 22:06 - 2014-08-15 22:05 - 10286007 _____ () C:\Users\georgbarth\Downloads\book896_pdf.zip
2014-08-10 20:35 - 2013-12-07 21:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-10 20:32 - 2012-08-14 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-09 21:47 - 2012-08-15 18:23 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-09 21:40 - 2014-06-24 20:50 - 00002037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.5 64-bit.lnk
2014-08-09 21:40 - 2014-06-24 20:50 - 00002017 _____ () C:\Users\Public\Desktop\Lightroom 5.5 64-bit.lnk
2014-08-09 20:02 - 2014-08-09 20:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-09 20:02 - 2012-10-27 13:40 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 19:59 - 2014-08-09 19:59 - 24743106 _____ () C:\Users\georgbarth\Downloads\vlc-2.1.5-win32.exe
Some content of TEMP:
====================
C:\Users\georgbarth\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.
LastRegBack: 2014-08-31 21:32
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by georgbarth at 2014-09-05 20:32:02
Running from C:\Users\georgbarth\Desktop\AV help
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.33 - STMicroelectronics)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
Adobe Support Advisor (HKLM-x32\...\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.6.1.20120504 - Adobe Systems Incorporated)
Adobe Support Advisor (x32 Version: 1.6.1 - Adobe Systems Incorporated) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
Any Video Converter 3.4.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version: - )
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bitvise SSH Client 4.50 (remove only) (HKLM-x32\...\BvSshClient) (Version: - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Authentication Manager (x32 Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.2 - Nik Software, Inc.)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CuteFTP 8 Professional (HKLM-x32\...\{91F34319-08DE-457a-99C0-0BCDFAC145B9}) (Version: 8.3.4 - GlobalSCAPE)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5127 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.5127 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 7 - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.2 - Illustrate)
Dell ControlVault Host Components Installer 64 bit (Version: 2.2.117.284 - Broadcom Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.2.00001.001 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.1.000 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.124 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.01.00.104 - Wave Systems Corp.) Hidden
Dfine 2.0 (HKLM-x32\...\Dfine 2.0) (Version: 2.1.1.0 - Nik Software, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version: - )
Duplicate Cleaner Free 3.1.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.1.4 - DigitalVolcano Software Ltd) <==== ATTENTION
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.13 - Dell Inc.)
EMBASSY Client Core (Version: 01.01.00.036 - Wave Systems Corp.) Hidden
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
HDR Efex Pro 2 (HKLM-x32\...\HDR Efex Pro 2) (Version: 2.0.0.2 - Nik Software, Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel® Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Dell)
Intel® Network Connections 16.5.2.0 (Version: 16.5.2.0 - Dell) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MaxIm DL V5 (HKLM-x32\...\InstallShield_{6DEB1F02-B0E2-46F0-A21A-2AC2A8A346DA}) (Version: 5.24 - Diffraction Limited)
MaxIm DL V5 (HKLM-x32\...\InstallShield_{A3474A79-B574-417A-A31A-B2651C2BBA8E}) (Version: 5.08 - Diffraction Limited)
MaxIm DL V5 (x32 Version: 5.08 - Diffraction Limited) Hidden
MaxIm DL V5 (x32 Version: 5.24 - Diffraction Limited) Hidden
MediaInfo 0.7.60 (HKLM\...\MediaInfo) (Version: 0.7.60 - MediaArea.net)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (HKLM-x32\...\{082BDF7B-4810-4599-BF0D-E3AC44EC8524}) (Version: 1.0.61025 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTRU TCG Software Stack (Version: 2.1.37 - Security Innovation, Inc.) Hidden
NVIDIA 3D Vision Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.10 - NVIDIA Corporation)
NVIDIA Control Panel 311.10 (Version: 311.10 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.10 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.1362 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1110 - NVIDIA Corporation) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{0CB3B7EE-52C7-4136-AF40-605567D90318}) (Version: 3.0.07.23 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.23 - O2Micro International LTD.) Hidden
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfectly Clear Plugin 1.7.0 (HKLM-x32\...\Perfectly Clear Plugin) (Version: 1.7.0 - Athentech)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.03.00.090 - Wave Systems Corp.) Hidden
PremierColor (HKLM-x32\...\{D5839FEC-E24C-43E2-95AA-7B0AE9840785}) (Version: 1.03.002 - Portrait Displays, Inc.)
Private Information Manager (Version: 07.01.00.030 - Wave Systems Corp.) Hidden
ProductionHouse 10 (HKLM-x32\...\ProductionHouse 10) (Version: - Onyx Graphics)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SDK (x32 Version: 2.31.009 - Portrait Displays, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Sentinel Protection Installer 7.6.5 (HKLM-x32\...\{DE09967A-E9E2-4562-A58D-989CA70FA65E}) (Version: 7.6.5 - SafeNet, Inc.)
Service Installer II (HKLM-x32\...\Service Installer II) (Version: 1.2 - Nalpeiron)
Service Installer II (x32 Version: 1.2 - Nalpeiron) Hidden
Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0) (Version: 3.0.0.4 - Nik Software, Inc.)
Silver Efex Pro 2 (HKLM-x32\...\Silver Efex Pro 2) (Version: 2.0.0.4 - Nik Software, Inc.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6901 - UPEK Inc.) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.0.0.8 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.0.0.8 - Splashtop Inc.) Hidden
Spyder3Pro (HKLM-x32\...\Spyder3Pro) (Version: - )
toolkit32for64bit (x32 Version: 7.67.47.0000 - Wave Systems Corp) Hidden
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.0.0 - Topaz Labs, LLC)
Trusted Drive Manager (Version: 4.5.0.136 - Wave Systems Corp.) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Viveza 2 (HKLM-x32\...\Viveza 2) (Version: 2.0.0.7 - Nik Software, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wave Crypto Runtime 2.0.7.0 x86 (x32 Version: 02.00.07.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.67.60.0020 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.051 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3316287548-3560443074-3055436224-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\georgbarth\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
03-08-2014 17:28:07 Scheduled Checkpoint
05-08-2014 23:57:46 Windows Update
09-08-2014 23:59:09 Windows Update
16-08-2014 00:25:39 Windows Update
16-08-2014 02:16:02 Windows Update
23-08-2014 00:42:13 Windows Update
27-08-2014 23:20:09 DCInstallRestorePoint
27-08-2014 23:23:02 Windows Update
28-08-2014 01:59:12 Windows Update
30-08-2014 01:02:07 Windows Update
30-08-2014 01:29:25 Configured PremierColor
30-08-2014 01:29:34 Configured PremierColor
04-09-2014 00:32:25 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2012-08-15 21:17 - 00002723 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net 209-34-83-73.ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com
127.0.0.1 wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 activate.adobe.c
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05202309-A1E7-432E-B230-E1E9EB22CE2F} - System32\Tasks\{AE3A15EC-ABA3-4F65-AE03-ED0E01EFC46F} => D:\program files\nik software\HDR Efex Pro 2\HDR Efex Pro 2 (64-Bit)\HDR Efex Pro 2.exe
Task: {1DF16E01-5604-42BB-8764-4669180481F5} - System32\Tasks\{CB769652-1641-4400-AEF0-D49EBAFADB6E} => C:\Program Files\HDR Efex Pro 2\HDR Efex Pro 2 (64-Bit)\HDR Efex Pro 2.exe
Task: {2EF80A51-B67F-46CC-B7F5-D6D4EA6B3EFF} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {30C27E91-FCFF-4133-B97F-9858BAC3B327} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17] (AVAST Software)
Task: {43293E4A-9078-4212-95A3-1BE7C6CB9D84} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {72DDD8C5-356A-4F50-91A8-B7396D8C0DED} - System32\Tasks\{D2FBE3A5-1CAA-4202-BFC6-B16CFE1F0D3C} => D:\program files\nik software\HDR Efex Pro 2\HDR Efex Pro 2 (64-Bit)\HDR Efex Pro 2.exe
Task: {7C790876-70C2-4668-A7C5-CE24A3DDED14} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {A010F62F-93EF-403A-9E58-D19702650272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {A0399652-C043-440E-8B64-8A04E889193C} - System32\Tasks\AdobeAAMUpdater-1.0-T23839-georgbarth => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {A37E8799-90B0-4C06-A63C-56A77B7D084C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-22] (Adobe Systems Incorporated)
Task: {A47AC486-FEB7-4FA0-BE83-7A3E44C24EDF} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {BF329FE3-78DB-4EB1-BD5E-C17995ECBFBA} - System32\Tasks\{CF3D64FB-D87D-41E1-898D-E766F49FB636} => D:\program files\nik software\HDR Efex Pro 2\HDR Efex Pro 2 (64-Bit)\HDR Efex Pro 2.exe
Task: {DF051C6B-518A-40FC-B7B1-E12522C89442} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E23C4529-3C9D-4FB6-B976-C85B2B6B8F2C} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe
Task: {E4D61ABA-F766-40F7-9D12-C7EA30AF15A7} - System32\Tasks\{62C7EF16-AE3F-48DF-919C-672B49DB5FF5} => D:\program files\nik software\HDR Efex Pro 2\Uninstall HDR Efex Pro 2.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-04-16 22:37 - 2013-01-24 18:57 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-01-10 08:49 - 2011-01-10 08:49 - 00014848 _____ () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
2012-01-17 08:45 - 2012-01-17 08:45 - 00218504 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-01-17 08:45 - 2012-01-17 08:45 - 00038792 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2011-10-08 23:56 - 2011-10-08 23:56 - 00003072 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
2011-11-07 08:55 - 2011-11-07 08:55 - 00094720 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2006-12-08 16:42 - 2012-08-01 06:50 - 00155136 _____ () C:\Windows\system32\BioAPI100.dll
2006-12-08 16:41 - 2012-08-01 06:50 - 00239104 _____ () C:\Windows\system32\BIOAPI_MDS300.dll
2012-08-01 06:43 - 2003-04-18 22:06 - 00008192 _____ () c:\Windows\SysWOW64\srvany.exe
2012-08-01 06:46 - 2011-07-25 10:43 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2012-08-01 08:24 - 2013-03-13 02:12 - 00380776 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 07667970 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe
2010-11-17 11:35 - 2010-11-17 11:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2014-07-17 22:07 - 2014-07-17 22:07 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-04 12:40 - 2014-09-04 12:40 - 02844672 _____ () C:\Program Files\AVAST Software\Avast\defs\14090401\algo.dll
2014-09-05 20:02 - 2014-09-05 20:02 - 02845184 _____ () C:\Program Files\AVAST Software\Avast\defs\14090502\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00139264 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Appearance Pak.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00147456 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RegEx.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00868352 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\RBScript.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00098304 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\Shell.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00762368 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\XML.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00266240 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CGamma.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00065536 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\CSensor.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00028672 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll
2010-07-26 23:17 - 2010-07-07 17:00 - 00025600 _____ () C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll
2010-11-24 23:44 - 2010-11-24 23:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-08-16 12:36 - 2014-08-16 12:36 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\97d6b17ed342f72bdf559a51f37ca929\IsdiInterop.ni.dll
2012-08-01 06:43 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-08-09 20:01 - 2014-08-09 20:02 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-09 21:23 - 2014-04-09 21:23 - 01020928 _____ () C:\Users\georgbarth\AppData\Roaming\Mozilla\Firefox\Profiles\dpsw36se.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Program Files\Common Files\System:DgABEuTE9i8HCTTAe3PlsxJ2
AlternateDataStreams: C:\ProgramData\Microsoft:hK9gSCzjwqhOcjyCrbDRp0sy
AlternateDataStreams: C:\ProgramData\Microsoft:HXTTvu5EmCTTx9s2zxoyQbTz
AlternateDataStreams: C:\ProgramData\Microsoft:wbRk67hSO65YFAvPYZcI
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\Users\georgbarth\Cookies:YnUIw2h1dK43QArTqOhmlqTsgePC
AlternateDataStreams: C:\Users\georgbarth\AppData\Local\Temp:DiHDDEpBNdYyzCFN50keOnZ
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: PdiService => 2
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: DT DEL => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -DEL
==================== Faulty Device Manager Devices =============
Name: Dell Wireless 375 Bluetooth Module
Description: Dell Wireless 375 Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/05/2014 08:01:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 05:37:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:41:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 07:06:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: msgHook64.dll, version: 1.0.0.1, time stamp: 0x51633f3f
Exception code: 0xc0000005
Fault offset: 0x0000000000002a1f
Faulting process id: 0x1fc0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (09/04/2014 07:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SmartSettings.exe, version: 2.1.0.551, time stamp: 0x4e55679e
Faulting module name: msgHook64.dll, version: 1.0.0.1, time stamp: 0x51633f3f
Exception code: 0xc0000005
Fault offset: 0x0000000000002a1f
Faulting process id: 0x1408
Faulting application start time: 0xSmartSettings.exe0
Faulting application path: SmartSettings.exe1
Faulting module path: SmartSettings.exe2
Report Id: SmartSettings.exe3
Error: (09/04/2014 07:03:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SmartSettings.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000000001AAA2A1F
Error: (09/04/2014 06:52:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lightroom.exe, version: 5.5.0.10, time stamp: 0x5391f1ae
Faulting module name: msgHook64.dll, version: 1.0.0.1, time stamp: 0x51633f3f
Exception code: 0xc0000005
Fault offset: 0x0000000000002a1f
Faulting process id: 0xcf4
Faulting application start time: 0xlightroom.exe0
Faulting application path: lightroom.exe1
Faulting module path: lightroom.exe2
Report Id: lightroom.exe3
Error: (09/04/2014 06:50:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:12:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/05/2014 08:01:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (09/05/2014 08:01:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0
Error: (09/05/2014 08:01:04 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{ca558c3c-dbd3-11e1-81c3-806e6f6e6963} cannot be read.
Error: (09/04/2014 09:38:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR5.
Error: (09/04/2014 09:38:07 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR5.
Error: (09/04/2014 05:37:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (09/04/2014 05:37:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0
Error: (09/04/2014 05:37:13 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{ca558c3c-dbd3-11e1-81c3-806e6f6e6963} cannot be read.
Error: (09/04/2014 00:40:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (09/04/2014 00:40:09 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{ca558c3c-dbd3-11e1-81c3-806e6f6e6963} cannot be read.
Microsoft Office Sessions:
=========================
Error: (09/05/2014 08:01:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 05:37:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:41:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 07:06:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4msgHook64.dll1.0.0.151633f3fc00000050000000000002a1f1fc001cfc8301b0ae466C:\Windows\explorer.exeC:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll87a06d8d-3423-11e4-a248-d067e5541095
Error: (09/04/2014 07:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SmartSettings.exe2.1.0.5514e55679emsgHook64.dll1.0.0.151633f3fc00000050000000000002a1f140801cfc82e348fb3d4C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exeC:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll2bd535ec-3423-11e4-a248-d067e5541095
Error: (09/04/2014 07:03:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SmartSettings.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000000001AAA2A1F
Error: (09/04/2014 06:52:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: lightroom.exe5.5.0.105391f1aemsgHook64.dll1.0.0.151633f3fc00000050000000000002a1fcf401cfc82e4f2d1972C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.5\lightroom.exeC:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll91529a36-3421-11e4-a248-d067e5541095
Error: (09/04/2014 06:50:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:12:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-05-19 21:00:51.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-19 14:45:23.643
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-19 14:41:10.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-19 14:21:04.466
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-19 10:08:42.248
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-19 08:47:01.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-16 15:56:19.159
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-15 20:41:23.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-15 14:31:41.655
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
Date: 2014-05-14 21:31:26.308
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™ i7-2860QM CPU @ 2.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16340.9 MB
Available physical RAM: 13156.63 MB
Total Pagefile: 17339.08 MB
Available Pagefile: 13979.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:118.46 GB) (Free:34.55 GB) NTFS
Drive d: (Internal) (Fixed) (Total:698.63 GB) (Free:475.36 GB) NTFS
Drive e: (Optical Bay) (Fixed) (Total:931.5 GB) (Free:61.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: EFD54F47)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: EFD54F69)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 0CE1C9C2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)
==================== End Of Log ============================
Edited by foxtrot01, 05 September 2014 - 06:38 PM.
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
